Bitcoin Forum

Here is an excerpt from my fully completed white paper for my revolutionary anonymity invention.

I am proposing to release this white paper either publicly or for exclusive implementation in Monero or other coin, which ever the community prefers; and forsake my former plans to implement it first in my Ion project (https://bitcointalk.org/index.php?topic=1174653.0). The benefit is to get this anonymity breakthrough implemented sooner for those of us in the community who desire such a feature.

Other potential benefits include enabling me to demonstrate an example of my technical capabilities, demonstrate that I am for sharing/open source, and to rebuild to my entirely depleted savings so I could for example seek proper health care for my strange autoimmune-like chronic illness which includes relapsing chronic fatigue syndrome, peripheral neuropathy, gut pain, and strange head pain/sensations which potentially implicate Multiple Sclerosis (3+ years suffering). Also it would enable me to refund my Ion project angel investors, in case due to my health I am unable to complete Ion. Note I can still code features because I am not ill every moment, but the concern is whether I have enough good hours to complete and manage an entire crypto project. I may have found a breakthrough on my health to be explained soon, but I am hedging my opportunities just in case.

Forsaking the "first mover" advantage of implementing it first in Ion, I lose the strategy by which I intended to capture compensation for the following work I already completed. Thus I need to compensated via some other means, and a donation model has been suggested to me. I am interested to test a "Kickstarter" style funding threshold which is discussed below.


I also excerpt the section names below, without revealing all the text and math which embodies the epiphany of the invention.


Please read the prior discussion (https://bitcointalk.org/index.php?topic=1174653.msg12698054#msg12698054) about the above anonymity feature, including my recent peer review that identified/revealed the flaw (https://bitcointalk.org/index.php?topic=1174653.msg12699014#msg12699014) in an attempt to create the same invention by someone who may be affiliated with Monero.

I have estimated that the work done would cost $112,000 at my highest-level of opportunity cost achieved in my career:


But there is no way I would set a crowdfunded donations threshold that high, because I doubt it could be reached (because it isn't a comparative equity offering (https://docs.google.com/document/d/1XkffsLaSSJrokTOgHZ2WTtyu70T2oXTHRjroltTsj-M/edit?pli=1)) and even though it might be my opportunity cost from 2001 when I was at the top of my career, it isn't my recent opportunity cost. I am in strange situation because on the one hand if I finish a project like Ion, I could potentially earn more per hour (inflation-adjusted) than I did in 2001 but the risk of not completing such a project or the project not being successful for what ever reason is significant (how many altcoins have succeed versus how many have died even if considering what talent I bring to bear).


Above I am referring to the work I already did, not any additional work to implement the anonymity design in a coin.

I am not against being paid to help implement this anonymity design, but I think it should be a separate funding because for one reason we don't know yet which coin wants to implement this anonymity design. As I said I will let the community decide if the crowdfunded donations will be for releasing the above design publicly or privately to one coin (such as Monero) for them to get a jumpstart on implementation before they announce and release publicly. I believe the best for the community is have the white paper released publicly so not only can it be peer reviewed by any one (not just a chosen few) and so that coins can compete to implement it first so we get this feature implemented asap. If there is another coin that wants to try to raise donations and have this design be exclusively for this coin, then make a serious post in this thread how you plan to achieve that.

So I propose to set a  minimum crowdfunding, donation threshold of $21,000 to release my white paper publicly. The terms I propose is that if the threshold is not reached (and I don't opt to accept the lower threshold reached) or if the white paper is broken such that it can't do what is claimed in the above excerpted Abstract and I can't fix it, then the donations are returned.

I'd really like to receive about $75,000 total for the work already done plus assisting on implementation. If I am not mistaken, the guy who was selected to optimize Monero's mining algorithm pocketed an alleged $150,000 worth of coins before releasing the optimization generally. I would be quite pleased (and motivated to work in crypto on the donations funding model) if the total donations for the work already done would exceed the threshold and reach roughly $35,000. Yet I propose to set the minimum threshold to $21,000 and we can see if donations exceed it. I am not even sure if we can reach the $21,000 level for this work I did?

Note the extra $1000 over $20,000 is to cover the 4 BTC we donated to Denis Lukianov after I completed my invention.

There appear to be different ways to collect the donations for a crowdfunded campaign. Kickstarter takes only fiat and about 8% fees total, but you get exposure to a wider audience of donators. Monero has some methodology (https://forum.getmonero.org/7/open-tasks/2379/forum-funding-system-ffs-sticky) for funding improvements but the entire process isn't described in full detail and do we want to make this exclusively for Monero? I didn't find any good crypto crowdfunding platforms. Mike Hearn's Lighthouse (https://www.vinumeris.com/lighthouse) has some severe restrictions such as only 684 donators max and the exact donation amount has to be reached (can't be lower or higher). And Swarm seems to be socialist (https://www.swarm.co/).

Thus the alternative to Kickstarter appears to be having all donations go to a Bitcoin address controlled by a trusted escrow person (or persons with multi-sig). The escrow would enforce the terms I have proposed. I would nominate smooth but I have not checked with him if he is willing to do this. I would propose to offer him 1% fee for his time and effort, unless he decides to implement this in Aeon in which case he should donate his fee to the implementer or to Denis Lukianov the author of the CCT white paper from which I gained much inspiration (and some discussion) to make this invention (but the invention came only from me). He could counter-propose if he is interested and thinks my proposed terms are not suitable. I would also like to hear from the community who they would nominate to do the escrow, and your general thoughts on how best to proceed.

I also hope that any coin that successfully implements this new anonymity invention, also makes some token donation to Denis Lukianov. My angel investors already donated 4 BTC to him thus far. We would probably donate more to him if ever Ion was successfully launched with this anonymity feature.

We could perhaps have both Kickstarter and Bitcoin escrow and sum the two to reach the threshold, but I don't know how we can integrate that with Kickstarter's policies so probably this is not possible.

We could perhaps have two donation addresses, one for those who want public release and another for those who want private release to Monero's chosen few reviewers. You could donate even to both and receive a refund for the losing option.

Note I also invented an improvement to the CCT algorithm (CCT is an alternative to Blockstream's CT) as noted in the excerpted quote from the white paper, but in the unlikely event this improvement is incorrect, my anonymity invention can still be used with the original CCT algorithm, so it would still satisfy the claims of the Abstract. It appears that my anonymity invention can also be alternatively integrated with Blockstream's CT instead of CCT, but that is not required to meet the claims of the Abstract.

What about if I cured your illness? Would you be willing to release your whitepaper for free?

Comrade, may I ask why you propose for me to not receive donations and thus not pay you for helping to cure me?

Do you think it helps incentivize crypto development if the crypto market is unable to pay for fair value?

Who is to say that "fair value" isn't a trade of a cure for a whitepaper?

Nothing wrong with that if both parties are happy with the deal.

I haven't voted yet.

I have a marginal interest in the whitepaper, but to tell the truth I'm kinda more fascinated by your illness.

First of all, it isn't fungible so it doesn't as an example of market-based compensation to incentivize other developers who are not ill. Kickstarter has a large economy-of-scale, because it is fungible (for both donators and creators). Remember one of your greatest arguments for the benefit of Monero's anonymity has been fungibility (against blacklisting, whitelisting, redlisting, etc) is a requirement for money.

Secondly, he could rather assign the value of his donation and we could agree on the value and I could continue to receive donations from others since not only did state I had numerous goals not just funding the potential diagnosis of my illness but also there is no non-Communist reason to limit the market expression of fair value. In short, he attempted to monopolize the market function and apply Communism. He tried to determine that everyone else should get it for free and unable to donate. His proposal bound everyone else, not just himself and myself.

I am for free markets. How about your smooth? You for Communism or free markets?


Thank you. I will have a post about new insight into my illness later. I'll probably link to it from here and/or the Ion project thread.

---

Edit: I had always felt donations was sort of Communistic, but at least only those who had a vested interested would donate, so I am not surprised that the votes are reflecting a private advantage for Monero to implement it first. I always felt "first mover" advantage is the only way to really extract the true value from the work in crypto.

If you two agree, that's a free market. If one of you does not, then the deal doesn't happen (still a free market). There was nothing wrong with him offering it.

That's not really what I was advocating. I was talking about a private deal. Your health, in return for the whitepaper.

Your use of the term "release" make this seem more unbelievable as that term is synonymous with public release in every normal use of English I have seen in this context. But okay thanks for the "clarification".

It is not a free market to use political gimicks to try to make someone look like they are not sincere about wanting to cure their illness as a way to cut off the market function that the sincere person is trying to propose. It was basically saying to me "accept communism or show everyone you aren't really sick".

And you are also playing politics I think. Sad.

I am just trying to get something fair done here. Why is it always like pulling teeth to get anything done in crypto without underhanded attacks?

I have no idea what's a gimmick. Maybe you are right. I'm certainly making no attack.

From what I see, someone has something he thinks you might want, and you seem to have something he might want. So there is the potential for a trade.

I fail to see how that wouldn't be more efficient, assuming there is room for a trade there, than a complicated and potentially expensive ordeal involving Kickstarter (who almost certainly takes fees, right?), escrows, etc.

But if it was indeed a gimmick then please disregard.

Are there any specific requirements for a coin's protocol / blockchain etc in order for the feature to be feasibly implemented? Does it need to be a Cryptonote coin, or could it be implemented on DASH (former Darkcoin) for example?

I've talked to Smooth a lot about anonymity telling him it's not useful unless you can fix scaling first.  If you only have enough TPS for a clearing mechanism between banks, on-chain anonymity doesn't do anything when most transactions will be done off-chain anyway.  Since you seem to have the exact same viewpoint, how exactly would this design even help Monero?  Does it at least reduce overhead to Bitcoin level?

My opinion is that collateral bid systems using PoS where the top 100/500/1000 wallet addresses that choose to lock stake and act as deterministic nodes is the easiest way to solve scalability at the moment.  Larimer thinks you can have anonymity in such a system already:


Without achieving the scaling part first, won't this purchase be kind of useless when it will inevitably be overun by some kind of second tier anonymity system latched on top of a deterministic PoS network?

Well the first mode of action I think would be to ask me if he and I could determine the value of what he can offer on my health. I do plan to give him a link to my recent findings. Most certainly I am willing to transfer resources from myself for a cure to my health. It is possible I may have found the vital information, but you know I've said that before, so I am being cautious about opinion of my recent discovery.

Okay I am sorry if you didn't see any potential gimmick and hadn't said yet that I was suspecting one. It could potentially just be a misunderstanding and his quick and not so careful way of phrasing his offer.

That wasn't my intention at all.

I'm quite certain you are sick, and moreover, I think I know what's wrong with you. That was kinda my point. If you've definitely ruled out Lyme disease and haven't taken any cholesterol lowering medication within the past three years, then I think I can help.

In so far as the whitepaper is concerned, yeah, it has the intrigue of Tarantino's glowing suitcase, naturally. I'd concur that I'd do a trade for that. Of the oft times I've been ill over the past 38 years there have been many occasions I would glady sell my soul for the cure. So that was my perspective.

But I don't really see what difference it makes what I do with the whitepaper once traded. Whether I give it away on street corners, or keep it to myself.... who cares?

But like I said, I genuinely am more intrigued about the variables of your illness. I only have a marginal interest in the paper.

To be honest: If it was down to me I would simply join forces with smooth and adapt your technology for use with Aeon. Given current low prices you could get significant returns from your tech without giving away development control. To me that's a sensible solution which I think you'd be happy with.

Fuck it, if you did that I'd help you with your illness for free.

For once I agree with you, if most transactions take place off chain/ledger/whatever then the majority of transactions are "anonymous" as they are not publicly recorded.

Its kind of a catch-22 though I feel, as high anon + scaling to high load is very difficult and I don't think concealing the value of a transaction is going to play nice with scalability.  

I'm betting on decoupling the sender from the receiver being the best workable solution to achieving high anon + high scalability, where the sender is unable to discover where exactly the payment ended up in the ledger nor discover any information about the receivers account (balance, historic transactions).

TPTB no disrespect to the work you are doing, its important nonetheless, just my thoughts.  Its good to see at least something tangible coming out from your end finally :)

I have a query though, in your abstract "...and the payer isn’t revealed to the payee"  Shouldn't the payee know who the payer is?  What if someone sends me a payment without me expecting it, how do I know who its from?  I don't see any real purpose for not revealing the payer to the payee :|

Afaics, the only requirement is to be able to refer to UXTO for the inputs to the rings, so a balances only design wouldn't work.

A huge advantage over Cryptonote rings, is you don't have to use equal denominations, thus you radically simplify wallets and reduce block chain bloat significantly. So this makes it much easier to integrate than Cryptonote because you don't have that complex simultaneity requirement on powers-of-ten UXTO.

I haven't studied Dash/DRK, but I assume it has a UXTO (unspent transactions outputs).

It might not even need to be a hard fork, depending on the block chain format's flexibility, but unlikely.

Hey if Dash wants to pay me more, then I will go to the highest bidder. That is the nature of a free market. I haven't earned an income for many years. I really need it. Even my 2003 model year SUV is starting to fall apart.

---

Edit: I am giving up one of my jewels because I am really in a bad financial situation. Not only health, but I have negative networth right now. I am living off cash my angel investors gave me. I want to create some buffer of savings if possible.

This is also the case for Cryptonote. No one but the payer knows which of the public addresses in the ring challenge was the signer of the transaction.

In theory one can add the feature that the payer can optionally feed his address through the non-interactive Diffie-Hellman exchange of private data in the unlinkability step of Cryptonote:

https://cryptonote.org/whitepaper.pdf#page=6

First of all you revealed no flaw, as the linkability has been addressed in v0.3 in the so called WORK IN PROGRESS. As noted here: https://www.reddit.com/r/Monero/comments/3oi16k/ring_ct_for_monero_a_work_in_progress_comments/cw27qla

Second of all; this stuff has been discussed by gmaxwell, andytoshi and shen + others in june/july on #bitcoin-wizards and other channels and there are logs of it all over the place; so much for your "invention".



Only in your head bro, DGA just commented the cryptostuff later, NoodleDoodle did the optimizations in the daemon.

Maybe, but attacks on anonymity can be quite subtle, with various combinatorial, timing, and sybil type attacks, so I wouldn't be so confident. If you look at unlinkability, untraceability, and amount hiding as three prongs of resistance to blockchain analysis, then he's entirely missing one prong, which makes his argument quite weak. Blockstream has stated likewise about CT not hiding what they call transaction metadata, only content. Stealth is a nice convenience feature, but largely similar to just having good address reuse practices in Bitcoin (which can also be achieved via payment protocols and HD address chains). To do this well, you really need another piece, at least some sort of good coinjoin/coinshuffle type solution, and that is really hard to do well (potentially impossible) given sybil and timing attacks. At least Dash tries, but Larimer dismisses the problem too easily.

So I'd characterize Larimer's argument as largely wishful thinking and/or hype (i.e. this is what I have therefore this is what is needed, the marketers variation of the arguing from the conclusion fallacy).

But that's an entirely different argument from whether strong privacy/anonymity/fungibility (it is very hard to separate any of these from the others) is more important than scalability (or vice versa). I suppose you could also make that argument that without all of these things you don't really have a very strong solution overall and again are engaging in wishful thinking (which was in many ways the premise of TPTB's original Ion "Bitcoin killer" concept, before he neutered it).

Ok, I've only skimmed those papers as they are not relevant to the eMunie ledger design, so kinda pointless to educate on them in depth.

UTXOs will kill your ability to scale though unless you enforce BitShares level machines with endless RAM at high loads...have you considered those kind of loads and how to manage them?

We have anon with dash, why we should donate?

I agree that you can't go after for example decentralized exchanges on chain if you don't have very high TPS. So there are certain markets you can't service without the high TPS solution.

However, the governments are coming after everything with capital controls, and for that and other reasons some people may want to really anonymize their transaction trails very well, so that is an example of one market that can use low TPS anonymity improvements and that market will be growing very fast in 2016. So Monero or other anonymous coin having the "first mover" advantage on the most significant advance for anonymity since Cryptonote and theoretical Zerocash could potentially significantly raise the market moment of that coin.

Also as I wrote to illodin, this reduces block chain bloat in terms of less transactions needed to transfer a balance as powers-of-ten (well that is not factoring in the cost of the Proof of Sums so perhaps not a size reduction overall, but you gain an important feature of hiding values) and wallet complexity/inflexibility of any existing Cryptonote coin.

Of course they would want to follow it up with more efforts to make their platform viable for more markets. High TPS are not the only markets. They are important to me, so I won't disagree about their high potential value, but low TPS anonymity is also a market. Also anonymity is already a developed and proven market whereas high TPS is a new unproven market.

When the next bubble comes back to crypto, anonymity can be one of those sectors that gets hot with speculators.

Caveat: make sure the low TPS anonymous rings are mixing properly with UXTO that are also spent into anonymous rings, otherwise the anonymity breaks down if only a few people are using anonymous rings (but I think Monero and others are already aware of this, even I think Boolberry had a special feature flag to force this).

Anonymity is a feature. For example what if Crypto Kingdom gamers want to be really untraceable to their other hacker gamers. Did you see that kid in Manila was mauled to death for writing "whew" on a girls facebook page. There are non-nefarious reasons for using anonymity.

Even businesses want to hide the values they are transacting so that competitors do not have that proprietary information. And that could be low TPS transactions for now.

I agree eventually we need to solve high TPS and block chain scaling, but anonymity isn't entirely useless just as Bitcoin isn't entirely useless. I'd hold more BTC if the damn thing was more anonymous. I have not trusted I could transfer over to Monero, mix, then come back and retain anonymity well. I'd rather have it on chain for the coin I am holding.


I think there is a better design but I am not ready yet to discuss that. I need to focus in this thread and time on the anonymity invention I created.

We will hopefully get there asap. But really I have been in such a whirlwind with my rollercoaster health, that I don't want to talk too much about the future. Let's get done what I can do now for now.


I had already responded to you about that in the past and explained it doesn't have untraceability therefor it is trivially unmasked via combinatorial analysis. It adds some obfuscation, but it is step backwards from Cyptonote except that it doesn't have the problem of equal denominations. And it can hide value. Mine combines all of Cryptonote (which includes both stealth addresses for unlinkability and rings for untraceability) with hidden values. I have the first complete on chain anonymity that doesn't have Zerocash's drawbacks.


The opposite. It will destroy the anonymity aspect of the threat from Bitshares, by moving way beyond it on anonymity features. I'd say Monero needs this to stay in the clear anonymity lead.

As for whether Bitshare's high TPS solution will become more important to the market than anonymity, I don't know. Last time I looked, Bitshares was talking about what each CPU could process, not about actually network throughput on a real testnet. Perhaps more has come out since I last looked. I will look into it at some point in near future.

good ideas but i wouldent donate :P

This remains kind of uncertain overall. I think there are some questions raised in one of shen's papers. By being smarter about how you break up amounts you can achieve quite a bit of hiding and not incur the cost of the range proofs. There are, as you pointed out, certain weaknesses to unlinkability and maybe CT-derived approaches end up being a win overall but it isn't totally clear yet.

As you say there are different markets and for some markets hiding amounts completely may be more important even if there is an overall resource cost. For example, those wanting to hide large transfers (you can't make anything that looks like a large transfer in cryptonote if you don't even have a large amount of coins to begin with, and in a mixed system smaller users won't, so actual very large transfers or at least transfers by users with very large wallets, will tend to stick out).

As my Abstract says, my design requires no new unproven crypto. He is inventing a new type of signature that has probabilistic assumptions (plus perhaps complex external factors which impact probabilities). Those assumptions could be broken. I use long standing crypto that is well proven.

Also he still hasn't solved the other problem which is balances can't be merged without revealing values.

Also I have fixed CCT, which is much more efficient than CT.

Also I expect further problems with Shen's approach as it undergoes a lot of peer review. I just haven't taken the time to really dig into, as it is a patchwork quilt of crypto methods, whereas mine is so very straight foward merging of existing Cryptonote and CCT with simple and obvious tech.

Trust in the anonymity is the most important that is worth a lot more than a measly $21,000.


I was there debating with one of those guys just after he claimed to have optimized it (because I had designed a similar PoW has to Cryptonote's before I learned about CN). And someone posted he had earned $150,000 on that effort and I don't remember any refutation. I believe it was DGA.

In any case, if the crypto market can't pay a good income, then it is okay if developers will choose not to work on the market. I assume NoodleDoodle or who ever did that optimization earned what they felt was a good return on their investment.

I am not here to donate my time. I can't afford it.

He got 0 for it. He even donated as every core member to development that makes it a fat minus.



Open Source projects barely pay an income especially smaller ones, so forget it.



Why are you even working on that stuff then, get a job that pays you what you need. Should be easy.

Nor should you have to.

Unfortunately, many will take the view that this will be open source at some point, so most will just wait.

If it is peer reviewed and tested, you might find that mixing services would be prepared to pay you.

Just a thought.

Perhaps you missed this link in my post:


The point of that quote link is that some developers have raised a lot of money and they are in a position to buy an exclusive on my white paper and have "first mover" advantage. As equity amasses to the coin that can be the "first mover" then it has an advantage in terms of funding developments and furthering its lead over others, and this can become insurmountable, e.g. Bitcoin.

Right now we are laying the ground work for the next big move in the BTC price to new all time highs (probably 2017, but starting to move up in later half of 2016), so it is of the essence to be in that position before the moves starts.


Ditto the above. I think the most value will come from my invention by putting it exclusively in a coin that people are invested in, so then they have the most incentive to invest in my work as an addition to their investment. The most value would come from doing my own coin along with a lot more work to complete, and I retain that option if none of the other coins can meet my minimal compensation threshold.


Those who raised a lot of money had an ICO or premine. Monero didn't. I am happy to contribute to Monero if their claimed donation model works. That is why I am here making this thread. Many people have claimed to me that ICO and premines are bad and that donations with a "fair" distribution is better. Okay so prove it to me. I want to see which model can fund the development of the best anonymity design. This thread is an experiment to teach me more about the economics of the crypto market, as well as my other stated objectives.


I am trying to make this my job. If it doesn't work out, I will lick my wounds and charge it to experience.


It is still possible I keep it only for the Ion project.

But the Ion project would take more months to develop, and the anonymity would probably be added after the high TPS and block chain scaling, so that means this anonymity feature might not reach the market until mid-2016 (perhaps sooner but maybe not).

So on balance, I am trying to do what seems to make the most sense overall by being flexible and observing all options, weighing all the risk factors and what is best also for me as both a user of crypto and a potential lead developer or a just a contributing developer.

To use that model, you have to use the forum funding system (FFS). Like everyone else. Example: https://forum.getmonero.org/9/work-in-progress/2400/open-source-amd-miner-by-wolf0

This thread is a precursor to deciding where to apply energies. Gauging interest level, etc.. There are range of opportunities for this algorithm I invented, including even for example the SuperNet, Dash, Monero, holding for my own coin, partnering with another upstart coin such as Aeon, etc..

It also possible that I form a working relationship with another coin, then continue developing for that coin applying my other inventions there, but it really depends on how funding works well (efficient, well paid, helpful or non-divisive working relationships, etc).

Boolberry may not have lots of monero available for donations but it is an advanced CryptoNote coin and is part of SuperNET. Maybe SuperNET could fund you to combine CryptoNote and CT (they raised a lot in ICO) since Boolberry is part of SuperNET. That would seem like an infinitely superior solution to CoinShuffle which they are also working on. You should talk to the SuperNET people and cryptozoidberg from Boolberry.

Thank you.


Smooth and I discussed this I believe in 2014 and the conclusion is that everything sent to the internet can be recorded, so there is no such thing as off chain anonymity (CoinShuffle excepted, and also CoinJoin if jamming and DoS is not your worry) if you are referring to protection against national security agencies and government capital controls.

And if for a business or high net worth individual, then you may also want to be very safe against espionage and mobsters, so again your upstream ISP, masternode/delegated node, or what ever might be compromised.

Also one of the most important points is that only on chain anonymity obeys the End-to-end principle of networks. The means your anonymity is orthogonal to any agent in the network. This is critical for scalability, redundancy, and resilience.

So please enough with the off chain anonymity. It is highly inferior. It is a hack that got some play in terms of quick way to get anonymity rolling (e.g. Dash), but it is not the future. If the internet had been invented without the end-to-end principle, then TCP/IP wouldn't work and we'd not have the scalable, resilient internet we have today that enables to even be here.

Except for CoinShuffle, Off chain mixing = trusting someone (node/server) you can't prove you can trust.

Here follows the section from my white paper on this topic.

---

I solved that, but that is not what I am going to release now nor discuss now.


Well I have more surprises up my sleeve. This white paper isn't the only one.

1. Plagiarize the work, shared freely, of Adam Back, Shen, Denis, myself, and others (and in my case even implemented in a high performance implementation).

2. Ask for twenty grand in donations.

3. Profit.

Here's a hint to someone who might think of funding this stuff, "just in case":   Non-contributiors being paid for what is primarily your work is incredibly demoralizing-- doubly so when they don't even add anything to it (not even a good implementation); if you want to kill science and engineering in this space go ahead and fund more vaporware scams.

Science needs to happen in the open. I'm also very supportive of people being paid for their work, but they need to actually do work, not just sell snakeoil to others.  This community often does a much better job at funding scams than people who reliably contribute.

You are asking for more than 100K yet you have not responded to the cryptographer on reddit.

Smooth that was a better explanation than my response. Indeed Daniel is glossing over many issues.

Fundamentally sound anonymity is multi-pronged, end-to-end, and on chain.

My white paper even discusses computer security and what needs to be done and can practically be done. My white paper is holistic, as is everything I try to do in design work.

I'll be interested to help, where I can, if you go down that route.

Your various thoughts and challenges have helped a lot of people and projects over the years. You might be surprised at how many people would be prepared to support you.

The plot thickens.

Sounds like I need to do a little more reading around.

Any references?

Here's gmaxwell's original write-up on Confidential Transactions: https://people.xiph.org/%7Egreg/confidential_values.txt

Here's Denis Lukianov's latest paper on Compact Confidential Transactions: http://voxelsoft.com/dev/cct.html

Finally, here's the WIP paper that Shen Noether, of the Monero Research Lab, has been focusing on: https://github.com/ShenNoether/MiniNero/blob/master/RingCT0.3.pdf

No I asked only for $20K (+ $1K to reimburse our donation to the author of CCT which is underlying tech that makes it more efficient than CT).

And I did respond (https://bitcointalk.org/index.php?topic=1211093.msg12711684#msg12711684), but I don't see a need for me to respond further at Reddit. I appreciate his reply, but my last statement there was maybe I should keep my mouth shut. Also the cryptographer did not address both of the flaws, so it just a continuation of more sloppy. He throws up a white paper that didn't even have all the required math in it, then he puts up version 2 and says version 3 is coming. Why do I need to respond to a moving target. He only addressed the duplicate spending issue and he did so by introducing some complex new probablistic signature algorithm he apparently invented which afaik has not been vetted. And even with all that complexity that can't be as easily trusted for a few years until it has been challenged/vetted, his afaics still can't merge balances without revealing values.

When I say I invented a solution, I didn't have to invent any new crypto primatives. I reused existing well vetted zero knowledge proofs, EdDSA, and Cryptonote. I didn't invent new unvetted primitives (and I also removed from CCT the former requirement for a large unvetted, inefficient 768-bit ECC curve).

If Shen explains more clearly his new signature crypto primitive, then I can better analyze his new unvetted crypto primitive the "Mokum-gane signature". He is clearly a math nerd (probably very expert) because communication and written elucidation is not his strong suit. I am primary a programmer and I aim for K.I.S.S. and clarity.

I wish him the best with his design, but the tying of each input to each set of outputs is a fundamental weakness that my design doesn't have. My design you have a ring for each input. The outputs are orthogonal to the proof each the ring. He has conflated the two and thus his solution will never be as general and robust as mine.

My white paper can be explained to novices. I could make a web page that would explain it to laymen who got As in their high school math courses.

Nonsense. I was talking to Denis (author of CCT) back when he first posted his white paper to forum which was just after you announced CT.

We were brain storming ways to combine ring and hiding values, back in either May or June (I forgot when he announced). He gave up. He was exasperated because I kept coming up with ideas that he would break. And he didn't think any advance was likely. I continued to work on it and eventually I had an epiphany. I never even knew anything about your attempts to do the same, until just a couple of days ago when one of my angel investors sent me a link to the Reddit thread that Shen created.

We even paid 4 BTC to Denis once we were sure we had a unique and correct invention. Afaik, you guys didn't give him any thing for his efforts, even you have $millions in funding.

Gregory, please do not lie. You have absolutely no proof that I plagiarized your work. And in fact, you will see I solved a problem you could not solve! Damn it. I am so tired of your condescending attitude. Why can't you learn to respect others?


Are you advocating that working on crypto should not pay an appropriate income? Do you work for free? How much money did you raise for Blockstream? How many mining rigs have you accepted as donations? Etc..


You haven't even seen my math and details yet, and you claim two lies:

1. You as a liar claim that my invention primary takes from the work of others, when in fact I have entirely new formulations. I am clever that way.

2. You as a liar claim that my implementation is not good, when in fact I think it is far superior to what you created.


If you are true to your word, then STOP LYING.

I expect your full apology. This is a disgrace. I am livid. You are destroying crypto with your attitude. You are a control freak. I improved upon the concept of homomorphic sum. My result looks nothing like Shen's work. My paper doesn't even use your CT algorithm. You are entirely full of shit.

Two non-cryptographers (Denis and myself) just kicked the ass of all the cryptographers in terms of producing the most efficient design. Fathom that.

Thanks!


Well there is the chicken and egg problem with this one. It's a widespread issue that most projects encounter:

'Hi, we're looking for some investment.....'

'Sure. How much are you looking to raise?'

'Hmm. About $21m'.

'Sure. We can do that.'

'Great. We'll start writing the first white paper. Any chance we can get the funds next week?'.

'Sure. Looking forward to reading the white paper. When do you think the software will be ready?'

'We should be good to go in a year or two.'

My white paper is done. Give me $21K now, and I will publish it now. In 2 seconds. Where is the $21K?

Why all the FUD?

Are some people offended by a free market?

You fools might just destroy crypto if you continue FUDing me. I am legit and you demonstrate that you are going to roast a sincere developer, then maybe others will begin to see crypto land as totally corrupt and unethical from the very top including Gregory Maxwell's despicable post, wherein he accuses me of things he has no evidence whatsoever of and in fact I can prove those statements are lies.

Actually, I was referring to Blockstream having raised funding around this time last year when I suspect the project was mostly vaporware. As a private investment transaction, only a closed group of people will know all the details, so I just filled in some gaps. For all I know, they may have had a working version of sidechains and CT.

Sure I'll see if I can edit the poll to accommodate without erasing the prior votes.

That is if you don't want my white paper then you can go with Gmaxwell's and Shen's inferior broken solution for integrating Cryptonote with CT. Denis's CCT is not viable without my improvement to it.

I guess you didn't realize that I wrote 3 times already that Denis's CCT requires a 768-bit ECC which is impractical. I removed that requirement.

Apologies I was so livid that I didn't pay attention to the "m". Hmmm my request for $21k versus Blockstream's $21m. Do they have 1000 times more features and developers? Good point!

It's not quantum-resistant, is it?

I am simply amazed that Gregory Maxwell would set himself up to be made a fool because I never even knew of Shen's work when I produced mine, so it is nothing at all similar which will be clear to all when the paper is published.

It blows my mind how fucked crypto is with people like him at the helm. I must have really hit a nerve for him to lose it like that. He assumes everything and all his assumption (which became accusations) are all wrong.

If I was a rational developer looking from the outside, I would run as far away from crypto as I can. These people are insane.

Just to be clear...I'm not looking at point scoring. I congratulate the Blockstream investors for investing in Bitcoin and the Blockstream founders for being confident enough to seek funding to ensure their project has every chance of being successful.

I was just pointing out the logic of blanket attacking everyone else for peddling vaporware.

edit typo

Well some quantum resistance seems to come from using wider ECC curves because practical quantum computers will likely be limited in qubits for a while if they ever (or already are secretly) a reality.

But I also think it will be possible to add some quantum resistance by adapting the recent advances with super-singular isogenies. But that is far out of my expertise and so we would defer that to the super math nerds. We in cypto land need to grow our markets and so we can superfund such.

My predominate talent is combining marketing and programming (along with my cleverness) and I find ways to grow markets, as I did in 2001 when CoolPage in only 2 years from initial release had risen to 335,000 published websites as reported by Altavista. This was when the internet was 1/10 of its current population.

In doing this anonymity invention, I was really stretching beyond my core expertise, but I was very, very determined to solve it. And I did (unless I have an error) independently! Any one who accuses me of plagiarism is going to be shown to be a fool.

I have nothing against Blockstream. I was even commending some of the principles of side-chains.

My problem is with the attitude of at least two of their key players towards me. The way they talk about me derisively behind my back I also know about.

This invention was personal effort of mine to teach them a lesson about mutual respect. I was very determined.

You have to take a step back and look at your history.  For a very long time you have criticized other peoples work and bragged how wonderful your concept is without actually providing and proof or evidence.  Now you release "your" idea coincidentally right after Shen releases his white paper and coincidentally your work is very close to or almost identical to cryptographic concepts discussed publicly by others for many months.

Now ask your self, as an objective observer, what conclusion would you derive from these circumstances?

I have mentioned this anonymity white paper publicly in these forums months ago. Just because you aren't aware of it, doesn't give you the right to make ASS-U-MPTIONs unless you enjoy making a fool of yourself.

The scientific method is to first gather the evidence before you shoot from the hip.

I also know for a fact that certain people don't like me. So all the more motivation for me to prove them wrong.

I have not criticized every work. I have commended a lot of works. You cherry pick my posts to form a bias that suits the view you want to have towards me.

I write what I think. I don't bullshit people. I make mistakes and I also make achievements. This is the life of a human being.

It is clear that I came forward now with my white paper other than just mentioning it before, because Shen came forward with his, thus the race to market implementation was necessarily accelerated. And also because I had been in a whirlwind of ill health spiral since I tried water only fasting for 10 days in August (the thought for a need for which was likely brought on by the ill health spiral likely caused by overeating omega B meats given that my health issue seems to be as I learned just recently an inflammatory cascade caused by insufficient glutathione). And I just managed to get myself stabilized a few days ago, and starting communicating in Bitmessage again with my angel investors after disappearing for 1.5 months. I went from 73 kilos to 55 kilos and not back up to 70 kilos. I have been going to a literal hell. And so my mind was so discombobulated and I was trying to get myself back on track.

Immediately I realized I needed to do something with my work. I couldn't just leave it there waiting longer.

But at the same time, over these past few days I also had a major insight on my chronic health issue. And this is also changing my thinking (even today my thinking changed a bit) more towards I can work, because for the past 3 days I have hadn't had much indication of illness. But I am also not yet sure about this, so I continue to gather feedback here and try to make the best decision for myself, my angel investors, and the community on balance.

Just because you have a suspicion, you should put yourself in the other person's shoes and try to gather some information and ask a few questions before leaping. All you had to do is ask me in this thread some questions and I would clearly explain to you that if my white paper is not entirely different than Shen's method, then I will not be allowed by the escrow agent to receive the $21k.

You would then have received the assurances you need to know that your assumptions were incorrect.

Since Shen isnt't here it would be great if you responded to his last post on Reddit.  Many of us would like to know if the flaws you wrote about are in fact present in his work.  There was a civil conversation going on there, people were upvoting some of your posts when your attitude changed and Im sure they will continue to do so.  By not responding it gives the impression that in fact your "accusation" was unfounded.

Regards.

I also wanted to add that if you have in fact improved on Shens theory or solved problems which he didn't see as you stated on Reddit and helped implement it in Monero you might be surprised by how much the community would be willing to help you, financially or otherwise.

I sincerely hope you have found a solution to your health problems and will be able to contribute to the community in a meaningful way.

He didn't answer the point I made about not being able to combine balances because he associates each input (C_in) to a set of outputs (Cj_out). This afaics, he can't have more than one input feed to a set of outputs, thus balances can't be combined. Since he did not reply to that point I already made, then his reply is insufficient for me to reply to him.

Why should I have to repeat what I already said which he didn't respond to. He is a very bright guy, I am sure he can read carefully.

As for his "Mokum-gane signature" maybe that does prevent the duplicate spending that I alleged which is a separate issue to the one above. But afaik that is not a standard signature that has been already vetted and vetted in this context where I don't know yet how any external correlations might work against what appears to me more complex probabilistic assumptions. The zero knowledge proof in Cryptonote appears to be less complex and more straightforward, yet if that was just released for the first time today, we'd all need a year or two to trust it while it is vetted.

So I avoided using any new complex crypto primitives in my design. Maybe once he gets his white paper well written and more near to publish quality, then that would be the time to go into that when I can better grasp his explanation of that new signature and also be sure it isn't a moving target still changing with more edits and hidden maths that suddenly appear in version N+1 of his paper.

So what I am saying is, he hasn't yet replied. I'll give him some time to refine his paper and answer the other concern. In the meantime, no one is paying me to do peer review and I have to balance a lot of priorities on my side.

And I am pretty much turned off about talking to any of those in that snobbish community who interact with Gmaxwell et al. Because it is always been a ticket to ill feelings. I don't need that in my life.

From what it read I believe he thinks he addressed your point.  The prudent course of action would be to quickly point out that he has not.

I am definitely ready to contribute and dig myself out of a very big hole.

I can't yet be sure if the info I found is a cure for my health issue. I will go write up my new found insight as soon as I complete answering any posts here.

Thank you. Sorry if I am just screaming, but I am just so sick of bickering. I feel sometimes I want to pull my hair out when it starts again. I understand I may have contributed to it with some of my posts in the past, but you know even smooth who is very respected and deserving of respect has also had his moments of going on and on ad nauseum.

We are just human beings. I wasn't satisfied with where Bitcoin was in 2013 technically. I never expected Gmaxwell to go invent really cool anonymity. I was totally against his CoinJoin because I was the first person to point out that you can't blacklist the one caught jamming it, because the point is you are making UXTO anonymous via mixing (unless you have have all CoinJoin mixes talk to a master blacklist, but that is dangerous for other reasons). So yeah I was critical of some things before and especially because I thought Gmaxwell wasn't sincere about anonymity and scalability. But then I see what he is doing with Blockstream and I am commending him.  Even messaging him in private to commend him. Once he realizes I am AnonyMint the guy who criticized his CoinJoin, then he stops replying and the only nods I get from him are condescending shit behind my back and then this leap of foolishness in my thread.

Originally I was critical or dubious w.r.t. to rings but over many months of discussion in the forums with smooth, I came to the realization that on chain rings were the best. But remember I am the one who pointed out the combinatorial unmasking flaw first (to smooth). And I am the one who pointed out how to defeat that flaw by controlling who mixes with whom (which also makes the rings prunable reducing block chain bloat). I do believe Monero got those ideas from me. So it has been a two-way street. I was promoting anonymity back in mid-2013 before others were. It wasn't until Mike Hearn's redlisting proposal that everyone suddenly got more serious about anonymity for the fungibility reason.

All of us need to have cooler heads. If gmaxwell can back away from the ledge of contempt, I also want to. I don't like the animosity. To the extent I created it by trying to analyze tech, sometimes making mistakes, and being demanding of what I wanted for crypto, I plead guilty.

Tl;; dr  is I am just human. Learning over time how to fit into this. What my role should be. What my core values for this market are. Etc.

If you asked me I would come to conclusion that people are not aware of https://en.wikipedia.org/wiki/Multiple_discovery phenomenon.

well he did:



Yet you bad mouth him and claim to have broken it and to quote yourself



Oh and here you do it again:



So you say, you didn´t even have time to dig into it, yet you bad mouth it?

Maybe you might notice why people talk bad about you, because as the bible says

othe you are just playing politics by making selective quotes. He made that reply after I wrote what you are quoting from me. Any one can go read that entire thread and see how he was being condescending to me and then in the quote you just made he is being condescending again. Instead of answering my question he leaves it as a wild goose chase into his deeper math in Lemmas and such. He is just being snobbish again. He could have simply answered the question directly the first time instead of trying to purposely frame me up so he could be snobbish. I am not going to dig too much into his papers because they are not finished. He can try to explain his paper to a layman so they can trust it (I doubt it!). Mine will be so explained.

I wrote in my Ion project thread while I was making those posts in his Reddit thread comments such as:


My statement below was entirely accurate based on the white paper he had published at the time I wrote this statement:


Then after that he reveals hidden math that he was withholding from us. Sneaky.


Yeah it would be nice if all parties did. Readers I am sure can read the Reddit thread and see his attitude towards me throughout.

It would be so much easier for everyone if you just went on reddit and outlined what he did not address.

Cheers.

He can explain his reduction to a layman. And make sure all of us can understand it. My crypto paper can be so explained.

As for his condescending comment about all digital signatures being probabilistic (of course I know this! there he goes again with nonsense assumptions that I don't know even most basic things), I specifically wrote in one of my comments which you may not have quoted for him, that the probabilistic assumptions appear to be more complex and unvetted as compared to the crypto I employed.

If he can show how MG is so well formed in simple and easy to understand terms, then he can be so convincing. As of yet, I don't see it.

What incentive do I have to talk with someone who totally disrespects me and is condescending to me even after he wrote he wouldn't do that again.

I don't know how participating in smear campaign against me is easier for everyone.

I remember a few of your last posts as Anonymit. I haven't taken the time to look back at your post history, but from memory, you got to a position where you threw in the towel because ultimately the internet discussions turned negative and it was probably stressing you out to the point of contributing to any health issues.

Looks like you're walking yourself back into the same path as before.

You clearly have technical contributions that some people listen to. I don't know the full history to judge if there is others work being claimed as new or novel to you, but contributions are contributions.

If I were you, I'd look into kicking off a new project and seeing where it takes you. You might be surprised to find people wanting to provide all types of support to a project that brings something new and improves on what is already out there. You could probably launch a project in under a week or two. I guarantee that you'll be spending 10x this much time chasing your tail around here.

Satisfaction of proving his design is faulty would be the biggest incentive.  You should look at it as responding to the community rather than just to him.  Both of you guys were rude and condescending to each other, just forget it and let it be.

I like your idea. So true that we lose so much time to bickering. So exhausting.

Bottom line is Shen may have a solution too, but his apparently is under development and thus it is difficult to fully analyze what is still changing and perhaps not even well vetted. What if I expend a lot of time analyzing that more than I did, and then later they find a bug and declare it all invalid. So all my time was wasted. That happens with white papers. Might even happen to mine once submitted to the public.

I already did that. It can't be denied:

https://www.reddit.com/r/Monero/comments/3oi16k/ring_ct_for_monero_a_work_in_progress_comments/cw3b936


And I saw your rude comment there where I just posted as linked above. Sigh.

I don't think it was rude.  You make firm statements about it being broken and then never follow up.  How do you expect people to react?

You don't say: maybe its broken, I dont understand how this could work, your paper is missing x..

You authoritatively and firmly state its broken.  I have seen how you react on the forum when roles are reversed.  I really don't see how you can consider what I wrote rude.

Well, extend that logic to your proposition to various projects.

You are suggesting that Monero or some other project accepts your white paper and implements a change.

Well, now:

1. You've given others a reason to not buy your ideas.....what if xyz comes up with something or there is a bug.
2. If xyz project should consider a change, then your project could also come up with a change, a hard fork, if improvements need to be made.

On a commercial level, you claim to have coding skills that have created world class projects. I have no reason to doubt your claim, so I will accept what you say, as I have done in the past, until it is proved otherwise.

So you're various skills make you, on paper, a safer project to back - even if you have to make changes as you go. And even if you kick things off and then take a higher level technical advisory role as the project gathers momentum and others begin to contribute.

edit

There are various projects out there that you could fork mid flight and get going forcing others to join your fork, to prove your point. Or you could launch from scratch, again with a fork.

Okay I replied to Shen:

https://www.reddit.com/r/Monero/comments/3oi16k/ring_ct_for_monero_a_work_in_progress_comments/cw3c8dw

I thought of a new potential flaw due to conflating inputs and outputs.

I trust (as far as my feelings, the market and the brutal test of time can assure) Shen, the Monero team and gmaxwell but from my readings it seems TPTB_need_war may have a breakthrough of some kind in the area of math and anonymization (of quanties), what is exactly what Shen and the Monero team is researching, if he and knowledged parts of the Monero team could dialogue in secret (because he doesn't want to reveal any part of his research he says the Monero team is "copying" but has no way to find out), and if it is found he has an useful, unprecendented method that can translate into code for betterment of the Monero network, I can see a crowdfunding motion having success or he eventually takes the highest bidder.

I know this is not true and you make it sound everyone involved in coding for Monero is making rivers of money which is unrealistic as the core devs are literally making most for free if not in the red already (no IPO, no premine), and most coders working and submitting on github at the moment were funded by the community.

How can you release a white paper on one-time ring signatures hiding values, and then not address the fact that your design as presented allows duplicate signatures of the one-time key that can't be detected.

That is lack of respect for or awareness about people who expend their precious time to read your paper.

On top of that he was condescending before we got to the point of me stating that fact.

I honestly didn't fathom that he might have a solution for the one-time key (the "MG" sig) that he would not have published in his paper. Who would? You read a white paper expecting all the pivotal elements to be covered. That is the point of a white paper.

The signature he showed in his 0.1 paper was broken. Now he changes to an "MG" sig. Moving the goal posts as if white papers should be a ball kicking sport.

Bottom line is he should have taken the time to finish his white paper before announcing it on Reddit. I didn't go publishing my white papers in half-finished state, thus wasting the time of my readers.

The time of my readers gets wasted by all the bickering and explanation of bickering.

Any way, I understand your point that we just want to get to the truth as efficiently as possible. And I do accept that your comment was a reflection of your perspective wherein you thought I was attacking him. I was defending myself from his condescending and unwillingness to help me learn efficiently what he had invented. I asked him several times to tell me where in his paper he was associating the 'a' with the 'Pi' and I never did get a straight answer from him. I had to go back to his paper and clarify it. Why ask.

I think what we have here is a guy (Shen) who is better at math than at human interaction. And then myself getting more easily ticked off because I am so tired of everything (illness, bickering, wasting time, losing massive hours where I should have been producing income).

Frustration seems to run together at the same time.

Any way, I would like to efficiently understand the differences in our algorithms, but Shen will need to make the math more intelligible for people who don't have time to build the domain knowledge on the symbolism he is employing. Some english text can go a long way to explaining a few things and make it much, much easier for people to make the little leaps in symbolism to full understanding.

If he only wants a few math heads to understand it, then he can leave it as now. It is his choice of priorities and I will react accordingly. I don't have unlimited time.

You can choose what to spend your time on. No one forced you to read the paper or publicly comment on it.

Maybe in cryptoland, but in the real world a white paper is typically a 1-2 page document outlining the essential ideas of something, not the minutiae of implementation.

Yes, you did go publishing your paper in a half-finished state. It's the first post in this thread.

Fair enough.  If you ask concise questions about a certain piece of the solution the onus is on him to answer.  Try not to take any of this shit personally.  Even if someone is condescending do you gain anything by responding in the same manner?  You gain a lot more by pushing forward with your point in a calm, lucid and civilized manner.

to be fair the reddit title is  "Ring CT for monero: A work in progress, comments welcome"

We open source everything, even uncompleted work. He asked for comments and he didn´t say its finished.


He´s good at communcation, i and others talk to him and together multiple times per week.



No it wasn´t really changed, we had no name for it and made up something. Mokume-gane is the japanese metalworking prodedure they used to make layered metal for samurai swords etc.
There were empty chapters and there are still 2 (i think, too lazy to look now) empty chapters.

He wrote on reddit he has everything written down on pen and papers

The topic of this thread is very interesting to anyone who cares about cryptography and Zero Knowledge Transactions, but all the personal attacks are not.

OP you seem very knowledgeable as do some others participating or cited in this thread.  If fundraising is your goal then you might want to change your tone. I see condescension from both sides.

If you really think you know whats wrong with him I think you should tell him with no strings attached.  I think what happens on these forums should be separate from the health of a person in real life.

Just my two cents.

I understand that his attitude in he past might have left a bad taste in some peoples mouths but its a persons health we are talking about.

I'm not saying its unfair in any way to ask for something in return, its just the thoughts of the tree huger, humanitarian in me.

Its a viscous cycle when it gets started and it takes a person with thick skin to turn the other cheek.

I have not thought Shen, Monero team, and gmaxwell were copying my work. I did think for a brief moment perhaps someone had tipped them off that I had claimed the same feature and maybe that motivated them to attempt the same, but I never thought they literally copied my work since no one else had seen it so that was impossible (unless someone hacked my computer which I don't think is the case).

Their algorithm is significantly different than mine, so it is also quite obvious we independently developed our solutions.

I believe now based on new information from Shen that it is likely he has a solution to the same problem set as I do. But I do believe his may be less general, e.g. the open question about whether he can merge multiple inputs from different signers in same transaction (I am nearly certain he can not but awaiting his reply). Also so far I view his as more mathematically complex to explain and trust. But perhaps he can improve that with more english elucidation in his paper. He may not wish to do that, if he prefers the typical "math snob" style of academic papers (where the reader is burdened with acquiring the domain knowledge rather than it being explained) which is fine for academically targeted white papers. Our market is crypto and the users need to trust and understand tech. One of my talents is explaining complex tech in simple ways. My white paper could use some more refinement on this aspect of explanation to the laymen, yet I am very sure I can do it.

I do believe I have something of value even if Shen is able to resolve every flaw I might find, because there is more than one way to skin a cat and mine is I think simpler to understand. Also mine should be more generally useful, because mine can sign the transaction even to 0 outputs, e.g. a burn transaction or signing to a future of outputs that will be decided later. And there are probably other scenarios where not conflating the inputs and the outputs in the signature has some use case that Shen's can't do (other than the one I already asked him about).

Separation-of-concerns is a fundamental design concept I follow. Conflation violates this and invariably leads to corner cases.

He may be awesome at math, but I have a lot of experience with design patterns.

So in end, I expect my invention to be worth $millions in the market. The question is how to best capture some of that future value now.

Well I am saddened to read that Monero devs are in poverty. I want to read that we are expanding the crypto markets and all of us are getting wealthy while improving the world.

Hopefully we can lead in that direction. I am trying to be healthy so I can do more coding less talking. I am not really happy about talking here. But I need to make a wise decision about what to do with my anonymity algorithm at this juncture given the recent competitive developments.

Now this sparks my interest, I could see myself donating to make this kind of feature into the Monero repository one day, also, like you recognized, the work being done by Shen could result in the same as your pricey whitepaper so why someone interested in Monero would buy it? Btw I see no problem in what you are doing and I think the price could indeed be low compared to what it could unleash but the problem is I have no expertise in this area, I need to take the words of those I see wiser than me and with a proven record before (as I think most people do) throwing money at speculative assets for speculation sake, and I personally have no interest in launching a coin or owning a whitepaper I don't understand hence why you may find your prize from someone else with other motives.


Just lol, I hope you are being ironic as I said the Monero devs did not win lotery deving for Monero (yet), I did not said they are poor by the contrary most seem successful in their respective areas of bussiness hence why they can afford donating time and effort for Monero at this point.


Well thats the goal, glad to read it from you too, even when you are after quick buck (and perhaps rightfully so).

I was planning to reply to his post. Actually I very much appreciated his willingness to help. I felt bad that I pissed him off (if I did, but I think he wasn't pissed when he used the word fuck just he was putting emphasis on me working with smooth). But I hope he can understand that there are so many attacks flying here and there, it is very difficult to discern who is sincere or who is planting political traps.

Any way, I don't think he necessarily needs to give it to me for free, especially if I can afford to pay something and what he has can make me more productive. Discussion can add clarity on it.

He seems to be implying some connection to LDL or cholesterol. I am learning that so many things are interrelated. Any way, I came across a new revelation about low glutathione (actually I was aware of it before about the Methylation Cycle but some key aspects of this I hadn't studied sufficiently  before), and so I was planning to make a post about that first then reply to him and see what he thought after reading that and then go into him about what he might know and what value I might have to give in trade.

It is not impossible that smooth and I could work together. I think the key issue is financial reality.

I am trying to figure out now what is best role for me. Based on my past, I would prefer to lead a project. I think I can bring a fresh perspective to expanding markets. But my damn illness has so frustrated me to the point of exasperation.

So any way, I came here based on the urging of others who wanted me to share my algorithms so they would get implemented in a project if was too ill to finish Ion. And when Shen announced, it seemed like that was a good time to consider opening up my algorithms.

But as I said, I have a new insight on my illness and I still have a itch to lead my own project. Yet if I fit very well into an existing project, maybe that is the better role for me. Or if I can raise some cash and only lose "first mover" on my anonymity algorithm, that may make sense given my precarious financial+health situation. The illness beat me down and made me realize that maybe I could no longer will power months of non-stop coding and sleeping under my desk.

Any way, I am hopeful about this breakthrough on the glutathione. Let me go write that up... (all the tabs for that research still open on my browser ... haha my gf always teases me "how many tabs you have open now" since the number always grows and rarely shrinks).

Rambling comment...

Let me clarify that it wasn't my idea to seek donations. I had always thought it was a non-optimum (almost like slavery to beg for donations) funding model (and then to have to explain to novices why your tech feature is worth the amount requested when valuation is very complex matter of futures), because only people who are vested have an incentive to give you their money. But others have tried to convince me that is a viable funding model and that fair distribution goes along with it (i.e. no ICO and no premine).

I just decided to follow their suggestion and give it a whirl and see how it goes. Then make a decision based on the feedback.

I am becoming more and more convinced from the feedback in this thread, that it is best to either launch your own coin or sell your services (and designs) to some coin that did sell an ICO or premine and thus has the funds to pay for your services. Seems the people working on Monero for bounties are getting paid only a couple $1000s for week or two of work, which basically means they are donating their time. Good programmers earn in excess of $100,000 a year. Even Google was paying $200,000 (+ stock options) for fresh college grads with no experience.

The idea is that he who can expand markets should go for his market value which can only be expressed in a two-way trading market, not in a one-way donation. So my inclination has always been that direction. I just decided to try the suggestion of others.

Perhaps Shen's can be used in Monero for free and perhaps it will good enough (or maybe even the best). That we still need to determine based on more information from Shen. I will just say that $21,000 is nothing when you are aiming for a $5m or even $50 million market cap. You would choose the algorithm that is best regardless of that small price differential for development cost. I still need to determine if Shen's algorithm is as good or better than mine. For the moment, I am thinking it lacks generality because it apparently (afaics) forces outputs to be bundled with inputs in the same signature. Also I really can't yet determine if there might be other flaws because I haven't yet digested all the math, e.g. the "MG" sig is still an enigma to me at this moment.

Since I understand my algorithm well and do not see any such flaws or potential for such flaws, I am lean towards the odds that mine is going to be superior to Shen's. But I don't yet know that for sure. Waiting on further elucidation or for myself to have more time to go learn more about the LLW sigs and his extension to his new invention of "MG" sigs.

Well I am more in poverty than the Monero devs, so they need not feel relatively poor, lol.

About quick buck, my point is I need to decide between other projects which might pay me a good salary (assuming I can find one), or other projects I could create that are not pigeon-holed to crypto, when determining my opportunity cost of working on crypto.

But here is the kicker for me. So many (e.g. social media) projects I would like to do, require the features I wanted to build for crypto that would expand markets (e.g. 1 second microtransactions to any party, not that addon channel design on top of Bitcoin). So I have always viewed my interest in crypto as foundational to other projects I want to do that are not just crypto. If Monero or anyone else was building what I needed for my other projects, then I wouldn't have to create my own project.

We all just want success. Who is going to lead us there? Gmaxwell, smooth, SuperNet, Daniel, Ethereum, myself, Dash?

We all have our theories and vestments. Who will end up being correct. I love competition. Exciting to get out there and compete on creativity. My problem is the realities of my life became so pressingly urgent lately. So I wasn't able to just lose days upon days coding with no sure income. Any way, my gut instinct is just go back to coding my own project. But I am trying to fight that, because I am not 34 years old and healthy (or am I?).

Well it only makes sense that if Gmaxwell releases CT which shocks everyone, then with days Denis released CCT which shocks me more (and most people ignore it), then it is likely going to spawn more than one attempt to merge one-time rings with homomorphic value hiding.

https://www.reddit.com/r/Monero/comments/3oi16k/ring_ct_for_monero_a_work_in_progress_comments/cw3c8dw

reddit response

I think the best option currently is to shift this to a dynamic/active conversation, e.g. chatting with each other on IRC. I mean, this passive forum posting and switching between/reddit isn't really that effective and some sentences/word could also be interpreted wrong.

TPTB_need_war: How do you feel about talking to Shen on IRC? You wouldn't be interrupted and affected by trolls, and on top of that I think you two could have a nice and effecient conversation. He is mostly at #bitcoin-wizards, you could use the webchat option -> https://webchat.freenode.net/

EDIT: Shen also said he has written everything out on paper already, so if you have a conversation on reddit he could probably explain and elaborate on the things you are worried about.

I got the impression the OP was actually looking to raise some funding, to meet personal financial needs  ???

I put anonymous in quotes so as to highlight it as a hack, compromise whatever.  Its not a real solution of course, but for most end users its sufficient so that regular people you transact with cant find out all of your transactions.

With unscalable networks its a mute point anyway, because you cant store all of the transactions on-ledger, which is why I agree with r0ach and smooths arguments that scalability is more important in the long term end goal.

That is like asserting that since we can't fit the entire school on the school buses therefor we shouldn't use the school buses at all.

You can simply raise the transaction fees for anonymous transactions so their bandwidth usage is proportionally on par with the transaction fees for non-anonymous transactions, then raise both at proportional par until the on chain TPS falls to within the capacity of the system.

Those those who really need it, can avail of it.

And in the meantime, we will add block chain scaling and have had anonymity all that time for those needed enough to pay for it.

My argument was I don't know which is more important. As TPTB points out the subsets have different properties and tradeoffs and may serve different markets. Or the answer may be none at all is "more important", if it turns out to be necessary to have all of them

*twitch*

It's "moot" not "mute".

I decided to pretend I am smooth. So I must add that "or the answer may be none at all is "more important"", if it turns out to be unnecessary to have any of them.".

<inside joke>

Okay it looks like you only have my white paper still available as a solution. I will be awaiting Shen's response:

https://www.reddit.com/r/Monero/comments/3oi16k/ring_ct_for_monero_a_work_in_progress_comments/cw1lwm8

https://www.reddit.com/r/Monero/comments/3oi16k/ring_ct_for_monero_a_work_in_progress_comments/cw3pt3u?context=3

GodHard work works in mysterious ways. I know I worked very hard on that epiphany. I didn't think it would come easy to any one. And now it looks like my appraisal may have been correct all along. Well I must wait for Shen's response first. I am terribly sleepless (36 hours awake). Curiosity killed the cat.

Btw, if I am correct, I don't expect he can fix it. The issue is fundamental. You either have the epiphany I had or your don't. You aren't a little bit pregnant. Based on my design, I can conclude he isn't any closer than he was when he started.

Edit: in addition to and separate issue from the above, Shen has admitted a slight loss of generality in his design (which I claim my design does not lose) and which apparently can't possibly be fixed because mixing inputs with outputs in the signature is inherent in his design:

https://www.reddit.com/r/Monero/comments/3oi16k/ring_ct_for_monero_a_work_in_progress_comments/cw3mzec?context=3

So lets be cruel to be kind.

Get some fucking sleep.

Ross, J.J. (1965). Neurological findings after prolonged sleep deprivation. Archives of Neurology, 12(4), 399-403.

You're no bloody good to crypto if you're dead because you keep yourself awake, because you feel the need to make a point, win a point or win over some funding. You'd be more effective, in this regard, after getting some zzz's.

Trip the power switch.

Need clarification on symbolic notation (potential typos) first:

https://www.reddit.com/r/Monero/comments/3oi16k/ring_ct_for_monero_a_work_in_progress_comments/cw456yt

AnonyMint's Guide to Illegal Unregistered ICOs and Investment Services (Options, etc)


Selling equity (ICO) in a coin I would create is another option, but there are three problems facing this choice:

1. I would be preselling what is mostly (but not entirely) vaporware. Only the white papers and a small amount of code are completed thus far. My white papers are I believe are very strong (we are in the process in this thread of proving whether my anonymity paper is the only known solution to the Holy Grail of anonymous rings + hidden values), but I don't want to release them publicly until either I release a coin I created with them, or I receive some donations to release the white papers for another project or publicly.

2. Whether I presold coins in my project or equity via the Crypto Kingdom system of tokens as I understand it, then even though these tokens are not coins in my project (although perhaps they could be convertible to them), I am still selling securities to an investment I control (the 'control' is what makes it an investment security under USA law) thus implicitly responsible to manage ongoing to make the investment successful. Thus I would fall under USA SEC securities laws (and such laws in other jurisdictions where I sell such shares) and thus in the USA I would either have to sell only to qualified investors (those with verified liquid net worth of $1 million or regularly annual income > $200,000) or I would have to register with the SEC for registration A status where I could accept up to 5000 investors.

http://thismatter.com/money/stocks/exempt-securities.htm
http://www.sec.gov/oiea/investor-alerts-bulletins/ib_privateplacements.html
http://www.lextechnologiae.com/2011/06/26/why-bitcoin-isnt-a-security-under-federal-securities-law/

3. Would any one (including myself!) trust that my health will be stable. Note I am composing a post about my recent epiphany on diagnosing and treating my chronic illness (in short "inflammation cascade" due to glutathione deficiency originally triggered by imbalances brought on by numerous severe gut infections) and will link to it today.


Make sure you read carefully the third link above. My interpretation is the only way I can legally sell coins in a project (to USA investors under USA securities law and other such laws apply in other jurisdictions where I might sell these coins) is to do a Kickstarter-like campaign wherein I only receive the escrowed funds when the promised product is delivered and in which I am not the manager of the project ongoing after I have been paid for my services of creating the product. In other words, I can be a hired contractor, but I can't be the controlling group of the coin.

So my choices for doing any ICO (at any time whether now or later) are two:

A. Do a Kickstarter-like crowdfunded escrow (denominated in fiat or BTC) and be paid when the coin is completed. And then the coin must run on auto-pilot, i.e. can't be controlled by me after it is launched and I am paid. Since there will be no "Controlling Entity" then the coins transferred to the Kickstarter participants are just products (in some virtual, autonomous, multi-player game which some may use as a currency but nevertheless not depending on me to manage it) thus not investments in investment securities as defined by the SEC. If I intended to retain managerial control after completing the funded projects, I would have to register the crowdfunding under the Jobs Act (https://bitcointalk.org/index.php?topic=116835.msg1251319#msg1251319) and restrictions would be placed on the trading for the coins for 1 year (https://bitcointalk.org/index.php?topic=116835.msg1252016#msg1252016). Kickstarter can't be used as the crowdfunding service because Kickstarter doesn't allow (https://www.kickstarter.com/rules?ref=footer) selling products which are "financial incentives" so they will not likely allow selling tokens of a (currency) product that is created.

B. Find a controlling group that is anonymous and illegally sell coins to US investors without complying with the SEC securities law. Mircea Popescu has taunted the SEC (https://bitcointalk.org/index.php?topic=520882.msg5775230#msg5775230) (I AnonyMint mentioned being banned from rpietila's cryptocrypt.org in that linked post) saying he is not under their jurisdiction when he sold investments to US investors. I assert once the G20 get coordinated on enforcing each other's laws, he is going to potentially be one of the casualties. Afaik selling securities to USA investors whether you are a US resident, citizen, or foreigner, you are still subject to the SEC requirements. Mircea Popescu's critical error in logic (http://trilema.com/2012/the-reasons-why-bitcoin-securities-cant-be-regulated-by-the-sec/) is that although Bitcoin is not a "Controlled Enterprise", his options investing service is. ::)  Gavin Andresen agreed (https://bitcointalk.org/index.php?topic=116835.msg1257710#msg1257710) with my stance. So for all of you who are invested in coins originally offered in ICO and lead by developers who were affiliated with the group not registered with the SEC and that sold the coins to USA investors, your coin is illegal and may be attacked by the SEC someday.

Usual disclaimers apply that I am not an attorney nor a legal adviser. Every reader should consult their own.


P.S. here was myself as AnonyMint in early 2014 arguing for anonymity (https://bitcointalk.org/index.php?topic=520882.msg5811904#msg5811904) as a core feature for crypto currency and starting to think about decentralized exchanges with decentralized automated options (https://bitcointalk.org/index.php?topic=520882.msg5813931#msg5813931). And here was yet another one of those examples where people claim AnonyMint was attacking others (https://bitcointalk.org/index.php?topic=520882.msg5816750#msg5816750) or putting them down, where in fact what I was stating was perfectly agreeable logic but the readers couldn't grasp the clear logic (https://bitcointalk.org/index.php?topic=520882.msg5818903#msg5818903) and were attacking me for their intellectual handicap. I got so exasperated, I deleted my posts in that thread.

- If you make a project that the system can destroy, it is not even worth doing. We already have those.

- If the system cannot destroy it, what is the point in seeking their approval?

Or make a legal decentralized currency which they also can't destroy.

Which at the generative essence is conceptually simple. Do the development as crowdfunded stages with each product produced running autonomously. Enable coins to be burnt from one development stage to the next. Each stage runs as a decentralized, autonomous protocol. Whole new paradigm for altcoins. Perhaps I will be the first to test the model (pending decision involving this thread). Maybe Gmaxwell is reading and can apply this to the general concept of side-chains.

So you are making a lethal weapon of financial self-defence, which the system cannot destroy, and therefore you (the system and the people) will learn to respect the mutual differences?

Well I just proposed the exact same!

Isn't it so elegant to discover that the best arrangement for the free market (i.e. no futures contracts which is the Proverb I learned from Hommel, "Do not be surety for another person" and I refined more as per below) in making each development autonomous from the succeeding ones (and let the market decide to burn their coins to the next improved fork) is also the one that is legal.

The point is do not promise the future, because the further away the future, the less control one truly has. Better to sell what you have now, then in the future sell what you have then. Gives the markets more degrees-of-freedom. This is why Ethereum's lockup of shares for so long was so evil.

An example of degrees-of-freedom is that some other developer could also offer a fork that coins could be burned to. Competition increases performance. Another example of degrees-of-freedom is imagine your car with a reverse gear, you would need to drive around the block to go backwards. Or imagining tying your shoelaces together, then you can only hop instead of walk or hop.

Ah sorry, I am clearly being too smartass lately. Perhaps I have stress or too much/little green herbs.

In short, the SEC argument goes about like this: Crypto Kingdom is a game, so it is an expression of people's mutual imagination. Thought is protected by freedom of speech. Also there is absolutely nothing they can do about it, except of course dole out punishments to people from exercising imagination. That is a dangerous road for them, because..

..the way to market this is the public is catchy as well: "Have you ever heard of such tyranny where playing a game that solely handles imaginary objects, none of which was in any way created by the government, lands you in prison?"

So if your coin is inside CK, it is shielded from everything they want. A different world.

Of course at some point they will have to cross the line and officially declare imagination to be a crime, otherwise nobody will use any part of their system* since CK is so much better. I will laugh that day, for my reward is great  ;D


Sounds fresh! :)

* They have intentionally designed the world system and economy to have a hellish proportion of waste, to drag us down in every possible way. So I am not claiming to have developed anything new, just refusing to implement the deoptimized systems, and showing that it works much better than the touted "only possible choice".

Adam Back already proposed burning coins as an upgrade mechanism, which he called a one-way peg. It was that idea, in fact, which directly led to side chains (i.e. bidirectional burning or two-way peg).

I personally believe that spin-offs are a better model for upgrades than burning but the argument could be made either way (and there may be technical reasons to prefer burning).

Wasn't Peter R who first proposed something like that years ago. I am nearly certain but I forgot the name he gave to the concept.

Peter R proposed spin-offs as a bootstrapping mechanism for new coins based on Bitcoin's distribution. I don't remember him proposing it as an upgrade mechanism (although a hypothetical Bitcoin "upgrade" does fit within his model). https://bitcointalk.org/index.php?topic=563972.0

Unless he proposed something else in addition, which is also possible.

My reading of USA law is that if CK coins were obtained at any time by USA citizens or residents as investment securities from some controlling entity, then plausibly the SEC (if it has the cooperation of the other nations) can prosecute the controlling entity and take actions to shut down the coin, such as declare running the protocol to trade the illegally produced securities an illegal act.

One of my alternative theories is that Bitcoin was planted by the DEEP STATE to impel the nations of the world to join together to fight the lawlessness and deregulation that Bitcoin enables.

The only way I see to avoid the coins being classified as an investment security is to sell a product (the coins, source code, and initial autonomously running network) as a contract job and do not retain any control after that sale.

I haven't studied how you are distributing the CK coins in all cases, so I can't comment on whether I believe CK coins are tainted illegal or not under USA securities law. Also I would rather not make any such legal comment about any altcoin.

Usual disclaimers apply that I am not an attorney nor a legal adviser. Every reader should consult their own.

To my untrained eye, this idea of pinning a new coin's distribution to the BTC blockchain looks a lot like what happened with CLAM. <apologies for being off-topic>

Clam distribution used LTC, DOGE and BTC.

No, because CLAM used number of outputs, not number of coins (and CLAM used equal weighting across several coins with completely different values, further separating it from any economic reality). That's a rather peculiar quantity without much of a tie to any economically significant value. The stated objective was to distribute the coins in a wide and flat manner. The reality has been somewhat different.

Still better to burn the coins or the new owner of your new fancy coin project is this:

-The FBI thx to Silkroad confiscated coins
-Mark Karpeles because he just stole hundreds of thousands
-Exchanges because most coins are simply in their coldstorage
-Satoshi
-Some hackers and owners of darkmarkets who stole them
...
-a few endusers who have actual interest in them

Those are all statements about BTC itself. Yet somehow the market still seems to value BTC orders of magnitudes more than coins that started with a new distribution and don't have that baggage (though they likely all have their own), so it is hard to argue that sort of distribution is a huge, huge problem.

Anyway, the discussion here wasn't about spinning off from BTC, it was spinning off from earlier versions of a coin in development to later versions.

Also, exchanges should distribute the spin-off coins to customers, not keep them. In some cases that has been done for spin-offs, dividends, etc. although cryptsy at least has a particularly awful policy of explicitly claiming they own everything.

You're absolutely right of course and I completely concur.

Anonymint is most likely suffering from some kind of fungal mycotoxicosis. Or in layman's terms: mold poisoning.

It's curable with a bile acid sequestrant such as cholestyramine in conjunction with high-dose omega 3 and an amylose-free diet.

He'd first need to rule out Lyme Disease though. Blood tests would confirm.

Maybe find a way to prevent US citizens from accessing the coin? It's just 5% of the earth population, as we see it's Asia that influences cryptoindustry, not USA.

Yeah. I also believe that they many will just ignore that it is a game, a product of imagination, and proceed to trying to regulate it.

The crux is that:

1) It is easy to market to yourself and to larger masses than before that imagination is a sovereign right of an individual. How can you get more personal than that?

2) It is difficult to control and impossible to destroy CK (arising from the fact that it exists in collective imagination).

This gets me to the "what gives?" question. People don't have the balls, they don't have the experience how it really feels that gov takes your all (in my history: confiscate all wealth, and throw me to mental prison for drugging (see my absence from BCT in 2013)).

If the people knew what I do, they would know most of the feeling bad when government attacks you is guilt. As long as the government actions are legitimate, you feel bad for getting "caught". But once the gov oversteps, sets up monkey courts against you, resorts to laws that are not lawful and interprets them crookedly, or does not give a fair trial at all (such as mental facilities), their actions become laughable and counter-productive. Court-martials are needed to give a shred of legitimacy to shooting on the spot all the people that "just don't want to play this stupid game".

Knowing that you (plural/singular depending on the situation) give the legitimacy to the government, and can and should take it away if they (despite your admonition) don't behave, empowers the people to:

1) Regard gov the same as shit on the ground: if you stay away, it does not bother you, but you get the more dirty the more you touch it, or

2) A bug carrying a deadly disease. It is just a bug, a nuisance, but it can kill you and has killed many in the past. Luckily it will be eradicated once the technology/society gets to that stage.

3) Spend effort to check what should be done, and do it. It is a decades-long process.


To go to the practical topic even more:

- Whitechapel Road is a security, right? (in Monopoly) SEC can rule it illegal but people would hardly comply. Sometimes saying stupid things makes people think of you as stupid, and SEC is much dependent on public opinion in this era where the public can choose to play with them or ignore them (previously of course it was different as they held the domain).

- S-IVO is a security, k? (in CK) It is distribution of Ivory, which is btw. prohibited by international trade agreements, so trading it even in your imagination is a crime, and this affects all the other games as well. So double-crime here. You are crimethinking.*

- ION is a security. (in CK)


What people need to realize is that the game is a game - it falls under the clause some use that "all resemblance to XXX,YYY is incidental". Our item MUSH that gives you boost in the skill Meditation, and contributes to Wisdom, allowing you to gain knowledge skills, and reduces life anxiety, may make some 3-latter agency think that playing should be disallowed for all since it carries an implicit reference to things they have outlawed in their world (because of the effects that we want the characters to have, but they don't). Well, nothing they can do does not and cannot make it disappear from the game because the game is imagination. I could go on and on (and will, of course, since this is important, the ushering in of a new world - what could be more important?  :D )

Our TOS say that playing under the influence of outside world (such as what you are doing now) is prohibited. You are not ready to play CK. Go play with SEC then, luckily we have a choice now unlike pre-crypto.


* God mentioned in the commentary of the 10 words that it is sin to even think of committing adultery. One of the reasons was to illustrate to people that sin is a deadly disease, which affects all, and examples that nobody can escape were used, because God wanted to point out that nobody's works are perfect, and therefore all need salvation.

People in general don't accept God's word. They believe their conduct can be acceptable, or don't care. God's judgement seems distant.

Now as Satan, the Prince of "outside world", is moving to complete crimethink so that even in imagination something may not happen that is not dictated from the central, my prognosis is that people will reject Satan (and the infiltrated government agencies) same as they earlier rejected God, for the same reason. Satan cannot any more allow them to indulge in their lusts even in the domain of thought!

I may not agree with Risto's religious views. But the game does allow you to explore the conscious power to lend value on its own terms, freely and without the insipid fear that wears away and dulls our imagination.

I will look into this and which diagnostic tests or diagnostic therapies can be tried. If this turns out to be the case, we can discuss a thank you remuneration privately.

Here is the post I made today about my health (https://bitcointalk.org/index.php?topic=1049048.msg12723737#msg12723737). Apologies to steer the thread on my personal issue. Will be doing the math on Shen's paper shortly (was catching up on sleep).


Absolutely. I relapsed probably because of that marathon session. See the link I posted above.

With regards to CK being played as a game in the imagination of people it's similar to money being transferred in a hawala money transmitting network where no money moves except in the intentions of the hawala brokers to pay a sum of money to another person in the chain from sender to receiver. USA still was able to close down hawala brokers allegedly involved in 911 finances (which was later shown to be bogus). My point is TPTB don't recognise mental boundaries like intentions and imagination. I really wish CK well, but I expect they will want to probe player minds all the same.

Bullshit in every way  ;D

1) The 9/11 was a Mossad operation, financed by the U.S., and I doubt any anti-NWO groups were even told about the operation beforehand, so they could not contribute to it financially.

2) Some hawala brokers may have closed down based on their own decision, but that does not imply that it is a power possessed by the gov to "switch them off".

3) I never said the banksters will surrender without a fight, but they will have a hard time finding people to fight against others' imagination soon. The end game is summarized in the Bible as follows. 44-45 concern the effects of "the stone cut without hands, which destroys the earthly government":

Selling unregistered securities internationally appears to be asking to put oneself in multiple-jeopardy because you become culpable to numerous jurisdictions and court interpretations.


https://www.sec.gov/rules/interp/33-7516.htm


It appears that securities regulation in the EU is limited to shares in companies (and certain bonds), but if you are selling coins which you used to fund development activities and you are controlling the coin ongoing, one might argue this is equivalent to a company operating an exchange which trades the shares it issued. In other words, you didn't register your company but it is still operating as a company. Thus I do think offering ICOs in Europe are potentially culpable especially as EU totalitarianism proceeds with the sovereign debt collapse the push to federalize the governance and taxing power to Brussels as a "solution" to the ("incorrigible nations") debt crisis, i.e. the member nation debts need to be consolidated thus fiscal policy and thus law needs to be consolidated (the Euro was the Trojan horse to full integration of sovereignty). Does anyone think this interpretation of potential risk is ludicrous and if so then why?

Perhaps a securities case will be brought as part of a class action lawsuit, such as if Ethereum investors become disgruntled.

http://ir.lawnet.fordham.edu/cgi/viewcontent.cgi?article=1472&context=ilj#page=9

http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31989L0298:EN:HTML


Even in the Philippines (Asia) you can't even take an exemption from registration without applying to the Commission and paying a fee:

http://www.sec.gov.ph/laws/src%208799-chapter_iii.html

The decentralized systems with no "controlling entity" will have this quality. But a regulated/unregistered company running a coin doesn't have this quality and thus is culpable under man's law serfdom. Daniel 2:44 says the righteous unassailable kingdom will "break apart" meaning it will be decentralized.

Pretty obvious example of if they want you to go down, you're going down:

https://en.wikipedia.org/wiki/Liberty_Reserve

The feds are even saying they have jurisdiction over banking records held by the Chinese government nowadays...

http://www.zerohedge.com/news/2015-10-08/us-government-just-crossed-rubicon

In my understanding, the solutions need to have the following characteristics:

- not be against "God's law" = the "natural law" we all have in our conscience
- cannot be shut down by the perpetrators of other laws.

If it can be shut down by anyone, it is not a solution. Isn't that the reason we are here in crypto, because this is the most promising field now where unstoppable things are able to be developed?

(I just closed a silver depository storing tons of silver. I did not see it had the quality of not being able to be shut down; thus it was a non-solution, and not worth my effort. My silver businesses are from the era when crypto did not exist, and silver was the most promising thing.)

Cool. Let me know how you get on.

You may want to research:-

Stachybotrys (toxic black mold)
Trichothecene Mycotoxins (T-2 mycotoxins)
Cholestyramine Mycotoxin Detoxification

You'll probably want to check C3a, C4a as well as ACE, C-Reactive Protein as well as cholesterol levels. If C3 is high (i.e above 200) then it would indicated Lyme. If C4a is high then it's probably mold, and you can bet your bottom dollar that if its mold then your cholesterol levels are going to be through the roof also, irrespective of how fat/thin you are.

If mold is the culprit then you can be sure that's the reason your GSH levels are depleted thus causing oxidative stress. Building it back up as you are is an excellent idea, but bear in mind as long as you have mycotoxins in your system then you're at risk from relapse. So locate the source of the mold first, detox second, and rebuild last.

You'll find this interesting:-
http://www.ncbi.nlm.nih.gov/pmc/articles/PMC3942754/

By the way, skipping sleep is a really bad idea. While detoxification of the lymphatic system can be achieved in numerous ways, detoxification of the glymphatic system can only really be achieved through deep sleep. So you'll want to be sleeping 9-10 hours a day.

Also don't be doing caffeine. If you're faced with the mammoth task of detoxing mycotoxins from your system it makes no sense to overload your liver with un-neccesary "extra" detoxification tasks. For that same reason I'd question why you're eating raw tuna.

I don't think precious metals are a solution in the modern world in the first place. They'll only be useful in a hard collapse where/if we go back to the dark ages.  Precious metals have low granularity and high friction in use.  They were useful in an age of barter where you show up at a market and want a chicken and the vendor estimates which coin in your pocket the chicken is most closely valued to.  He then has to toss in a loaf of bread or something else until you both agree on value.  

Most business owners don't run their own floor nowadays and nobody is even allowed to barter.  Let's not forget gold backed currency is how fractional reserve was created in the first place.  In other words, it's almost useless because the market demands higher granularity and lower friction.

We can consider (Town-emitted) CK assets to be "community burn" then.

For instance there is now a decree that Town will (effectively create) and sell VOD item for 0.14 XMR in unlimited quantity. The item is expected to be around for a long time. Anyone can "burn" their XMR to convert it to VOD at a fixed rate but not back. If VOD is perceived to have better characteristics than XMR, it will be desirable. (It can be consumed to gain health, on the other hand it is not as liquid.) Gains from selling VOD will be divided to the game shareholders.

Another example is item IC, which is actually burned and disappears from the game when it is converted to TS160 silver coins, for instance.

In this "closed burn" system, items constantly change their form, and their value is determined in the marketplace. We are currently not relying on blockchain to be the arbiter of the game state, because a blockchain this small can easily be attacked. Our "public community consensus" validation has worked very well so far, and in the future the data storage will be even more difficult to interfere with from the outside. It will have multiple layers with the critical items (such as voting rights of the game rules and items of major value) secured better than lesser-valued items (such as food and drinks that each character continuously produces, buys, sells and consumes).

I haven't had time to re-read the thread about Peter R's spin-off idea to see if the following was already discussed (or perhaps similar discussion about Blockstream's side-chains), but even if you have a capability to burn from one coin to the new coin (e.g. an upgrade fork) the new coin needs to add some coin supply in order to sell something in its crowdfunding unless it only accepts the burnable coin as funding. Burning to the new (e.g. upgraded) coin will:

• Dilute the new coin supply.
• Dilute or increase the owner of the coin's share of coin supply depending on the relative size of the coin supplies at the time.
• Increase the share of the coin supply for all remaining owners of the coin being burned.
• Affect the relative market price of the coins in complex ways, including expectations of burn.

Seems the most straightforward crowdfunded upgrade would be commitments to sell the coin being upgraded. As participants commit to the upgrade to meet the crowdfund threshold, they know the minimum coin supply of the new upgrade (assuming the funded dev(s) intended to burn the coins to the new coin) and any dilution beyond that is a vote of confidence in the upgrade which is perhaps viewed as counter-balancing to the additional dilution.

If there are series of upgrades and you are late, you could burn from one to the next to the next, so there isn't any hindrance there. All these factors will be reflected in the complex expectations that form the relative market prices. I might want to assume someone will burn when the market price is less than 1 for the burnable coin (denominated in the new coin), and they will trade instead for the new coin if the market price is greater than 1. So at the start one would expect mostly burning, because the new coin supply is much lower than the money supply of the burnable coin (and demand for the new coin should be higher if it is clearly better). When the relative market price is close to unity, there is no incentive to burn nor trade for the purpose of burning. But expectations will change due to various market factors over time, thus unity relative market price will not likely be a stable homeostasis. And moreover, why would any one assume that unity is the natural equilibrium? Some may have the expectation that the long-term value is going to be something other than unity so their decisions to whether to trade or burn may be so altered, i.e. not everyone jumps on a short-term valuation option because it might not be sustained and then everyone has a stop-loss provision in place.

This complexity of interaction between market price and burning impact on Blockstream's side chains (bidirectional burning) is either simplified or further complicated by the assumption you in theory can always burn your coins back to the chain where you want unity value to be respected. If that two-way transfer can be guaranteed, then it is a simplification. But each coin is a decentralized system subject to for example 51% attacks, takeover by centralization of mining, or even defection of 51% of the mining due to for example a stampede from one coin to the other due to some bug or even suspicion of hidden inflation in the for example the value hiding algorithm of the anonymity. This is the relativity of the universe, i.e. there can be no absolute point of reference such as BTC.

Thus my former enthusiasm for side-chains has waned somewhat now that I can see that unity pegging can't be assured due to different market expectations (which was something smooth and one other user told in me cypherdoc's thread but I emphasized the arbitrage effect of being able to two-way transfer). I still believe the two-way arbitrage would provide a unity peg if it is unassailable, but I realize it is not likely to be assumed unassailable by the market. For example, side-chains have technical hurdles revolving around orphaned reorganizations and the lack of native support for the protocol in Bitcoin.

Mycotoxins:

https://www.bulletproofexec.com/mycotoxins-in-america/ (https://www.bulletproofexec.com/mycotoxins-in-america/)

https://www.bulletproofexec.com/asprey-shoemaker-toxic-mold-exposure/

https://www.bulletproofexec.com/why-bad-coffee-makes-you-weak/

https://www.bulletproofexec.com/remove-toxins/

We at least I tried: the depository was able to work as a redeemable 100% guaranteed storage of silver and it "issued" (it did not circulate anywhere except in the centralized system though, because at the time we were ready for it, Bitcoin started its ascent already and the plan for silver felt outdated) units worth about $0.10 pegged to the silver warehoused. Nothing would prevent from doing every same thing with them as with Bitcoin (we contacted banks re: credit cards etc. fancy things, had a "hawala" payment where you can get your silver credits to your bank account in 30 minutes, ...), except the "hard withdrawal" would be more cumbersome due to the smallest coin being worth ~$1.00 and physical collection of the silver was required.

At max, the value of silver deposited by our customers was about $4 million so small business here. But it all contributes to the experience  ;)

There are several of these still working (mainly on gold) though they tend to run into mysterious problems...  :D

Please define terms "Town", "VOD", and "burning XMR". I am thinking burning XMR can only happen on the XMR block chain. Does XMR have this feature?

You can only do this if the old coins even functions, isn't weakened and attacked, etc.. That in turn will be reflected in the market as a sort of black swan risk that is extremely difficult to reason about or handle, leading to things being generally unstable. That is one reason why I find spin-off claims to be preferable. Once the claim date is passed, the claims are frozen, the state of the old coin no longer matters, and claims are not perishable.

The possibility remains that people would prefer the old coin, since the only actual transition process is that the value of the old coin declines and the new coin increases (other than that, people are free to continue to use the old one if they prefer), but in a situation where ongoing development is occurring, presumably people would strongly prefer the new-and-improved version (or if not, is it really improved?)

Claims can be made against a new coin with another ICO, but the added dilution adds to the risk that the market will reject it. Such is the nature of true decentralization. You can't simply corral people to the new coin if you don't deliver enough value. (This may also weaken confidence if there isn't a strong social contract, since people have no idea how much they will be diluted in future versions, nor how many times.)


The "other user" was probably cypherdoc himself. He certainly didn't understand the technical details and probably not really the financial/economic details either, but he still had a very good intuition that there is more complexity and risk to this story than just "Two way peg. Full stop."

I am trying to feed it piece by piece. Town is a CK Corporate Character with the rule-making authority. VOD is an ingame item. XMR is not a CK concept (I used it incorrectly on purpose), but ingame money can be had if an XMR deposit to an audited depository is made. "burning" "XMR" in my text really means spending ingame money, except in IC where it means burning ingame items. XMR cannot be officially burned, but can be sent to a "burn address".

Actually you could have it in the protocol of the old coin that any coin it can be burned to (perhaps has to be registered in the old coin's block chain) can burn the coin for the old coin. But this requires a different sort of block chain consensus algorithm that doesn't assume it has all the data at every mining node all the time. This is close to describing my radical design for a block chain.

And if the old coin disrespects its own protocol, then one assumes the market will highly devalue it as dysfunctional.


But this has another risk which is the expiration on the demonstration of relative interest in the new coin, although that can also be signaled ongoing by relative market prices. Timing risks include a bug found in the new coin or some FUD campaign that needs time to be discredited that needs to be fixed first and people delay burning.

Yet I agree that while the period of burning is open, it complicates calculations of future value because the future coin supply is variable. It seems the best balance is probably some multi-month period, perhaps even up to a year.

Other risks during that longer period?


It is complex though. The coin supply of the old coin is decreasing, so some might view it as gaining value, yet if mining declines too much some might view it as becoming more in danger of failing to function. To lower risks in burning, merge mining both the old and new is how I would code the upgrade which also facilitates the redesign of the block chain consensus I alluded to.


I agree the additional unpredictable dilution causes discord in the social contract and confusion. Risk is a countervailing force to adoption.

I and many others also tried, but Risto was the one who actually made it work somewhat even if I am remember getting the Post Office of Finland to have some of his silver units (or was that physical silver dimes) available for purchase.

Then Bitcoin came and opened our eyes...(and it opened your eyes before mine Risto, which is one reason why you are a millionaire and I am not)

But Risto I am not sure if you have totally made the transition to decentralized. You still write of audited depositories in your CK.

Maybe you should open your eyes to Aeon.

No, in a spin-off system the coin supply in the old system is not decreasing. People keep both their new and old coins, but as an obsolete system with a clearly-superior replacement, the old coin should become worthless or at least nearly worthless. This removes both the negative feedback that discourages upgrading and also the instability of burning being an irreversible (and potentially in the case of catastrophic failure, perishable) process.

You can't really enforce merge mining in a decentralized system. You are thinking in terms of being the developer "in charge" of what code people run and how to manage an upgrade process, instead of a developer who releases an upgrade people might choose to adopt because it is better.

I'm not even saying this is a good way to do development, but if you really want a fully decentralized system where you are not controlling anything, that's how you have to approach it.

EDIT: Also, by claim date having passed in my previous post I'm referring to the ex date on the old chain. Claims are frozen but can be claimed on the new chain for a very long time, potentially forever (any successor spin-off chain should also respect predecessor chain claims directly, ideally, though in practice that may not matter all that much). So there are no issues of potentially missing out or preferring to wait, both of which potentially give rise to instability. It just happens without any active participation being needed and old coin owners can pick up their new coins at their convenience.

CK is young and needs to "borrow legitimacy" from a project 6 months older: Monero.

In practice, we designed it such that XMR is the link to the a-bit-less-virtual-world. Audited depositories are needed to ensure that all CK money exists in the blockchain and can be withdrawn if required. It is a kind-of two-way peg.

Only about 5-10% by value of assets owned by characters are money, but I still feel it is important to have the money link there.

If we wanted to pay out all XMR and issue ingame fiat instead (like every other game is doing), I believe we would do as well as every other game. But the intention is to do better.

Jason Hommel's theological research (http://web.archive.org/web/20081204123706/http://www.silverstockreport.com/revised/rev1718(revised).html) should be linked to in the above context.

If it makes you feel any better, you probably still would not have been a millionaire since you'd likely have sold all or most coins on a spike up that doubles the price.  Afterwards, like everyone else, you probably would have gotten the urge to buy some mining gear that arrives at your house in a bunch of broken pieces, or not at all.  Mining has been good to me, but there's plenty of times where I would have made far more by just buying coins.  Ironically, I think even the great Gmaxwell lost 100 BTC from a failure to deliver miner.

Oh I don't feel bad about that. I honestly feel joy for rpietila and I feel joy for myself for all the opportunities I have in front of me. I've been a millionaire (inflation-adjusted) in 2001 and I've been so poor (in 1990s) that I couldn't afford to buy meat. I just want to make sure I still have enough funds so I can continue enjoying the excitement and wonder of creating and maybe getting back to wealthy again if that is what is meant for me. Actually creating and enjoying life (and not being sick!) is the most important priority for me. Money is just a means to that end and some things I want to do money can't buy (e.g. the knowledge to create).

I've felt more joy for Risto when he started being open minded to investing in high risk altcoins and he stopped being surety for newbie investors. That period was difficult for me and I was thinking today that I let a lot of frustration fly at Monero because I perceived it as being too closed off and too limited by a few rich guys who copied Cryptonote and mined it out themselves. I felt it was not open to competition and thus I felt stifled by the concept. In any case, I like the idea of burning to upgrades, because anyone can compete to provide the upgraded fork. The free market is more in control. If is way for me to participate and compete for my creative value in the free market, then I am happy.

And I realize some of my assumptions early on about Monero may have been entirely wrong or exaggerated. I didn't write that to open a hornet's nest but simply to explain what was going on in my head at the time.

Edit: I also realize it isn't my place to dictate to any one what they do. Any way, I was just writing about what I felt at the time, not that being a valid justification to criticize any one publicly. The best way to make a statement is to compete with actions and not unkind words. Sometimes easier said than done.

As Risto said, we've all been learning. When I first came to these forums in 2013, I posted Bitcoin : The Digital Kill Switch (https://bitcointalk.org/index.php?topic=160612.0). My attitude was that crypto currency was the coming 666 or NWO system. So coming in I had an attitude that I would be up against entrenched interests who would be in support of the Great Harlot or World Government (religious or non-religious interpretation). This is why I inherently didn't trust Gmaxwell for example and I questioned everything even those things I didn't understand well yet, such as ECC. Later as I observed Gmaxwell create CT and fight against mining centralization, my view towards him became much more open and favorable. This has been a process for me, just as it has been for all of you. Also I had some very turbulent stuff going on in my life during this period of 2012 - 2015 which complicated the task of keeping a level-headed, well researched, well rested, open mind. We do what we can do. We are just human.

Crypto is mostly open source and you have plenty of contributions still inside you. The trick is figuring out a way to contribute and see much of the upside to your work.

Payment for services is certainly good for cashflow, but the risk is on the person making the payment, so they would expect the upside on their consulting investment to be many, many times greater than their cost.

So, you are giving away large upside, in return for short-term reward. Strikes me as a poor trade-off for someone with your skills, but paying the rent sometimes means you have to give up stuff cheaply.

Perhaps you can sell your invention, or possibly use it elsewhere, and then, with immediate financial needs met, you can find some other venture to create your own massive upside.

edits for typo

I don't in detail the protocols of your system. I would just think if at all possible it is best to have the protocols run decentralized, so there is no controlling entity at all.

I am not stating you shouldn't leverage an existing crypto currency rather than rolling your own. Maybe Monero doesn't have the block chain scripting features you need in order to decentralize your protocol? In any case, I am probably not the person to talk to about this but rather your users, devs, and Monero devs I suppose.

My only point was to emphasize that I prefer decentralized protocols where there isn't any controlling entity at all, if at all possible. I assume many others have the same preference, since its seems to be one of the fundamental tenets of decentralized currency.

We both started making world a better place before decentralized ledger was even invented! CK is not religiously attached to a new and largely unproven system, yet some of its core components are (eg. Monero is a cryptocurrency).

I wrote "burn" so burning to the new coin, meaning the old coin is burned. If spin-off was proposed to perform as you say, then it is not the same as what I was thinking and writing about.

If the old coin will be worthless or nearly so, then negative feedback and instability issues remain. And I don't like the idea of doubling the money supply every time you upgrade, because people will continue to spend and use their old version coins, so I think we will find they will retain value and ecosystem. It seems antithetical to a meritocracy to create such doublings of the money supply on the whim of every dev that wants to offer an upgrade. We could have 10 upgrades going on simultaneously. The only rational system seems to be the one where investors have to make a choice and express their choice. Otherwise there is no choice, they just avail of all the 10 upgrades at once and endure the lingering uncertainty as it takes a longer to determine which fork has the market support (since voting by burning was not enabled).

The altenative is just create a new coin for the upgrade and let anyone trade for it on the decentralized exchange, but then the developers will need to dump these old version coins into the market thus accelerating its price decline, thus creating a stampede into the new coin, which seems it will raise apprehension towards upgrades and fragment the social contract. Whereas, by burning the old coins, the money supply of the old coins drops to compensate for its loss of participants, so that scarcity increases. This should moderate the price drop on the old version, since after all it can be burned to a new version coin at any time. However it does seem there should be some time penalty on delaying to burn. So maybe it is better to give slightly more in conversion for those who burn earlier and slightly less to those that burn later. Something to think about.


Incorrect if you consider the possible designs that might be different than what we have now. I wrote that if the old coin has a protocol, then respecting that protocol is fundamental to consensus. So if you define the protocol (with a correct game theory) such that miners are enforced to merge mine any registered burn to targets that meet certain minimum requirements such as minimum % of burn to avoid DoS attack on the feature (administered decentralized), then what I wrote works decentralized.

When I say I have some other magic up my sleeve, it seems people do not believe me. That is fine. There will be a time to reveal all.


Yup fully decentralized but don't conflate that with not being able to design protocols that self-organize the future.


The concept that not having to vote in the market and being able to play all options at no cost, is the epitome of instability, because it is obfuscation. Transparency is required for stable markets. Delaying the market adjustments only exacerbates the lack of fitness because of the obfuscation. As I am sure you would notice too, that is analogously what is happening now with the kick-the-can politics and financial gimicks (QE and no mark-to-market). To state something I am sure you are aware of, the lack of fitness is in the misallocation that debt causes by distorting the signals of where the true market value is, and ditto not knowing which financial institutions are really bankrupt and when they will default.

Okay I posted my math proof that Shen's paper is broken:

https://www.reddit.com/r/Monero/comments/3oi16k/ring_ct_for_monero_a_work_in_progress_comments/cw3xr6t?context=3

For the context:

https://www.reddit.com/r/Monero/comments/3oi16k/ring_ct_for_monero_a_work_in_progress_comments/cw3f955?context=3

I will await his reply. It is possible I am missing something, but it sure seems straightforward to my eyes that he hasn't linked the Ij to Im where 0 < j < m.

This was my point at very start in the first post at the second link above. The advantage now is I have been able to articulate symbolically within the symbolism of his paper.

You got your reply :p

https://www.reddit.com/r/Monero/comments/3oi16k/ring_ct_for_monero_a_work_in_progress_comments/cw5h9s0

You are so smug. Hold on.

I am smug for posting a reddit link?

Oh boy, grow up.

For the :p when taken together with your attitude displayed up thread and the nature of the link on your signature as I quoted. And now you play more such political ego games. How about just being mutually respectful? That is what I wish grownups would do.

The "oh boy" is more of trying to paint my logical reply as if I am thin skinned. Don't worry I can handle the shit slinging. I was just pointing out that we could be nice instead.

Grownups don´t brag that they broke something without waiting for an answer multiple times.
How about just being mutually respectful?


I don´t play political games, i simply dislike you and your attidude.

Obviously which I can always detect when someone doesn't like me. And apparently you didn't read:


Btw, I am sure it is broken, unless I am missing something very much non-obvious to me. It appears he hasn't thought through the implications of the fact that you can't reference the outputs and the inputs in separate LWW signatures unless you link them externally, but then you've linked them publicly so there is no point in having a ring.

He seems to think that he has linked them somehow anonymously in the MG sig and we are trying to explain to each other our views on that, so we can determine which one of us is correct. But I already pretty confident which of us is correct.

I think you fail to respect that I feel I already have a fully written solution and not adding sections as we discuss. He was very much not ready to publish this and has apparently not combed back over the logic after writing the full paper. I have the advantage of having tried various designs and thrown them away because I broke them.

Now again I may be missing some key point about the MG sigs, so I am still trying to determine what this magic might be that I don't see yet.

This thread is about to require some popcorn.

In the case of burn, as you indicated in your previous message, the money supply of the old coin is shrinking at the same time the network value is shrinking. Thus old coin price P=T/M where T is the value of the old network and M is the money supply of the old network. As people migrate (burn) you have T and M both approaching zero (but not necessarily at the same or even a constant rate) and P is not well formed and highly unstable as M shrinks. (Even cypherdoc understood this!) By contrast, in the case of a spin-off that obsoletes the old network, you simply have P=T/M where T approaches zero and M is fixed, so this expression is well formed, and P is simply a clear measure of value where the market will naturally absorb speculative fluctuations between old and new, allowing stability and transparency.


This is an illusion. Prior to the spin-off (in fact prior to it even being conceived!) the future coins are embedded the old coins. But after the spin off it is not. You can even imagine a analogy of an metal coin being physically cut in two. Each of "old (post)" and "new" represent "half" of "old (pre)", and you can't make an equivalence between old (post spin-off) for old (pre spin-off), since it is physically a smaller asset. So there is no doubling of money supply, only a reconfiguration, as with taking one ounce gold coins and splitting them each into two half-ounce coins.


To the contrary. It is that people may continue to use the old coin without creating an instability that would in turn both (at different times) encourage and discourage switching that makes this more of a (stable) meritocracy than burning. People simply choose how they value the old and new networks. If the value stays with the old, then the developer has not done a very good job of making "upgrades" that other people actually perceive as such!

Another way to see this is to consider that a two-way peg is also a meritocracy in the sense there is no asymmetry that might serve to influence users to structurally prefer one side of the peg or the other. But since you are not proposing a two-way peg then it is clear there must be an asymmetry.


Investors express their choice in the spin-off model in the value they decide to attach to each of the new assets (as above, the original version of the "old" coin simply ceases to exist). If you do not allow this (because you want to force users to choose) then you are introducing an irreversible choice which has a value that is non-linear, complex and very likely unstable.


Can you actually prove this takes longer? I don't think so. I actually kind of suspect the opposite (but can't prove that either).


This does not retain value for the old coin, thus you lose confidence. Why should I buy your new coin when you just destroyed the value of your old one? With the spin-off model, value and confidence are retained for existing investors. It is simply an upgrade with no reset of distribution (again assuming it is actually an upgrade!).


Now I think you are recognizing that the burn model can actually discourage upgrading and you are trying to "fix" that by creating a time penalty. But, again, you are trying to force an outcome instead of letting people freely choose the "upgrade". If people resist burning that tells you something about your so-called upgrade. You don't need to corral them by creating a time penalty.


Of course people vote in the market! That's what people do every time they make a trade of anything. They are voting that what they buy is more valuable than what they sell.

The problem is that when you embed the options, you create non-linear valuation and instability. The spin-off model removes the optionality from being internal to the coin value by making access to the new network unconditional and non-perishable. People still of course have the option (i.e. vote) whether to use the new network or not. In fact that is essential to giving it a value at all.

It is okay that we disagree on this point for now, but I'm reasonably confident that after you think about this some more you will eventually recognize that the embedded option is the source of instability, rather than allowing uncoupled market prices to naturally absorb differences in demand. Indeed you are attempting to use the instability to force, or at least encourage, investors to upgrade, thus behaving in a way other than meritocracy.

Pop it fast, the suspense is almost over I think. I doubt there will be any sincere public apologies coming from gmaxwell and othe.

Betting on reputations doesn't always work out, especially when they've doggedly disrespected the accomplishments of another person because they were done 15 years ago and they weren't math (well actually I programmed some math and physics in my development role for Art-O-Matic and for Corel Painter, but that wasn't cryptography).

@TPTB_need_war. Othe was simply providing you with some information in the first place, that :p didn't strike me as offensive in any way. Also, the fact that he doesn't like you and doesn't like your attitude doesn't imply you two can't have a civil discussion and mutual respect like he stated. FWIW: I am sincerely appreciating your peer review and hope you can continue the discussion with Shen.

How does an equation with two variables become not well formed? And what is the mathematical definition "well formed" in this context? I only know of well-formed as it applies to syntactical errors in a grammar.

If M ever reaches 0, then P doesn't exist because there are no coins on ask.

I fail to see how two variables changing affects the user's interpretation in some catastrophically different way. The user is tracking the percentage of burned coins and the market price, and forming a decision thereof. How is this qualitatively horrific as compared to tracking the price only?

We can reframe your equation to make my point more clear. T = PM. If we hold M constant as you suggest, then the coin network value is still changing via P. If we allow M to vary the coin network value is changing. Whether users sell their coins or burn them, an exodus is going to have the same effect on T. The only difference is whether all the effect must be expressed in P or if it can be expressed in both P and M (and more so in M because of arbitrage on price due to burning).

Citing cypherdoc isn't going to make your argument compelling to me.  :)


A stock split is not an increase in the money supply if the price goes down on both coins equally and all users hold their same distributions on both coins. But since you argue one of the networks may be more valuable to some users, then those who don't act to protect themselves could see a disproportionate decrease in their total wealth. And the protection strategy is not any less complex than burning. They must still decide when to trade one coin for the other.

You are making the error of equating a gross aggregate such as M, with the distribution of the holdings of M. Many economists make this false assumption.

It is a doubling of the money supply in the sense that unless the new coin expands the demand then the demand is split between two networks of total supply that is doubled. If the users had to do nothing to retain equivalent value, then we could say it is a stock split. But due to the units not being fungible, it is not a stock split and rather a complex game theory of debasement that the users have to expend effort on. Forcing users to expend effort is debasement of their value.

With a burn, the supply remains constant. That doesn't reduce the complexity of the decision, but at least it doesn't give the public perception that the coin supply is growing like crazy.

And most importantly it impacts more information, because rather than the lazy action of just HODLing both, users make their move to be in one coin or the other and not straddling the fence. Given a complex decision that has no clear answer, users tend to do nothing. Thus they would likely not sell either coin. However given the decision of losing their chance to convert to the new coin, they will likely do some research and decide whether the new coin has good features that everyone wants and if yes then convert.

So the burning is more informational about what matters, which is user appraisal of value of the upgrade.


No one will chose not to avail of their ownership of coins in both fucks. Very little market information is impart by giving away for free what is not free. Some might sell their coins in one of the forks trying to drive it away, but the rational game theory is to hold the coins in both networks for appreciation. There is no pressure on either coin's value. Which ever coin grows network value and appreciates faster, is likely to the be one sold first (based on the rational investor selling some on each rake...remember rpietila's teaching about rake).


I want users to impart their preference. I don't want to obscure it.

Allowing people to decide when to make their move, is somewhat balanced because they will wait to see what others do, which penalizes the new coin (which is why I suggested offering a slight incentive for coming over early), because they can't come back with a peg (only by exchange value).


Holding M constant doesn't make the equation linear. That equation doesn't exist in a vacuum. The inputs to price P are non-linear. For one thing the wealth effect is non-linear.

Investors don't think in terms of complex valuations of non-linear systems. It really boils down to do you want them to hold both coins selling the one that appreciates faster (your model) or do you want them to impart their preference sooner (my model).

If you delay (or remove entirely!) imparting that information, you retard the development of the ecosystem. As I said, the difference is analogous to kicking-the-can a.k.a. not marking-to-market.


Yes based on human psychology. People avoid complex decisions. K.I.S.S. The rationally easiest thing to do in your model is HODL both and sell the one that either appreciates the most or is losing value precipitously. Since most are HODLing both, then information propagation is much delayed and skewed by the manic choice of responding to sell only at extremes.


Exactly. That was my point too. It creates discord in the community.


You aren't factoring the psychological choice you've put on the user to make. I argue that the default mode in your model is apathy and then action on manic extremes. I argue that my model encourages research and proaction. I prefer the latter as being a more informed, proactive community.


I set incentives to encourage informational proaction earlier instead of apathy and kicking-the-can to non-informational, manic, mass stampedes.

You want to encourage the users to do nothing. No research. Kick the can. Delay. Wait for price manias to force their hand.


Why do socialists always prefer a little short-term stability at the cost of manic, mass stampedes later.

Do not give away for free what is not free.

Do not pretend fungibility for that which is not fungible.

Hard forks are stressful. There is no way to get around that. Thus upgrades will likely need to be very compelling. And they should be. Otherwise don't bother. Many other things to work on in software.

As much as possible try to design the block chain to accommodate extension and change without a change to protocol.

Okay we have resolution!

Shen's white paper is a viable solution, but as far as I can see it has some significant downsides compared to my solution:

https://www.reddit.com/r/Monero/comments/3oi16k/ring_ct_for_monero_a_work_in_progress_comments/cw5h9s0

Quantification, confirmation, and elaboration will come with more work spent on writing down and not just roughing in my head.

Sorry I mistyped. I meant well-defined in the sense of having a well-defined value or behavior as M approaches zero (which after all is the intent of al this). The point being that reducing both M and T at the same time inherently results in potentially wild price swings and instability, which do not exist if M is left constant.

Also, on the matter of burning being more informational, that can very well contribute to the problems. Game theory is complex and withholding information can have value, so if you force people to reveal information you may discourage them from taking the action (until a cascade or other instability requires them to do so). That is not really the intended outcome here but in game theory analysis, intent doesn't matter, outcomes do.

I'm not going to address the other points individually because I've stated my perspective, and I'm reasonably confident it is more correct (though may err in small areas as my effort to analyze this in precise detail has been limited). I also feel you will understand the issues in time, as you have (somewhat) on the question of sidechains. Thus there is no need to debate point by point. (You will note by the way that I likewise did not extensively debate point-by-point on sidechains and simply let you and others figure out over time what I had recognized earlier.)


In fact this is precisely what burning does. Spin offs do not create manic stampedes. So again we agree the goals but disagree on the analysis of various mechanisms. I'm content to leave it at that.

Also, in the case of a well-executed upgrade, the market will simply assign nearly all the value to the new coin virtually immediately. There is nothing for anyone to do really, other than claim their new coins (or have this done automatically by a wallet) and use them. The old coins will still exit, but become essentially irrelevant. People may wish to sell their old coins for a little bit of extra income, but keeping them as a low-value hedge is also okay to do (again much of this can be automated by wallets). Likewise in a well-executed upgrade everyone will probably just burn right away (though maybe not, as even small risks may encourage waiting, and it is impossible to hedge by holding on to your nearly-worthless old coins as in the other method).

The complex issues only occur with a poorly-executed upgrade, and that is exactly where you need the pricing mechanism of markets to dampen instabilities. In fact someone else on cypherdoc's thread reinvented the same mechanism to deal with the contentious hard fork debate (a block size increase being "a poorly executed upgrade" in my terminology because people disagree about whether it is even an upgrade at all), and he is absolutely correct that there is no other decentralized mechanism for deciding the outcome other than a market, so it is best to recognize that and design it to be orderly. So speculators will need to trade according to the best available information and users can either trade or not at their discretion (assuming prices are efficient it does't really matter what they do).

So if the developer never miscalculates or makes a mistake in strategy or implementation, then this distinction likely doesn't even matter. But misjudgments, and political disagreements are always a possibility, so I think it may matter in practice.

So now I am asking all those who voted for donating, to please consider changing your vote to "I will not donate" since you can use Shen's solution which is already published.

However, consider that mine may be more efficient and may enable features which Shen's can't do. I mentioned some examples of features I think Shen's can't do at the Reddit post linked in my prior post here. I assume he will reply there and confirm or deny those trade-offs in his design.

I ask you to reconsider your votes, because I need to gauge how much interest there still is in my white paper. Because I need to determine how best to proceed.

Since Monero's cryptographer Shen has produced that solution, then I assume he can implement it in Monero, so they probably don't need me for implementation. The only question is whether they want my design's potential advantages over Shen's. I think if you are talking about being the best anonymous coin, then you want to have the best anonymity and $21k is nothing compared to a $millions market cap.

Then again Monero can just wait until mine is published as open source eventually. This is for you all to gauge your appraisal of "first mover" advantage and whether you think what I have might have advantages that are worth spending some bucks.

The past day as we've been discussing the crowdfunding option, I have become more interested in doing my own coin, because my coin plans are primarily focused on solving the block chain scaling and real-time microtransactions. The anonymity was secondary in my priorities. So I am okay with keeping my anonymity paper for my own coin. It gives me something else unique over all the other anonymous coins.

I am also willing to talk to any other coin about giving them "first mover" on my anonymity algorithm, but again I can't work for peanuts (few $1000s). I'd rather spend my effort on something that can pay reasonably well. So I think crowdfunding my own coin may be the only way to earn what I feel I am worth.

I will await for feedback.

There is no wild swing likely because of arbitrage. Someone will be willing to pay below unity relative pricing to burn the coin.  After burning deadline, M is constant.

Whereas, if you leave users to apathy, they will only act during wild price swings and thus make them much more wild stampedes.

Hopefully you can see now I am correct?

Arbitrage is essential. It is lost in spin-offs that are not burns.


Hmmm they have a deadline to burn so their choices are to do research and choose the better fork, to wait until the deadline to see how many others burned, or to not burn and pay market exchange rate any time after burn deadline. None of that seems to be an issue in any possible scenario, except that there is going to be some loss of money supply because not everyone will burn by the deadline. But you've got ongoing debasement to pay mining to compensate for diminishing money supply due to upgrades.

I really can't see how this mark-to-market adds any risks that aren't just obscured otherwise. Marking markets to actual value sooner enables faster annealing of fitness. Allowing QE to kick-the-can causes stagnation and the entire coin ecosystem (both coins) is in a state of limbo longer.

If only a few coins are burned, then it means the upgrade isn't compelling so it may die. I mean for example if the upgrade adds anonymity and the only way you can use it is to burn, and very few burn in the months to deadline, then we know anonymity isn't that important to most users. But the developer will know this during his crowdfunding and thus never end up starting (or completing) the upgrade. The large crowdfunding commitment will help nearly insure the upgrade will garnish enough burns to be viable.

As the old coin gets mostly burned out before the deadline, it will also likely get totally burned out.

However, there is one factor which are those people who don't burn because they are not aware, on vacation, or not very tech savvy. But probably services such as Coinbase, will be making that decision for them. Not that I like that, but that is reality.


I have not changed my opinion that if the technical aspects of side-chains can be perfected, then arbitrage of side-chains can maintain the peg within a reasonable tolerance. But that required numerous improvements to coin tech, including eliminating orphaned chains and 51% attacks. Remember I have a novel block chain design that I claim does that. So side-chains may still be viable, but probably not with the tech Blockstream has available today. So my issue with side-chains is the complexity that has to be hurdled before they are viable (if ever) and the fact that crypto land will likely have already sorted out better solutions before that. So it is not really a rejection of my original analysis that arbitrage can work (within some tolerance band), but more a realism about timing, complexity, and that markets tend to find a K.I.S.S. solution before the complex solutions ever get entirely sorted. In short, complexity is a killer.

Complexity is the reason I don't like your open-ended spin-off. Giving everyone free coins creates no momentum in the market. Just adds and delays confusion. Why would anyone invest in the crowdfund, if they will get free coins instead by not investing. And without a crowdfund, how will the developer get paid? If the developer mints some new coins for himself, so each upgrade not only doubles the money supply, but adds more for the developer. But then the developer has not guaranteed income for doing the work. The really attractive aspect of the crowdfund model is the developer knows what he is being paid in advance. And the users know what features they are getting else they are refunded.

It requires movement of capital to start a trend. You propose to encourage people to delay any move.


Well I am seriously considering crowdfunding and the burn model needs to be precoded into the first version of the coin, so if you have any convincing arguments, I'd sure like to read them. Do you feel I don't appreciate just because I am not yet agreeing.


How so? Did you forget arbitrage? Spin offs delay manic stampedes, because users have no incentive to converge on a trend intellectually (research on the upgrade) until they are forced to by something that freaks them out, such as the price dropping or rising really fast on one of the coins.

Well that was 100% of what was being debated on cypherdoc's thread. Not to say I told you so, but the fact is I have a better-developed understanding and refined intuition on these matters than most, likely a consequence of other background I have, but is not disclosed to my crypto pseudonym.

If there are other technologies that exist later, we can discuss them later.


No.

Remember (see above) arbitrage was the same argument being made with side chains. It works in orderly markets, but doesn't defeat unsoundness.

I encourage you to go reread my comments there. I admitted the same at that time. You are not telling me something I didn't state then. You apparently just choose to read it as me disagreeing. I conditioned my support on side-chains to needing my improvements for block chain. I specifically said that in cypherdoc's thread.

I suppose what has changed now is that I have become more realistic about how long it has taken me to get my designs out into the market. And because of that and as I have tried to figure out ways to accelerate coding, I realize that attaining perfection in the first version on every aspect is not the right goal. The right goal is hit the sweet spot K.I.S.S. asap. I removed my tech hat and put on my VP marketing and CFO hat.


You are rightfully concerned what happens to the stragglers who are still in the old coin as M becomes small. Some may miss the deadline and be stuck with a coin that no one wants to buy thus the market exchange rate has destroyed the value they had.

This can be solved by having an "auto-burn if X% burn" setting on each coin UXTO, perhaps set to a default of say 75%, and so even people on vacation won't miss out.

It is entirely in the community's interest to have compelling upgrades and for those upgrades to go smoothly and complete 100% as soon as the consensus to do so has been attained.

To have lingering two forks of the same basic coin tech in the market is very dilutive to the ecosystem and market momentum.

You tell me you know best about distribution but with its widely touted "fair distribution" did Monero ever raise hell in the market yet like DogeCoin, BitSharesX, and Ripple did? It has been real stable though, so perhaps that meets your design goal.

Think out the various options for organizing and funding upgrades. I think you will clearly see I am correct. Perhaps I will enumerate these after I eat breakfast (again another night with no sleep).

That is not the only concern no. But the existance of that concern points to others.

And remember your own comments about avoiding complexity. Your response to this or that issue here is to add another patch (time penalty, autoburn, etc. etc.). Likely an indication of being on the wrong track. This is common in crypto.

I don't claim that the spin off method has no negatives, but I think the others are worse, for reasons that get to the heart of why crypto exists in the first place. It is okay that you disagree, though. Different approaches make for experimentation and learning.


I don't recall that. If I did I retract it. I don't know what is best about distribution.


I'm not sure what you are getting at here at all. All four of these seem to have peaked early and gone into a long slump. Ripple had a second pump but still ended up with another big decline and slump. Dogecoin had pretty much the same distribution method as Monero as far as I know, though maybe a bit faster (don't know the details).

What distinction are you trying to make here?

I suggest you create a coin with no features. Blandness has its virtues.

Again the point is upgrades need to fund developers and go smoothly. You have not offered a solution to those two objectives. You instead propose to set the ecosystem into Rigor mortis.


Upgrades shouldn't exist then. Because you are thinking that crypto is about not having to trust.

Let's create the perfect coin and declare it final.

Let's eliminate market moves and declare the business cycle dead.

Sound anything like socialism's aims for nirvana?


We are discussing the distribution of upgrades.


And that is why crypto exists. For speculators.

And for users, they need upgrades, because they have to use this stuff.


Market moves are part of how we bring our new features to users. Speculators want market moves. Users want features. Developers need funding.

I'll tie it all together in another post after I eat.

I understand that you want someone to pay you to develop. I hope that works out.

I'm deeply skeptical of coins intended to function as currency also serving as a funding vehicle. I don't rule it out but so far every effort has not gone terribly well. Maybe there are exceptions but they are hard to find.

I think Sia has probably the most promising model now (separate the coin from the project funding with a second token backed by a dedicated revenue stream), but that's still a work in progress so we'll see.


No.

Hello,
I am Nicholas.
I've sent you a couple of messages, but i understand you are busy.
I have some $ coming in a couple of weeks and like to invest.
I also have a killer name (in pm).
Please reply at a suitable time.
Thank you.

PS. Have you considered adding a charity function to your coin? I like the idea of a coin that has either an optional donation function, or better yet, a small percentage of mining fees go to charity. Just n idea..

Feedback:-

As an investor I wouldn't invest in a one-man show. It's too risky and I've been burned before. A single ego is a liability and so many things can go wrong. Personality flaws can destroy projects if the personality is the only thing holding it up. So the more talented people on the team the better.

If you were to crowdfund a project I'd want to know how many people were on the team, who they were, and what degree of notoriety they had in respect of their credibility.

smooth I will reply after I sleep. I am very sleepy after eating.

cryptodromeda, I think that is very valid line of thinking for those who like smaller ROI. But remember this, it isn't always true that the largest team wins. And the more mouths to feed, the larger the crowdfund, thus the larger the initial market cap and the lower the potential upside. And larger teams may bicker more and waste more time and money. Google "The Mythical Man Month" to learn why larger teams are worse.

And most of all, remember the victors go to those who bet correctly, with the most discernment. The greatest gains for speculators on altcoins have come from the coins created by one or two guys, e.g. DogeCoin, Litecoin, BitsharesX. Maybe because creativity doesn't come from large teams, but rather from individuals. Perhaps you invested in Ethereum and Monero with their large teams and are sitting on 10 bagger gains?

Something didn't compute.

iamnicholas, I will catch up on private msgs soon. Wearing too many hats.

Need to find out asap.

Only Dogecoin and Bitcoin were designed to function as a currency. All the others have been designed for other things and mostly for speculation use only.

But why are you skeptical when some have raised a lot of money. And some coins have had huge gains from their launch price.

Funding the initial coin has proven to be viable for those with interesting new ideas, solid implementation, and good marketing skills.

What I am skeptical of is whether there is a way to fund upgrades. The spin-off gives nothing to the developer unless debasement is added to the new coin or the developer just takes a cut of every coin. The crowdfund gives nothing to the developer unless it gives a high rate of coins for earlier birds than latter burns, with the developer taking a cut (which is perhaps more masked by the non-expectation of a unity conversion).

Also looking at it from the speculator and user's mindset, they are most motivated to switch if they can buy low and sell high. Or if they can get parity but with more features and the ecosystem switches over (do no dilution of the ecosystem).

Perhaps the best way to do an upgrade is crowdfund a new coin and let the others trade for it after launch. It is terribly disconcerting for HODLers because the value of their holdings can be changed by the decision of when to trade. But this rewards speculators, incentivizes developers, and users get the major features they want. And it is likely to limit upgrades to those features which are worth the tumult.

For refinements, probably a donation model is all that will work.


If the protocol is open to all to use and they don't have controlling entity status, then the profit margins should be driven towards 0 by competition unless control can be centralized. So any sort of revenue model seems to be the antithesis of decentralized, uncontrolled, and legal under securities law.

Excuse the poor quality of the last 3 posts. I am droopy eyes. Zzzzz.

What I meant earlier by "not have to trust" is that no one controls the protocol, so it would live on indefinitely as decentralized for as long as there remain coins and demand/use for them.

Maybe. But I also remember Wolong's Pandacoin.

While he may be considered a risable individual now, at the time he commanded a strong-enough ego to be taken seriously as an investment - particularly following the rise of Doge.

And look what happened: He threw a hissy-fit, declared something along the lines of "The world doesn't understand my genius!" and therafter purposefully crashed the coin down to 1 satoshi.

So as an investor I'd be paying close attention to your personality flaws.

Was the coin not running live before he got paid?

If the coin was running, why couldn't the community keep it running?

The point is the developer should not be in a position to do that. That is why I mentioned crowdfunding where investors' funds are in escrow and get returned by the trusted escrow agent if the thresholds and deadlines are not met.

Crowdfunding for the first version of a coin seems like a solid idea. Upgrades after that which are troubling me. Trying to think of a good solution for that.

It is open source (I think), so anyone can fork it and compete. In that sense it is similar to Boolberry's mining payments to developer feature, or a premine. Anyone can fork it but if you want to use the original network (i.e. the developer created useful network effects) you are going to pay the developer.

As far as securities law, you would have to ask them. I do know there are some differing opinions (by which I mean actual professionally researched legal opinions) about what sorts of coin structures are legal. I have no idea if they are going that route or just ignoring the law.


That kind of seems to be the case with Boolberry. For a long time the developer was almost entirely absent (and is still mostly absent), yet while no serious technical obstacles exist, there was not really the incentive to fork it to remove the developer mining payments, so he's still getting them, and people continue to demand and use the coin, a little.

Because they have mostly failed as developments, and especially as you say for ongoing development. Huge gains don't constitute success from my perspective if it just means getting a big pump and then engaging in a long march toward zero while interest fades and the original promoters and developers move on to their next big score. Of course the final chapter has not been written on most of these coins, but the outline of the story seems to be the same for all (or at least most) of them.


Perhaps now you understand my support for Monero's model as an inclusive open source project, where there are donations in cash, but most donations are in kind (collaborative development by ecosystem stakeholders). It struggles at first by comparison with ICOs, instamines, etc. but if you care about staying power, it is hard to beat.

It is a proven model that successfully develops core software infrastructure and has many examples of projects that has succeeded for decades (including, for a shorter time so far, Bitcoin, which BTW, entirely dwarfs all the "successful" coin projects you cite). I don't know that there is another applicable model with a similar track record.

After getting some sleep, I came to the realization that Shen's solution is strictly speaking less secure than mine and thus it remains "broken" in terms of strictly fulfilling the unlinkability requirement of the original Cryptonote white paper (see also this explanation (https://bitcointalk.org/index.php?topic=1211093.msg12737422#msg12737422)). All along I knew there was something missing in Shen's design and the result of that is conflating outputs and inputs in the signature. But before now I wasn't able to realize exactly what is "broken" by his design. Now it comes clear to me.

Context:

https://www.reddit.com/r/Monero/comments/3oi16k/ring_ct_for_monero_a_work_in_progress_comments/cw5h9s0

Specific post:

https://www.reddit.com/r/Monero/comments/3oi16k/ring_ct_for_monero_a_work_in_progress_comments/cw67x1d

Yeah I was thinking of the payouts to devs ongoing from mining debasement. All of these parasitic "features" can be removed by a competing forks, e.g. as Monero has apparently done to BBR. I don't dislike BBR's devs and competition, I am just talking about the reality of economics. The world will not agree to pay an ongoing fee that it doesn't have to pay, because the scale of the world is humongous so there is ample capital relative to demand for the technology to remove the ongoing fee from it via a fork. When we are talking about making a technology that can scale out to the world, then the only opportunity to make a profit is either adding services and products to the ecosystem or participating in the ramp up of the value via the adoption of (demand for) the asset.


One can form all the theories they want, but multi-national multiple-jeopardy is inherently rolling the dice on becoming a "convicted criminal".

Also even if one registers the securities (as Ethereum may or may not have done, I didn't check), this still doesn't stop the many nations from bringing civil and criminal cases against you due to varying interpretations of compliance.

Being a "controlling entity" in a widely adopted international security is in my opinion insane. And my father is a high-powered attorney, so hopefully the basic common sense of the way they think has rubbed off on me. You don't sweat the little things because contracts need to be fair, but you sure better sweat the unnecessary introduction of culpability within the scope of ill defined international securities law.

Also long-term investors and HODLers of coins in my view should also not be holding coins which have chosen the route of a "controlling entity" and sold coins or control a revenue stream from the coin (that is not an orthogonal product or service but integral to the control of the coin), which includes BitShares, Ethereum, and others. Sorry I don't want to want to express legal opinions on other coins, but users seem not to be aware or care that the G20 is rapidly getting organized on harmonizing their laws and enforcement and as we slide into the sovereign debt abyss a lot of angst and hunting for money is going to be accelerating. The bankrupted peoples are going to push the governments to be more proactive about going against all forms of illegality that deal in financial activities, since the people will always want to blame their problems on someone else who profited while they didn't.

Although it appears that Monero's core devs and cryptographer(s) are not a controlling entity because they never sold shares and they rely on donations, one could still fathom a legal argument made whereby it is shown the investors in Monero were relying on the capabilities, pronouncements, and activities of this ongoing group. The fact that this consistent core group responded to the BCX incident could be interpreted perhaps that they are a defacto controlling entity on the shares in the coin thus being a defacto company. But this will be much harder to prove, so I am not thinking this is likely.

For me, I'd much rather release a coin that runs on auto-pilot and managed by the community decentralized, and then just take occasional donations to refine any issues. If there are major improvements needed, then we need an upgrade model which is what we've been discussing (thank you).

The question is it possible to create a coin that runs on auto-pilot? Is Bitcoin running on auto-pilot other than bugs the core team fixed and the need to deal with the impending block size scaling issue?


Interesting.

So coins can run on auto-pilot if well developed.

Boolberry is perhaps not able to run ahead of Monero, because it is perceived perhaps that all the features needed for a crypto coin are not done, and that Monero has more people working on it, thus Monero has a better chance of adding the features needed to become a large market cap.

I think if someone creates a totally new block chain tech that scales, that coin can run on auto-pilot and run ahead of many other coins that exist in the Top 10 on coinmarketcap.com

The key is choosing the feature set to focus on first wisely.

Then following that up with another upgrade to address any features not addressed in the first version (because you can't do everything at once and still be fast to market and auto-pilot mode with all major bugs fixed). The remaining issue is how to best do upgrades. My next post will continue on that aspect of our discussion.

Edit: another interesting thing is that if BBR's dev is no longer working on the coin, then even though he is receiving a revenue stream, then he is not really a controlling entity. Hmmm. That is another funding model in the sense that although the world can eventually remove that parasitic fee, if it is insignificant enough to motivate others to do so and for as long as the tech in that coin is more compelling than what the world has created otherwise, then that parasitic fee can sustain and if the dev is not working on that fork any more (after the initial crowdfund and delivery of debugged product), then there is an argument that he was never a controlling entity and only selling a product in exchange for an income and feature in the product.

You are saying Dogecoin and Litecoin are more creative / innovative than Ethereum and Monero?

Successful sustained projects, innovation, and early adopters getting rich are all three are completely different things and they don't have to go hand in hand.  In crypospace I would say they have never gone hand in hand outside of bitcoin.

The devs of Monero seem to be more interested in capitalizing on the first priority I mentioned at the expense of the latter two.  Ethereum - on the second and third priority (although replace early adopters with "Foundation Members").  Dogecoin and Litecoin defiantly have primarily the third priority.

If your primary motivation is raising $25,000 I would heavily suggest doing a presale and launching an imperfect coin.  That's 100 bitcoins - way more has been raised for way less.  If the first project dies (hell you can even plan on it dying and still be less of a scam than 90% of the projects around here), then integrate your tech into Monero or Darkcoin or whatever you perceive the leading privacy coin is with best chance at mass adoption.

You get your health issue fixed, early adopters double their money dumping on the heads of noobs, you have the energy to move your tech into a legit project.  I'm not interested in investing but I am interested in coming up with some type of solution that drives innovation forward.

I am observing that for those speculators who were buying/mining coins at the IPO, the flexibility, nimbleness, K.I.S.S., and low overhead of small development teams has trumped the large teams thus far in terms of payoff for the early adopters. Bitcoin was developed by one entity "Satoshi Nakamoto" (if he was one person or not we don't know).

As for innovation, all those were innovative at least is some facet (e.g. marketing for Dogecoin, and Scrypt hash mining for Litecoin), including Ethereum and Cryptonote, but Ethereum's inability to master all the technical details (and mired for months in expanding complexity of research) combined with their very bloated IPO valuation, in my and others' opinion makes it very unlikely most early adopters will see very large ROI. Monero in my opinion suffers from lack of momentum, because Cryptonote is not a technically complete solution to using something as a currency nor even complete for anonymity even though they tried by integrating I2P and now Shen's anonymity improvement coming (and noting anonymity being a smaller subset of the feature of being a currency as r0ach and Fuserleer pointed out). Anonymity is very difficult to complete and perfect (maybe impossible, but certainly a huge task relative to the fewer number of people who realize they really, really need that feature). I am not giving up on anonymity and I'd still like the best it can be, but I have to put my marketing hat on make priorities. What is odd for Monero is the first listing for market cap is $2 million and the highest is $6 million. Was there no way to trade XMR during the earliest days of mining so we can know the price of attaining it at its earliest adopter juncture? Monero had a very fast mining curve, so those who mined at the very start would have gotten more coins more cheaply than those mined by the time exchanges for it were ready. It appears the only way to have gotten rich speculating in Monero thus far was to have mined it very, very early. Hmmm. What does that potentially say about those devs who claim to have lost money on Monero? Where they not able to obtain Monero very cheaply in the early weeks of mining? Did they not sell the coins at much higher prices? I have not done the forensic research.

http://coinmarketcap.com/currencies/monero/

Compare to Dash (DarkCoin's) rise from near $1 million to $53 million marketcap:

http://coinmarketcap.com/currencies/dash/

Why? Because Dash was first on anonymity? They were expert on marketing? Many early adopters had cheap coins to promote? Was the dev or some vested group selling the premine at the start to hold the price down and then hitting the ask sometimes on the way up helping to drive the speculative frenzy?

So I guess what I am observing is unless the coin is Bitcoin thus having the perception that the entire world is entering your ecosystem, then your coin is going to suffer from a boom and bust. If your tech can cross the Rubicon and seriously take on Bitcoin in terms of ecosystem adoption, then maybe you have a shot of rising up to that perception level (and actual network effects with perception being one of the effects). But other than perhaps Ripple (and maybe Nxt briefly or still amongst their large base of supporters?), I don't think any altcoin has gotten near to that widespread perception even for a brief moment. Litecoin was always a bet on gold/silver arbitrage, most everyone did not seriously expected it to overtake Bitcoin because it didn't really offer any compelling reason it would. Afaik, it's strong adoption came when ASICs arrived for Bitcoin and GPUs needed a coin to mine.

There appears to be strong correlation with being the first to present a hot new feature, e.g. Dogecoin with social networking, Litecoin with GPU mining (as Bitcoin lost it), Dash with anonymity, BitShares and Mastercoin with assets and features on block chain other than currency, Ripple with a totally different model, Peercoin with PoS, Nxt with building an ecosystem of developments around PoS. Ethereum on the generalized scripting of a block chain, but they never got the tech truly solved and their valuation was bloated from the start. Another point of evidence is that in spite of being technically superior Monero has had a difficult time selling the concept that on chain ring anonymity is superior to Dash and overtake Dash's market cap. They've had to try to correct people in other threads to try to get that point across, and I bet they feel like, "we have the higher intellectual tech, so why aren't we fully appreciated? Because there are scammers out there who fool the users". And thus they went on an anti-scammer cruscade at one point (but all this seems to have died down and they focus on their own threads now).

As for sustainability, none of those new features appears have been the killer feature that enabled challenging Bitcoin. And the follow through of implementation of their core features has been incomplete.

What I would propose is to create new coin with the killer feature that challenges Bitcoin specifically block chain scaling. And I would propose to focus on a core set of features and then find some way to follow it up with an upgrade, while letting the first version run on auto-pilot after delivering the debugged product and being paid then.

This is what I am contemplating now. Feedback is very much appreciated.

P.S. my health has been doing well past days especially considering the two all-nighters I should not have done. Hopefully soon I can shut up and code, so I can not get off on long tangents in these forums that cause me to lose any sense of time, lol.

Without doubt the most fascinating thread I've ever read on BCT.

As somebody who has macheted (sabered) his way through the jungle of Cryptnote and walked the hallowed halls of the Church of Monero it was always known to me the day would come that we went beyond Cryptonote. Now it would seem there are two different parties working at this more complete Zero Knowledge crypto.

Much of what is said here goes above my head even though I'm aware of the significance. I wish all parties the best of luck in their endeavors, for the betterment of society and man.

TPTB's work should show other crypto-currencies (you know who you are) the importance of a strong whitepaper which certainly since Satoshi we should realize can change the world in and of itself. I cannot wait to learn more about TPTB's epiphany as best I can.

Question: Is the work of TPTB and/or Shen/gmaxwell intended to improve the Cryptonote protocol or can this tech be used on a BTC side-chain or blockchain too? Is it designed to be built on top of the CN protocol or does it stand alone?

Many many thanks for this mind-blowing thread. Satoshi might well be reading this so "Hi, Satoshi!".

In Crypto We Trust.

Here is where we disagree on what made early adopters rich (which I believe at its core was about supply and demand ... Not innovation that kicked bitcoins ass)

Litecoin was successful because there was a "demand" for a bitcoin backup in case something went horribly wrong with the network and early adopters who had money wanted to diversify.  In combination with this there was a demand to anonymize by obscurity (there is a reason why the biggest litecoin exchange is anonymous and requires no identity verification).  I think this is a better method and more widely used than coin mixing services.   For it to work it needed liquidity which early bitcoiners wanting to cash out brought to the table.

I disagree with the scrypt / decentralization as being much of an innovation.  It failed when GPUs replaced CPUs and then again when ASICs replaced GPUs - litecoin failed to follow its decentralizion innovation very intentionally.  And the wealth in litecoin did not move into what tried to carry on it's original intention (Scrypt-N / Vertcoin & X11 / Darkcoin)

The reason Darkcoin succeeded was due to the masternode method of tying up 50% of the coins and cutting down emissions to a fraction of what was originally planned to limit supply.

Dogecoin I agree had the most innovation with marketing.

But (correct me if I'm wrong) the marketplace is full of innovation that takes crypto well beyond Bitcoin.  Monero / cryptonote wipes it's ass with anonomization and supporting a dynamic block size out of the gate (what Bitcoin has been fighting over for years).  Cryptonite fixes the blockchain size / bandwidth issues.   Ethereum provides a programmable blockchain and has much better transaction time and ongoing development than Bitcoin.  I would argue the talent they've brought in from outside of altcoin world greatly exceeds bitcoins (and the same might be said for Monero).  I do agree that scope creep and mismanagement is 90% likely to kill the project.

I guess my point is that the pattern of getting rich for early adopters has much less to do with innovation and market penetration (compare Monero and Darkcoin) than making sure supply is much lower than demand.  The most successful projects judged by making early adopters money are the least innovative (Darkcoin vs Monero, Litecoin vs Vertcoin or Cryptonite, Dogecoin ... Maybe it doesn't have an equivalent etc.). Innovation is divorced from payoff in this space.

That would correlate to my point in my prior post that Monero had a difficult time selling that their tech was superior enough to Dash that Monero could overtake Dash's "first mover" momentum on the feature of anonymity. But I am not sure a layman's white paper would have overcome that Dash was "first mover".

How many investors actually understand the math in the Cryptonote paper? I'd guess almost none of them. This is another problem with making anonymity the main focus of a coin right now. Very difficult to educate the users as to what is important. But this new hiding of values along with rings to hide sender, is perhaps a new frontier for anonymity. But who will explain to newbies so they understand well. I know I can, but I am also not sure if anonymity should be my first priority. I think block chain scaling is #1 for me. For Monero and Dash, they need to protect their market share on the anonymity feature, so they have more incentive to make it a #1 priority.


It can be implemented on any coin that wants to implement it and has UXTO. Will probably be a hard fork and the entire ecosystem has to be upgraded, so it is surely a non-starter for Bitcoin. Only those few coins that have a balances-only design would be technically ineligible.

Note Cryptonote is a technology that can be added to nearly any coin that manages UXTO. But CN required extra wallet complexity because the values are not hidden so the powers-of-10 balances need to be employed. Whereas this new improvement hides values, so that complexity of power-of-10 balances is removed.


Surprisingly I didn't think of that. I must be too focused on trying to find my direction.

I actually just had an idea outside of being paid outright or starting your own coin if you wanted to bootstrap off of Monero or another coin with rich bagholders.  And it's something I would be willing to participate in.

Get Risto to act as an ESCROW and Smooth and others to review your white paper to see if they think it will add significant value / demand to Monero.  Those interested in investing tie up their Moneroes in a predefined ESCROW with Risto for a set amount of time (six months?).

On the hard fork that releases your changes and the price of Monero doubles (hopefully in conjunction with GUI release etc) you get the difference between the value of Monero between the time the money went into ESCROW and the time it's sold.  If I put 10,000 Moneroes in at .40 per Monero and your changes increase the value to .80 then I only get half of my Moneros back - you keep the rest.  If your changes don't add value and value doesn't go up I keep all of my Moneros.

I'm not much into crypto but if devs thought it was a significant step beyond anything we have now I might be willing to take a small 50/50 bet.  50% in escrow for your paid for by innovation long position and 50% privately held by me.

Ah yes. I remember that now that you mention it. I remember specifically people citing that reason.


I do remember people mentioning exchanges as their form of anonymity when I was pushing off and on chain solutions integrated into a coin (which became Dash and Cryptonote). But I never thought about that being a main driver for LTC. You taught me a datum I didn't know about the largest LTC exchange allowing anonymity.

And this goes right to the point of my prior post, where I said that educating users about anonymity is difficult. Don't these naive users understand that if the exchange is anonymous, then it might be the NSA! No they don't understand, don't believe it is likely, or don't care!

Marketing is not about what is correct and most intellectual, rather about what people think and the path of least resistance. This is what I mean when I say coins that have horrible marketing in that they don't pay attention to the things that really matter in marketing.


Excellent point. The synergy between the two modes you raised.

Do any readers concur or disagree?


No I didn't mean Scrypt was an innovation in the sense of intellectual correctness. I meant in terms of marketing timing. The GPUs had to leave Bitcoin and so Scrypt meant Bitcoin mining ASICs could not mine Litecoin. So combined with the other modes you mentioned, this mining hash feature ended up being another factor driving the synergy of the timing.


Well because X11 is nonsense. And because GPUs were doing fine thank you in other coins with unique mining algorithms once the LTC mining had become saturated. And also probably most GPUs had been amortized and no one was buying more GPUs since ASICs were the hot new thing to buy. So LTC was the transition for paying off the GPU amortization.


I see. And being first in anonymity gave them the illusion of being hot in innovation while the masternode actually tied up the money supply so that that market cap appears much larger than the actual liquid float, which thus caused more stampede in on the way up the ramp to $53 million. May explain also why PoS coins have had ramps?


I will correct you because now you are in my area of expertise which is evaluating technology. Your expertise above of having more time than I do to observe all the goings on in different markets of crypto, explains that it is difficult for a core dev to be omniscient in marketing if he doesn't have input from astute others he trusts.

Cryptonote does wipe ass on one aspect of anonymity, but anonymity is more of an all or nothing proposition in that if you can't anonymize the path over the internet, then the on chain anonymity is broken against the NSA. I argue I2P and Tor are broken against the NSA. And CN did not anonymize values (until Shen and my inventions) thus it required equal denominations in transactions with bloated and complicated with power-of-10 denominations splitting of transactions. And all of this too obtuse for your average investor and user. And anonymity isn't the feature most investors are looking at in terms of expanding the ecosystem to the other entire world. Anonymity is an idealism/ideological feature and even some investors would prefer not to have it because they think it hinders mainstream issues.

Surmounting the anonymity space is not going to be easy. For example, Bitmessage sucks and Monero hasn't done anything about that. There is so much work that needs to be done. I2P and Tor must be replaced. And many other work to do. Complexity. Slog. Slow. Lose momentum.


Nope. The block chain scaling issues have more to do about the latency of propagating transactions to all nodes, resultant orphan rates (or centralization of mining to deal with it) and implications on double-spending probabilities and number of confirmations needed, security of 0-confirmation transactions, vulnerability of 51% attack, etc..

Also balances design doesn't stop the block chain from growing. So it doesn't really address scaling, rather it only addresses the point in time where scaling becomes a crisis (as is the case now for Bitcoin). Rather to address the scaling of the block chain data size, then not having to run a full node and download the entire block chain is more important. Yet not having mining become centralized by encouraging that.

All of these above are the sort of issues that my block chain scaling designs solves.

Note I wrote up thread that a balances design is incompatible with rings, but now I remember that may not be true. I think I remember I had thought of a way to do rings with balances.


I will have millisecond transaction time  :P

And I am only 1 person. Vitalik and the others are extremely intelligent. Too smart :) (joke, but it can be true. Any way, appears to be bloated and not focused because they are having fun with research)


Your definition of innovation is different than mine. For me even using masternodes to limit supply is a clever innovation. You are thinking idealistically that the goal is to produce technology. But technology is useless if it doesn't produce market results. So thus I have more open minded perception of what innovation really is.

What I bring to the table is a geek combined with a realist. And a proven ancient history of doing 1 man projects that reached million user adoption (because I combined those two aspects of my attitude and ability). There are times where I have let myself get too far off into never-never land of idealism and research. But when I realize I need to get back to what I did best, I need to be a realist about producing market value (while also being able to inject high tech where is makes an impact on the former not just for idealistic delusions).

The reason for LTC´s pumps were several MLM shemes originating in china and hong kong.
Bitshares pump was caused by chinese investors too.
Dogecoin was pumped to 300k satoshi (value is out of my head) by a guy called wolong (from singapore imho) and his pump group.
Darkcoin was pumped by a group called prometheus to its all time high.

That is the main and only driver for all coins including bitcoin, pump and dump groups.
It was never easy to buy huge stakes of xmr for very small prices, thats why u never saw a big pump there, of course there were smaller ones.

The current prices say nothing, they are all irrelevant. Time will tell who will be an important player and who won´t.


See above, also note that they used other "innovations" like a screwed up initial distribution where the first blocks gave 500 DRK per block, a cutting of the total supply from 84 mio to 21 mio without a word before etc.

This illusion how you call it, it´s what pnd groups use to justify a pump and it works every time.


It´s not our job to invent secure instant messaging, the blockchain itself is not the correct tool for that.
I personally hate it that everyone wants to solve everything using the so called blockchain, it doesn´t make any sense, especially for a messaging protocol.
There are already scalable protocols who got peer reviewed and just work fine for the mass amount of people (https://eprint.iacr.org/2014/904.pdf).

I don't think my white paper can turn the fate of Monero. The only advantages I see for mine over Shen's are potentially a performance boost (but need to actually dig in to quantify) and this obscure notion that in the holistic sense of combinatorial chain analysis by entity that can see many output values, then the unlinkability of the hidden values is I allege "not strictly enforced" ("broken") at the holistic chain analysis perspective (not broken at a per transaction perspective). In Cryptonote the values are always equal so values never lead to combinatorial unmasking cascade. One example of seeing many values is when users send many transactions through large entities such as Coinbase or Bitpay. The NSA might have tapped that data for example.

So while mine may have those advantages (no one can verify until they see mine) and if so is worth a minor increment in payment perhaps, it is not enough to turn the fate of Monero to justify that level of intrusion into Monero's coin distribution. The potential benefit is out-of-proportion to the tumult suggested.

Also neither smooth nor rpietila are fully qualified to judge the value of cryptography white papers (smooth could perhaps digest it but with much effort that he is probably too busy to do). They would be relying on the opinions of others experts. I have lost too much time due to talking and such. I'd prefer the paths of least resistance and clear paths to production asap.

Although I'd like to get something for my anonymity white paper, unless I am going to join Monero as an ongoing developer, then it doesn't seem like there is enough value that can be extracted by me relative to the tumult of the different personalities, past history, etc.. I mean I could release my paper then after seeing it they could argue it is not significant enough difference, then later they basically sneak in my advances in some other equational transformation that makes it look like they didn't take it from mine. I think they already have Shen's which is close enough so it is difficult now to do any deal.

I could see my whitepaper being more valuable to a coin that has no strong anonymity yet and which has the funds or market size to pay me. Bitshares and Nxt are probably the strongest candidates for getting my white paper if they are interested because they have weak anonymity thus far and at least the SuperNet (although they are working it, mine is I think superior than what they came up with and I do know what they were working on) has the funds available (haven't spoken to them yet on this issue) and if not just keep it for my own coin. Boolberry may still be affiliated with SuperNet so perhaps SuperNet would fund the addition of my algorithm to both BBR and any other coin on the SuperNet.


Imo, the bet you should be making is on block chain scaling.

I'm not sure what you define as "pumps" - but litecoin has had a long standing #2 spot for three years now?  The ride from $10 to $40 I have no doubt was an artificial pump but the daily transaction volume has always dwarfed everything outside of Bitcoin.  My analysis was directed at this - not the ride to $30 and crash back down to only 4 - 5X whatever the current leading alt is.


Bitshares seems complex and like a be all / end all for everything from stock trading, market place, multi level marketing scheme, etc.  NXT and SuperNET seem to have at least some of these attributes that make me think they will never see widespread adoption.   Even Ethereum seems focused compared to those projects.  

I also hate their names and hate PoS (although for scaling purposes with transaction times maybe it's a necessity?)  I guess I should spend some time outside of the PoW fold ...

This post is very very helpful to me! Thank you.


Makes sense. And I guess the first ASICs were produced in China too so someone perhaps mined a lot of coins cheaply.

But I think the underlying base of support of looking at LTC as a safe diversification from BTC (and the use case for laundering money and GPU mining) is what provided liquidity for suckering greater fools into the pump. It seems you need both the good illusion of a reason and the also the control of some of the money supply by those who will pump it up to increase liquidity so they can cash out.

Do you disagree?


I had heard that, but again there was an asset there with features that provided justification that along with the pump will bring in liquidity. I don't you think you can effectively pump some copycoin with nothing to get investors excited about other than the attempted pump? There has to be some illusion of legitimacy.


What do you mean by 300k? Do you mean the pump group invested 300k BTC (certainly not satoshis which are 100 millionth of a BTC) moving the price up before they started selling?


Is it evil to invest a lot of money in your own coin in order to drive up market interest?

Those coins have all stayed in the Top 10 of market caps and thus have been able to fund ongoing development.

Fair and homeostasis are the antithesis of the definition of openly traded exchange markets. That is one reason securities are regulated (because the government is always asked to fix nature, i.e. to fix what can't be fixed).


Bingo! As I have always said, the "fair distribution" was the initial death blow to Monero. I have said that so many times. There is no incentive to create any momentum, neither in capital structure nor in development (my point being paradigm shifts in development strategy don't come from group action but rather highly motivated individual creativity).


Armstrong has a few words for people who say markets lie. I reduced it to one word: delusion.

Markets tell you the reality. Holier than thou intellectuals wish reality was more amenable to "well-structured top-down sparkling academic cathedral of vastly superior theoretical minds (http://unheresy.com/Information%20Is%20Alive.html#Knowledge_Anneals)".


Something that works is to be criticized  ???


Fixing I2P and Tor is interrelated with making Bitmessage scale. Who else has the financial incentive? I am not saying necessarily XMR should do that work, but rather my point is that anonymity is difficult to complete holistically.


I wasn't thinking about using the block chain to do anonymous messaging. Anonymity of the on chain rings is unmasked in theory by an omniscient observer such as the NSA if the connection to the internet is not anonymous.


Encryption is not anonymization. That secure messaging doesn't obscure the IP address of the sender and receiver. It is known they are communicating to each other. It is not known what they communicated.

In the case of Cryptonote, knowing the IP address of sender is in theory enough to do holistic correlation chain analysis and break down the anonymity combinatorially.

Agreed eventually open source produces over 10 years or so the likes of Linux and Gimp which compete effectively with commercial OSes and top-of-line Photoshop.

But if you were going to pick a coin to work on as a starting point, why not pick the one that already has most of the major issues resolved in its design. When Linus started, he didn't port FreeBSD or other Unix OSes, I guess because he saw fundamental inertia there that would prevent him from reaching his goals for great design. (Linus is really good at smart delegation and managing design)

I assert no such starting point exists today. All the Top 10 have inertias and incorrect designs that can't serve as the platform for the next 10 years. I have some very big specifics in mind but I won't enumerate them yet, because other may try to copy me.

And what is wrong with pumping up the product, getting the market cap up there and then proceeding with donations? If that is what it takes to produce the best starting point, then so be it. As long as we as a community get what we need in the end. What ever is most efficient in the market. Markets don't lie.

Ideology killed the cat.

Again I think the only correct way to do ongoing development for both legal and economic reasons is the person who sells the coin product (awarding coins to people who purchased the product) must not continue as nor transfer control to a controlling group. Or the "fair distribution" approach but that appears to diminish speculation cycles which are necessary to create investor excitement and media play. The coin must run on auto-pilot after fixing the bugs and completing the contract for delivering the product and being paid. Independent developers can solicit donations to make changes in the source code, and nodes can adopt which ever version they wish (meaning that hard forks are very unlikely). This means a decentralized model of non-vested development. Any developers that try to act like controlling group, will thus face the possible ramifications under securities legislation. Thus I think developers should instead focus on paid tasks by decentralized donations. Foundations may form websites to teach about the coin, etc.. and again not by a controlling group. They can pay for their efforts by linking to products & services, and other monetization methods that don't involve being a controlling group.

If there is some major features that need to be added in a hard fork, then someone can go create a new coin. Simple as that.

There is no way to really force an upgrade on an established decentralized community. As we discussed the options up thread, it became clear to me (after I slept) that the concept of an organized upgrade doesn't exist in a decentralized consensus protocol because the protocol didn't have an expiration date in it. If we build in a burn capability for upgrades, then we create instability of an unknown expiration in that trust and consensus model (that no one is in control and no party has a favorable position in the protocol which is what I meant to write when I was so sleepy). Also burning for upgrades provides no funding for the developers who want to attempt some radical new features that justify a hard fork. Thus creating a new coin (even with the same name and calling it version 2 or what ever since no one owns the name in a decentralized system and only the community will decide how to refer to something) and funding it with crowdfund again in order to ascertain the level of interest probably is the most sensible.

Are we closer to agreement now?

No.



Yes there always is, thats what pnd groups use to justify a pump, be it some release eta of a new version etc. or just some good news.
For example there was last year ALWAYS a pump when a new coin got added to Mintpal (an exchange with the most volume back then), also for XMR.
Dogecoin block halving was another example, price just went down then, Bitshares 2.0 the same, price just crashed after it.
Thats why they say: "Buy on rumour, sell on news."

Maybe thats why we don´t give out ETAs.


I thought that 300k Satoshi was the max price of Dogecoin in the big pump. According to https://bitcoinwisdom.com/markets/cryptsy/dogebtc the pump reached 296 Satoshi. I mixed that up, thought it was 300k sats, but it was "only" 300. I guess thats sth like a 5-10x gain for the pumpers involved.

 

No it´s not; but Evan instamined it with Azure Cloud nodes, i know it, i tried to compile it and i watched all incoming connections after i finally fixed the crap, the code he uploaded to github didn´t even compile and it had this nice bug that produced 500 coins per block, then later when a lot of people mined the emission was changed and the amount per block has an algorithm that says -> the more hashrate the less coins per block. He took that from peercoin without thinking about the parameter, their algo was optimized for sha mining. Funny enough, the release of an open GPU miner meant a loss for all miners because the difficulty went so high that the reward per block went to the minimum amount. From 500 to 5 coins. I would call that evil or at least dishonest, i personally will not resort to those tactics to earn my money.


I would like to pick that quote out, i don´t think they have written more lines of code than we did, especially not darkcoin. Nor did any of them produce any reasonable research like the stuff we discuss in this very same topic.
Dogecoin for example doesn´t seem to have developers with much funding either, but they crowdfunded some crazy shit like a whole NASCAR racing car in Dogecoin optic, all paid by people in their community. I think Dogecoin is a good example of working crowdfunding without a premine or ico.


It´s way harder then for stuff like DRK or BTC. But yes, we have to find a way to secure the networking, i2p will be the first attempt, it´s good enough for now, and good enough simply means there´s nothing better and theres also no way we would have the resources to create something better ourselves at the moment. TOR and I2P are both projects which many many man years of engineering and in case of TOR also with a lot of funding, hard to compete with.


The X11 code in their wallet is still unoptimized and slow as he had just copied it from a known crypto library.


No, DRK and co where just one some of them, Vertcoin, Blackcoin etc all had high marketcaps, more than Monero and they are all pretty much dead. There was a so called pump of the month every month starting in january 2014 or so.


I don´t say they lie, i say the current prices are irrelevant in 10 years. We might look and them and scratch our heads or we will ask ourselves why someone even paid a few cents for certain coins or even bitcoin.
They all have too small marketcaps to matter at all, even bitcoin.


Robbing old people with a gun also works, i am still not a fan of that.


I said nothing about i2p or tor, even if we had a perfect anonymity network the bitmessage protocol would be the last thing i would use to produce an instant messaging application. On a sidenode, all of those niche messaging apps are totally irrelevant because the world is only using WhatsApp (which btw uses the WhisperSystems protocol i linked earlier, created by Moxie Marlinspike).
I also don´t see why Monero should spend resources on stuff like this.


That wasn´t my context, i was pointing out that projects like BitMessage who use a blockchain are most of the time nonsense,
Look at all those bitcoin startups that bring product XYZ to the blockchain even if it could be done way better with a sharded database or whatever. It´s all just Blockchain buzzword marketing at it´s worst.
It was you who mentioned BitMessage, which uses a BlockChain to store the messages, which is...let´s say suboptimal. I simply see no need for it, it´s more of a proof of concept of stuff that can be done but shouldn´t be done.


I am well aware of that, but you mentioned BitMessage which is also just encrypting your messages and has to be used in combination with TOR or whatever. People can as well just use the linked protocol with TOR (Textsecure, Whatsapp, Signal); Or stuff like TorChat, Jabber+OTR, IRC+BLOWFISH.

What i really want to say is, there are reasonable good ways of messaging securely already but no one cares about them, and thats the main issue. Let´s call it the PGP problem.
I am chatting encrypted on IRC since the 90s, so dunno if encrypted messaging is "the" big deal...

Seems the ones that stayed in the Top 10 actually have some useful features (even if for example Dash's anonymity has the holes of swiss cheese and users don't comprehend nor care).



I wouldn't want to be Evan. I doubt he registered with the SEC, he is a USA citizen, and he apparently sold securities to non-accredited investors where he retained interest in the venture promoting himself as the lead dev of the controlling group hence. And there seems to be considerable evidence he was not truthful in the prospectus. Looks like the man could be in heaps of legal trouble in the future. I believe the powers-that-be are simply waiting for as much fraud as possible to pile up in crypto currency and then when they are ready, they will sweep down and wallop the industry in order to take control. They seem to be purposefully allowing a wild west to proliferate so that as many people as possible can incriminate themselves.

I would advise not resorting to illegal activity to earn money.

I think as long as you disclose what you are doing, then you are not culpable even if some people didn't grasp the ramifications. That is if you are not selling securities; otherwise the law requires more extensive disclosure. My interpretation of the USA securities law is if you remain as a controlling group of a product that has shares and thus you are essentially operating as an unregistered company entrusted to grow the value of investment securities.


I haven't looked but Bitshares has produced a fair amount I bet.

Just because someone hasn't yet combined the best of honest investment pumping with the best of open source coding, doesn't mean Monero's performance is the optimum we can achieve.

Seems Daniel Latimer got closest to merging both strategies, but so far he has pursued some designs that could not work such as BitUSD and now the incomplete anonymity upgrade. And the DPOS also appears to be flawed (at least the last time I looked at it, but let's delay that technical discussion until I am ready to get into it).

Charles H. who was originally partnered with Daniel went on to help form Ethereum. Charles was talking to me, but I wanted to have a product already and not rush in with all my ideas still up in the air unsettled. It wasn't surprising to me that they went the bloated research direction. I could feel intuitively that was the leaning. So apparently there was some incompatibility between Daniel's direction and Charles. According to Charles, they created reasons to oust him. Maybe he stood in the way of the pump with the Chinese or was dispensable. Never a dull moment in crypto land.

So what is unsettled from my view is whether a methodical model such as Monero is superior to a model that raises a lot of capital and market awareness via enabling the speculation pathway of concentrating ownership and pumps to raise liquidity for the whales to cash out. Appears that Bitshares settled back down to its non-pumped value as the core users were still using it after the China pump. And Bitshares afaik just isn't really that great of tech but not the worst either. So what if that was excellent tech that was generally considered to be the best out there. Then those market pumps might be like staircases lifting the valuation and ecosystem network effects. I don't think this model has been tested yet, except maybe Bitcoin is that model.

Normally one would say open source methodical approach wins in the end, but we are talking about here is which code base gains the most momentum in the most effective areas. In my design, the anonymity can be added without a hard fork, so everything is much more plugin oriented. Monero will have to hard fork.

Writing a lot of code can be good or bad. Bad if you end up having to throw a lot of it away and start over. I am not saying that is the case for Monero. I haven't actually looked at the code that much or thought deeply about Monero's code structure and the future implications. I doubt I have time to go on that tangent unless I want to be a Monero developer.


Yeah Dogecoin was able to get network efforts with pumping. So take the best of tech from Monero, best of merging production with pumping from Bitshares, and the best of marketing network effects with pumping from Dogecoin. And package it with a block chain scaling that threatens Bitcoin. Then maybe we see a unique result.


Yup. That is why is I said it is difficult to hang the hat on anonymity as a coin's main purpose at this time. And how to gain size so that there is enough demand for securing the networking. I think anonymity is a longer range goal, although I wish we could accelerate it.


I meant of those coins still in the Top 10, most where pumped and did not fall out. The difference between those that fell away entirely appears to be they have no unique feature at all. Vertcoin has Scrypt and stealth addresses, but then along comes Dash and Cryptonote with far more anonymity features than stealth addresses.


I might be dead in 10 years.

Users need solutions in the next couple of years as we head into the sovereign debt crisis global collapse.

I care about the near-term as well willing to sustain for the long-term for as long as it is still the best opportunity.


There are scenarios though where they fall away entirely but their example influenced the one that replaced Bitcoin. I am dreaming you know.


Old people are not typically investing in highly speculative altcoins.

I've tried to educate readers about economics and investing, but you know people will not listen. They have to learn for themselves the hard way. There is probably a reason that nature does what it does. I am not here to fight nature, but rather to find the most efficient opportunities and look for large markets that have an unmet need. Then find the most efficient way to meet that need.

Speculative investing is not holding a gun to anyone's head. Everyone is free to make their own decisions.


My meaning that once you have an anonymous networking then messaging on top of it is anonymous.


They shouldn't perhaps and my point is the long wait ahead for anonymous messaging to be perfected by others or the demand to grow sufficiently.


Bitmessage doesn't use a block chain. It uses only the idea of Proof-of-Work to make sure each sent message has some CPU power behind it. Because spam is very costly to the network performance of its "send every message to everyone in the same channel" design.

Clarification about what I think is legal and not legal.

Crowdfunding a product (where you give out coins in the product as the reward) appears to be not an investment security as long as you as the lead developer (or his controlling group) does not continue to exclusively manage the coin as a controlling entity. In other words, you are selling only your programming services and are not managing an investment. Thus you must complete your development work and debugging before you accept the funds from the crowdfunding. Any ongoing work would come from anyone who wants to submit patches, and the decentralized nodes in the system can decide whether to upgrade or not (thus no hard forks can work). For features requiring a hard fork, then create a new coin.

So I would still be able to submit patches as well as others could for as long as I don't try to control some master copy of the open source and commit access (thus not acting as a controlling entity for the product), i.e. as Linus explains (https://www.youtube.com/watch?v=4XpnKHJAok8) about decentralized version control Git, everyone can have their own local copy of the changesets they have merged.

We have a builtin hardfork design that hardforks the network every 6 months, people have to upgrade. Old protocols will stop working. Adopt or die; You also have to upgrade your OS regularly or you get fucked by malware, so i see no issue with this.

https://forum.getmonero.org/4/academic-and-technical/303/a-formal-approach-towards-better-hard-fork-management

It´s a bit like the linux kernel, old ones get abandond.


Yeah but a bc like system that stores the last couple of days, doesn´t it?

I am curious what smooth thinks about this, because seems like up thread he was arguing that forced upgrades are destabilizing and I assume because they violate the trust that user has that the protocol is decentralized and thus doesn't die by any expiration date or reliance on any controlling entity.

Btw, this feature makes me wonder if you guys are setting yourselves up to be more culpable under investment securities law, as you are clearly forcing the product to rely on your ongoing control, unless I misunderstand the implication of the stated feature.

Not to spread FUD but seriously if a coin is undergoing hard forks then it really isn't decentralized in the purest/strictest sense.


Clients in the system retain messages for a couple or few days. But they are only stored opportunistically decentralized and not on any deterministic, globally coordinated ledger.

P.S. happy that we entered a respectful dialogue.

SnapChat have raised investment valuing their shares at mulit-billion $$$ levels with something less desirable.

It would be interesting to reverse engineer crypto into mobile apps, by first making the messaging system desirable - messages that can disappear after x-period of time (unless saved) and never get stored on a central server where the authorities can demand access.

why don't you shuffle this whitepaper in your ass and get lost? i know that would help lot of dumb people and saving their headache later.

Somebody wrote this about me in private. Lol. I guess I sort of played that role for Dash. I remember that.


Btw I did receive some remuneration and small angel investment from a few in return. Mucho gracias.

Any way now is time to really get healthy and make something happen. Need to decide on a direction. And I don't have any ill feelings towards any coin nor group. My challenge is figuring out where I fit in.

Lead developer is the best role for me because I like a free reign to innovate. Some people had asked me to consider contributing my anonymity algorithm to Monero and so I made this thread because of Shen's Reddit announcement. I have since discovered that Shen's design can probably suffice for Monero at least for a first version. So I don't think it is really that compelling that they need my design. I think the Monero community is contented with their progress and team of contributors. Don't you think guys it is sort of a waste to take a very creative guy like me and try to get me to conform to the larger inertia already in Monero? That is not me. I am a free bird. I go off and tinker and sometimes (not every time) produce very creative products. Wouldn't it be better for our community if I am off taking a stab at the other problems such as block chain overhaul that are not going to be on Monero's radar for some time yet?

Tech alone doesn't drive success - you need to get marketing behind you;best if this comes in the form of having industry experts on your side / working for you. Bitcoin is only successful because of the first mover advantage.

Funding wise, I think etherium did it right, but its a huge project to arrange...seemingly outside the reach of the small developer.

you belong nowhere in this crypto scam world
your best is copy/edit of shadowcoin zero knowledge, if you even have that kind of coding knowledge.

The smartest thing to do would have been to work with smooth on Aeon.

But each to their own.

Absolutely not. My inventions have not been copied from any one. Put your full legal name on your posts as mine is on my white paper. So you can be held legally culpable for slander.

lol
what a scammer wannabe

Why do people who want to get rid of the existing centralized legal system constantly threaten with it?  I'm not just picking on you ... Cryptsy, Paycoin, the guys on Bitcointalk when I tried to start a small angel funding for the guy who was doing the bitcoin malleability attack.

It seems so weird to me even if it really is slander or misinformation etc.  Seems like freemarket / educated people's opinions should be adequate to deal with who does / doesn't have something valid to say.

Kindly consider getting lost. This is a very important thread, and he is the OP, and I known him for 8 years, and your slander is not welcome.

important my a$$
real scammer will always get money first before work
real inventor will always get thing to worked first before asking for money

Smooth and I have talked on occasion in private about working together. Lately we are not talking about that. That is always a possibility again in the future. Realize any code I am off doing, can at any time be brought to smooth and say, "this is working, should we integrate this in Aeon?".

I think coming with some code in hand is maybe more instructive than a lot of verbiage.

I just want to code and know I have enough support out there if I produce something of value. Appears the support is out there. The onus is on me. If it makes most sense to ally with smooth, that can be discussed. Producing some code first might be the most convincing.

I think you failed to read what I wrote:


If you are referring to the offer to sell my completed work in the whitepaper then apparently you have some kind of comprehension disability.

Slander is attacking someone's reputation with lies that have an economically damaging effect.

Asking him to put his legal name on his attacks is way of saying to readers that "please note this guy is attacking me but won't even use his real name, but I have used my real name". So it is way of stating to readers who is more trustworthy.

Also it was the easiest way to respond since this is not a moderated thread, otherwise I would have just deleted his posts and ignored them.

As for suing for slander and the legal system, obviously he isn't worth my time to do that. I only stated that he should be willing to be culpable (responsible for his actions) if he wants to claim righteousness.

When reading my posts, please note I am often an abstract thinker, so I often have something going in my mind that is conceptual and not just what is literally written.

Benthach is a known troll. Best to ignore that trash.

nowhere to be found on your OP. this only prove and make you a legitimated scammer wannabe. now go and editing your OP to included this statement, but then the fire already fizzle.
the scam team from shadowcoin already claimed to have zero knowledge and working so no one need your copy/paste shit anymore.

do you know and heard something call testnet?

because i've proved again and again, your shitcoins are scam. altcoin=wild wild west scam world with no adoption. when i say anything, it will always right.

From private messages, some Monero supporters (not rangedriver) think I could earn some XMR from doing a few coding jobs for donations, and they would like to see my creativity inside of Monero's community. I really appreciate that guys. Thank you for the warm invitation. And thanks for the help on my health. I will be looking more into the health tips.

I just want to point out something. I am 50 and I have no retirement, no savings, I live in a 3rd world country, and no one in my family can help me even a dime. And I have no insurance and no social welfare system to help me (I refused the USA system). So I don't have time for ideological giving. I need to produce with the few years I have remaining before I am old geezer (in the midst of a global crisis underway!!) and I need to know I am earning a market rate for my skills. So asap I need to do something in crypto and see if I can earn enough, else I need to get out and go work in other areas where I can earn a decent income.

The XMR donations model seems to pay about $1000 to $1500 per 2 weeks of work. So less than $40,000 per year. Sorry I was earning that much (inflation-adjusted) at age 19 back in 1984. That is totally incompatible with a man of my age and situation. Monero work is fit for those coders who have made already a lot of money and want to make an ideological contribution to crypto. Or who are young and live for example in Ukraine or Russia. I applaud their ethics, but I am also not sure if their ethics have not clouded their understanding of nature, economics, and market dynamics. But I don't want to judge. I am just saying the choice seems pretty clear that either I can earn enough in crypto or I can't. I need to find out as quickly as possible.

Sorry for writing so much. But I am tired of being misunderstood. I wanted to make it very clear.

Also I don't feel Monero really needs me. Because they need guys who fit well into a cooperative open source model where each of a multitude of people do coding tasks. Even though I am aware of this open source model, I have never done it. Never. I have always coded on small teams or by myself. I am not accustomed to interacting with code virtually. I think these guys get a great feeling from for example being on freenode talking tech. It doesn't drive my feelings. I feel no interest in that sort of thing. I go off by myself and create. That has been my style my entire life.

I suppose if I had no other options I would do it. But I really think you are asking to put a square peg in a round hole. Just isn't well matched. Perhaps I am mistaken, but usually my gut instincts are correct.

That's a pretty realistic time frame to make a few $$million.

FWIW....VCs throw money at talented coders and they throw abuse at people that walk in with good ideas and no coding talent in their team.

So....what to code? That's the trick  ;)

You assume that Etherium did it correctly. There might be an epiphany that simplified the entire concept and enables one man to sort it out better than they did. Never underestimate the creativity of the odd thinker. When you think someone is odd, maybe that is sign they think differently than others thus are more likely to think of things in ways others don't.

What drives success more than anything is passion and commitment. Next comes a 6th sense of picking what is important. Next comes the aptitude to achieve it. Next comes some clever insights. Last comes some luck. Very rarely is it because of affiliations. Well that has been my experience at least. In terms of doing work as a group, work only with the very best, because the others just bog you down. And minimize the number of people you work with.

I don't think it is always best to have industry experts on your side. Sometimes the craziest damn unexpected thing comes from the one who was the least expected to do so and was the least conformist.

You know what I love about your post. You are challenging me. When I am not sick and someone says I can't do something, that is going to motivate me to do it. Lately I haven't been myself because illness physically removed what I could normally do in terms of effort and hours.

Any way enough about this. Thanks for your opinion. Very motivational.

That might make me worried because I might think that no one would invest in my work if I wasn't affiliated with other experts, but then I know that the smartest venture capitalists want to buy when everyone else won't so they get the lowest price and the go for the huge gains in appreciation.

I think one thing is clear. Drop a fully implemented Bitcoin killer in testnet on this forum, and the interest will be very high.

Yep. Imo anonymity isn't really even needed until and if the coin gains a marketcap and user base (and hence the attention of the authorities) approaching those of Bitcoin's. But having an implied promise that there will be anonymity eventually is important for being able to gain that marketcap (although probably best not to literally promise anything that wouldn't be ready and sold at the crowdfund if that's the route you'll choose).

That is far from clear. It has been tried and is being tried - Monero, to Dash, to xyz Coin.

Factom, for example, has raised $millions, by aligning with Bitcoin rather than trying to compete against it (I don't own any Factom or think they are legit under the hood).

However, first working ZKP might be enough to create a very comfortable retirement fund and enable decades of coding for fun.

I never viewed those as Bitcoin killers. If their supporters thought they were, they were delusional.

You don't replace Bitcoin by doing some obscure feature better. You replace Bitcoin because something everybody desperately needs NOW can't be done by Bitcoin and only by your coin.


Except one problem. Bitcoin's block size can't scale to large data. Not without mining becoming very centralized.

Boolberry and SuperNET (who has the money) should be very interested.

Please contact jl777
https://bitcointalk.org/index.php?action=profile;u=177323

Here is a recent post he made on the issue:
https://bitcointalk.org/index.php?topic=1198276.msg12617626#msg12617626

Can you add a poll to OP for donating to SuperNET to fund integration of Boolberry and your CT work?

As I wrote up thread about my block chain design, the transaction processing format is orthogonal to the block chain, so anybody can add any kind of transaction processing they want.

I am talking really radical concepts. You all haven't even seen the tip of the iceberg yet. My anonymity paper is just a small smidgen of what is up my sleeve. (fucking health problem!)

And who do think suggested jl777 to use CoinShuffle as a first step? Me.

But now there is something better available (or you can use both together as I also gave jl777 the idea of using CoinShuffle as a way to send messages anonymously):

https://bitcointalk.org/index.php?topic=1211093.msg12740753#msg12740753

So.

Close the thread.

Create a new ANN.

 :P

Readers please note the voting is not locked. Just the topic. Unfortunately I had to lock the topic because of that one troll. And also I think we said enough already. I need to get back to work. I am available in private messages.

https://www.reddit.com/r/Monero/comments/3oi16k/ring_ct_for_monero_a_work_in_progress_comments/cw67x1d

I thought smooth was too busy to reply but he replied in private because I had locked the thread. So here is my reply and includes everything he wrote. I assume he wrote this for public consumption.


My point is that the existence of XMR without that parasitic fee made it largely unnecessary to make another fork of BBR to remove it. Being first or second seems irrelevant.


As I had pointed out later in my prior post on this issue, it can be that since ostensibly BBR has lower adoption (no offense intended to boolberry), there simply isn't the available resources to fork it can remove the parasitic fee. My point is that if your coin is scaling out to the world in potential, then opportunity for someone to fork and remove the fee and the world maybe preferring that fork is probably greater. Although it is possible that the inertia makes it impossible to do such a hard fork. Yet I think it is very likely that if BBR was Bitcoin, many people would have made the argument and actions to remove a 1% fee on the entire world's debasement or mining income (is the 1% on all mining income including transaction fees?).

It seems like a potentially viable funding model for a coin until it gets large adoption. Yet for that reason, it probably isn't viable. I assume boolberry isn't making enough money on that fee to justify working a lot on the coin lately.

Again I reiterate that it seems to me the only model of development funding which seems viable is to sell the programming work to produce the initial code base which should have some major new feature for crypto that drives interest and adoption. Or try to mine your own coin at a "fair launch", but this requires getting people to basically ignore your launch ANN or some hidden form of premine or instamine (or as apparently in the case of many Monero developers means your coins are worth roughly the same or less than the cost you mined them and this is probably why there is no pump or fast appreciation of the speculation price occurring for Monero). Or go for the donations model of methodical open source that produced Linux and Gimp. But please note, many people are paid high salaries to work on Linux because corporations have a vested interest in Linux. This may be what is missing from Monero's economics. Monero can not afford your or my time. Monero can only afford volunteer experts or people from countries with a very low average salary for programmers such as Ukraine and Russia (but I doubt any of the experts working on Monero are inexperienced developers from these countries and the experienced ones have surely learned their true value on the international stage).

Everyone has told me that Monero developers are impoverished if just considering their gains from the Monero project. Thus they must be participating for ideological reasons, or some vision that one day the gains will come as the code base reaches certain levels of capabilities. For me 10 years waiting for gains is too long to wait. And a 10 bagger over 10 years is only a 26% per annum gain. Seems like a long time to wait with a very high risk of failure for such a low annual return. Inflation will eat probably 1/3 of that gain. There is some hope that with the coming economic collapse in 2016 that interest in anonymity will increase and Monero will benefit by being the technologically most advanced anonymous coin. That may be so. And they should focus on anonymity since that is where they are already strong and perfect that as their highest priority first (because they already made that their core focus and rewriting a code base is generally considered a very chaos inducing and dumb decision).


Well you must mean adding services or products to the ecosystem, because the ramp up in the price hasn't happened as it did for other altcoins. And due to the "fair distribution" it should not happen ever. Monero can only appreciate by significant adoption that is not driven by speculative fever. Thus they will have to do some serious marketing into new demand for crypto. Or anonymity will have to naturally gain significant new adoption. But generally I think people adopt crypto, before adopting anonymity. Anonymity takes a while to learn about. Users are much more likely to look at other general crypto features first as being most important when they first come to crypto.

How to drive demand and network effects for new adoption is one of the key challenges of crypto. I have my plans and ideas about how to do this. I don't think such a viable plan and action will come from group action. It requires a creative force and leadership to push it in a certain direction. If I had to explain by committee my ideas, I'd spend more time jawboning thus removing the time to actually implement. And then one of the people in the discussion would go tell some others who would steal the ideas and launch a coin before I ever was able to. Open source as a model for profit driven innovation doesn't seem always to be well matched. Open source is for the finished product and the decentralized community that results from finishing the programming and releasing the protocol.


I hear there will be lawsuits. The USA security law seems to be quite clear. When you sell a share in something where you have an ongoing controlling interest which the purchasers of the share depend on for the value of the share, then you have sold investment securities.

Work in practice requires perhaps that either they've paid off someone at the SEC which may be the case since I noticed that Vitalik received a $100,000 grant from Peter Thiel, and because none of the investors bring a lawsuit or complain to the authorities. The SEC does not bring cases against their own (e.g. Peter Thiel).


Yes but as I argued at the start of this reply, I am wondering if the level of income that can come from that is worth it. You wouldn't have significant transaction fees in low adoption. You'd need to be taking it from debasement so then it is basically equivalent to the level of premine for a static money supply. So if 1% of the money supply of a low adoption coin is worth it. Seems like it is just better to sell some coins in a crowdfund. Gimicks don't really payoff. Either you go for making your coin big and show the world you intend to, or you do some gimick that will show the world you are preventing it from becoming big. And given my interpretation of securities law risks, being an ongoing lead developer paid from some revenue stream taken from the coin, appears too close to being a controlling entity unless you actually stop doing any actions to maintain control (i.e. don't let all commitments and upgrades come through you only as the master and don't coordinate with others that do as if you are working together as a unified controlling entity). Even then given the ongoing revenue stream, it is probably necessary to do nothing at all on the coin, because it can be perceived that the exclusive control over the revenue stream is a factor which would cause the community to see you as the controlling entity. It is expectation of investors that matters in securities law. Where they expecting you to control the outcome of the development and thus performance of the investment.

The concept of a lead developer should be for producing the initial launched code base (debugged). Ongoing the lead developer should be a spiritual leader concept where his repository is widely respected, but not where every thing is controlled through him. Decentralized version control. Decentralized choices for the current code employed by nodes of the coin. The lead developer can lead quite effectively without retaining absolute control. Natural born leaders such as Linus Torvalds are respected because they are really good at what and how they do it. Being very intelligent is one important aspect, but there are other qualities that make a great leader. And note Linus is very frank and does piss people off. But he is usually correct.


My point is that Litecoin positioned itself with Scrypt so it was ready to receive the GPUs from Bitcoin when ASICs arrived. They probably didn't plan that, just got lucky. But they did choose the name Litecoin and market it as the silver is to gold concept. Are you sure it was "fairly distributed"? I've head of various things that refute that, such as those who got a lot of cheap coins when they were the first to port GPU mining to Scrypt. What worked apparently was the marketing, the timing, and the cheap coins motivating some to pump it. The innovation wasn't Scrypt alone, but in combination with the marketing and the luck on attaining "unfair distribution". Markets don't appear to work properly when the powerlaw distribution of wealth is eradicated with a fair distribution. Fair distribution is communism. It doesn't reward anyone for being first or producing more creativity. It destroys the value of production.

Open source is a tool, not a religion. Those who make "fairness" a religion will suffer I bet. Open source isn't really about fairness and transparency of all things. It is about sharing that which there is the predominant economic incentive to share. But not all things should be shared at all times. Should I share my house with everyone and leave my door open to all. Should every idea be shared, or is it better to go develop the idea and then release it in terms of those who have the vision to invest earliest. Wealth is unequally distributed so that those with the best ability of discerning and implementing improvements are entrusted with the most capital to do so (wealth migrates to those who are serially successful at doing so). Inequality is necessary in order to lift the prosperity of those even at the bottom of the wealth curve.

I know you know all those points of view. I am just stating for the readers and so you know I know also. And to see how you might relate your thoughts to this.


Okay then that further supports the argument that Monero's distribution is too fair.


So there was never a point where the difficulty was low, not even the first day of mining?

So that explains it, no one got cheap coins.


Even a $100,000 cash out if I had mined it for $1,000 in rented hardware would qualify as "rich" for me at this point in my life, lol.


Okay so this explains why so many Monero folks suggest this to me. Btw, I have never looked at $4 million market cap as the right price to enter a coin. As a lead developer I want to enter at $100,000 market cap. The earlier investors should enter at < $1 million market cap.

Because unless you challenge Bitcoin or expand the crypto userbase, then the realistic upside for any altcoin right now is in the range of $10 - $100 million market cap. If you happen to create a Bitcoin killer or a product that causes new adoption outside of Bitcoin, then we can start talking $billion market cap potential.

I understand there is great hope that crypto adoption will spread in general, but it is also quite possible that by the time that happens some new development will have changed the landscape. To look too far into the long-term when dealing with technology that is unfinished and in great flux is very, very risky investment. So no, I am not very motivated by a $4 million market cap, lead by a group that thinks the way that they do about the way to organize development, marketing, and distribution. I would be fighting with a core culture that is different than my philosophy of venture capital formation.


Thank you. Yeah I don't want to force another group to change their culture to match mine. I understand that if I become a Monero developer, then I must change. Besides they really don't need me, they have enough really smart people contributing (smarter than me in their fields of focus, e.g. Shen-Noether is more knowledgeable about wide ranging cryptography and algebraic algebra than myself). And I could change if that was my only option to survive. I am capable of subjugating myself. But I don't think it is wise for me to do so because there is still so much opportunity to create in this crypto space. Btw, there is a slight cultural difference between you and I which is what makes me apprehensive about whether we are fit to co-develop a project. I wanted to protect you from my idiosyncrasies. Skills wise we appear to be really well match in that we are each strong in the area where the other may be slightly weaker.

My main mitigating issue is I stopped being self-funded this year and my health issue drained me over the past 3 years. So I became sort of discombobulated (as well as in foggy brain for example in September) and fretting over what to do. But I've had reasonably solid health since I started the antibiotics + NAC. And even more stable thus far since I added the alpha lipoic acid, and restarted my 20,000 IU daily vitD3 and daily coenyzmated B-complex. But in these 16 days of reasonably good concentration (and no exercise since that horrible relapse), I've had 3 days where I had mild relapse and one of those days I had a horrible relapse (6 days into the antibiotics). So I can't tell yet if I am finding a cure. Exercise seems to trigger relapse but if I don't exercise eventually I get worse (or that was my experience in the past but now I am on a new therapy). And I need to review information others have given me. And maybe lose more time searching for diagnostic tests. Damn this health really fucked me up from what I wanted to do in crypto. But maybe now finally I have it under control. We will see over the coming week and weeks.


I am not saying I like the greater fool theory of investing. I am saying that apparently nature does and a theory is that anyone who tries to do otherwise may under perform.

If you want to produce a product or service and build long-term value, then don't go public. Just sell your products and services at a profit and serve your customers. But that won't apply here, because crypto-currency is inherently a public token system.

Thus I assert Monero is trying to apply an ethics which is unnatural in the space in which they are applying it.

As the lead developer, I shouldn't concern myself with trying to void nature, and instead should make sure that my innovations and creations are widely exposed to the market. The market price can do what ever it is going to do, and the usership due to the value of the creations can continue on. Speculative traders provide a service to the market by promoting the creations far and wide in exchange for their profits. This is symbiosis at play.


Speculative traders are opportunists. They spend their time with their eyes and ears open waiting to leverage some lead developer who is good at creating. If lead developers spent all their time doing that, then they wouldn't be good at creating. Thus the division-of-labor applies. The two can come together to provide the symbiosis so that the developer is financially motivated as well as creatively motivated.

If a developer has earned a lot of capital and wants to change vocations to become eyes and ears, the problem is (as was my case when I had 18,000 oz of silver in 2007 at the $21 price) that we are not naturally attuned to be speculators. After 2002 when I was a millionaire (inflation-adjusted), I was always off doing some creating (all nighters coding, researching tech, learning Haskell, etc) when I should have been 100% focused on my investments, thus I ended up losing all my wealth due to be unprepared. The typical absent minded scientist that is too busy to even take a shower or care that the socks he grabbed are two unmatched colors. I predicted the rise from $25 to $48 of silver back in a published article on marketoracle in 2010 (http://www.marketoracle.co.uk/Article23786.html), but when the time came to sell at $48, I called my broker in Philippines and he said he can't sell there are no buyers. I was in physical and I should have been in paper silver! Ideological shit trapped me! I made so many errors like that. Then got sick at the very moment that Bitcoin was developing (2012). I have learned my lesson about focusing on core talent, interest, and vocation.


Indeed. That was the observation I was making and leading me to propose this theory about required symbiosis with speculators. You can argue it as a positive for Monero, but I positing a theory that is a negative.


But of the ones that had any semblance of unique and worthwhile features, they remained in the Top 10 once they got there. The core usership was grown.


Speculator performance != user performance. Users of the coin buy to use the product not for appreciation.

Some have argued that huge volatility is a negative for adoption for currency use case. Well I disagree. Volatility is necessary for the speculation case. And for the main use case the crypto can beat fiat and credit cards which is microtransactions, then I argue volatility will be mostly irrelevant. I will have to show in the future why. Not now.


May be too late. Seemed I looked at the tech for those three and they all are lacking in some significant way. I will look again and comment later.


I basically take the attitude that I should be invested in my own work. And that speculators are going to do what they are going to do. And that I should be smart about when I take some partial profits and when I reinvest in my own work, holding a core position long-term. One of the key things is never again will I hold the majority of my investments in something I can't trade with my finger at a moment's notice. Thus physical gold is out of the question, except as a long-term holding. Also remember as a lead developer I hold the trading weapon of when to announce new developments and release them.

I think the developer should be excel at his role and responsibilities and the tools which he is most expert at deploying. He should not try to control what is not his role, rather roll with it deploying his natural tools and role.


Rather than see them as the enemy, one could look at them as natural; and my attitude is for as long as you don't actively collude (e.g. discuss and coordinate a market manipulation) in a way that makes you culpable under the law. A small float early on is a good thing and then the float widens over time. Speculator purchasing low, reducing the float, then sitting on the ask to drive speculative fever is free market activity and performing a service to the market by drawing many others interest and then basically turning them into long-term shrills for the coin because they are underwater. Some boom and busts during this process seems to be natural and beneficial to growing the userbase and adoption as well as funding the development.


Right. But sell that to a market. I don't trust anonymity because Tor and I2P are not sufficient. Thus I don't assume I am truly anonymous. One of the reasons I did this recent expose in this thread about the securities law research I did recently, is because I realized I couldn't really be anonymous. And the desire to be anonymous so I wouldn't be culpable to securities law is why I had long-stated I wouldn't announce a coin in my name. But after much reflection (and now desperation) I realized that to be legal I really need to avoid a controlling entity on the coin entirely. And I couldn't be anonymous to the government. And that I wouldn't worry about the government attacking me over anonymity, because I wouldn't even be the one pitching that feature. I would focus more on scaling and anonymity could be implemented as a plugin.


Well but the anonymity has to be combined with some useful features to make it even worthwhile to be using crypto currency any way. I don't think deciding to put all a companies financial trades on Monero is very realistic absent some incentives other than just anonymity on a block chain. Many businesses aren't even using a block chain so they don't need anonymity on a block chain. First you have to get them interested in using block chains, and so the first step is they will be looking for features to motivate block chain use. Later they may get around to wanting anonymity, but by that time others will have added anonymity to those other products that provide more features compelling businesses to adopt block chain.


I don't know if Evan consciously designed masternodes to limit float. He I think was just trying to find a way to solve the jamming problem of CoinJoin that I was pointing out to him. Serendipity of nature. Perhaps Monero is too anal? (trying too hard to control ideologically) I have always felt something culturally alienated from Monero. I think it is something like this desire to be holier than thou. I have appreciated though all the tech interaction, the 10 BTC and all that, so please don't take my words as one-sided. Just throwing out there other ways of theorizing about it. I am not sure.


What I was thinking was you can't pump some featureless copycoin to the Top 10 and have it remain there. Sorry sometimes my typing fingers are struggling to keep up with my mind. Takes so long to write these long discussions.


That is because they stopped adding features. Dash and Bitshares haven't stopped. And none of those coins had really Bitcoin killer features. Bitshares is still trying to. I need to go study again their Bitshares 2.0.


Monero certainly has more intellectual developers contributing. And this attracts a certain breed of community that are strongly in belief that if you get a bunch intellectual guys contributing on open source, then you have a powerful freight train.

Again I am not sure. I can see your cryptographer matched my best effort on the convergence of rings and homomorphic value.

Competing is exciting. I get to play sport again but on the programming field. Whether the communities see any released competition from me or not is totally dependent on my health.


But the problem is that for Monero to implement something Bitshares DPOS they would have to complete restructure their block chain code and probably their database code, etc.. Major rewrites of large code bases become progressively unlikely or unwise. The larger the code base becomes, the more unlikely to rewrite it.

You and I know that but many readers may not.


Yet othe says Monero forces a hard fork every 6 months.

Btw I was very, very sleepy when we were discussing burned upgrades.


Agreed only theories and the few anecdotal cases we have as evidence thus far.

And I am not 100% sure that Monero is doing what they need to do to be immune from USA securities law. Appears there is some things they are going which appear to be like an organized controlling entity. Of course much less likely culpability than what Evan or Ethereum have done.


I am not sure either. See my argument that those underwater become promoters for the coin instead of throwing in the towel. especially if there is ongoing hope from new developments and a strong tech from the outset.


Same argument could have been made against my burnable code coins. But in reality the investors don't control the mining nodes, so thus I think your response is incorrect.


Agreed. I also have that motivation (e.g. the dating site I created but needed permission-less micropayments so I shut it down). But it is too indirect and removed from my current financial stress.


Then it isn't really decentralized. Do it isn't a solution to decentralized block chain scaling.


And d) trying to do it with past 3 years history of chronic fatigue syndrome and pain/headaches that limit production.

But the problem is #d also may limit what I can get hired to do outside of crypto as well. Really I have to solve my health issue or better prepare to live in the jungle eating grass.

As for doing a job outside of crypto first, as you said it is do or die time on block scaling. And I have invested a lot to come up to speed on crypto and designs. It is do or die time. The work outside of crypto will still be there.

As I said, I think Bitshares is flawed but let me reserve final opinion until I get more feedback and do more study. I will be covering the other contenders in the following post as my time allows:

https://bitcointalk.org/index.php?topic=1153740.msg12745519#msg12745519

Move that discussion over to that appropriate thread.

Both smooth and r0ach have mentioned Dash working on a new block chain scaling design. The only information I found on this as follows:

https://dashtalk.org/threads/rebranding-and-scalability.4254/

I have a reasonable sure idea what Evan is thinking. I expect the weaknesses of his design I expect he is conflating distributed and decentralized and uses the later term where he should use the former. Yes the masternodes are distributed but if you give them any discretionary power then you have the problem of power corrupts absolutely. Remember masternodes can be purchased.

---

Edit: I found the following information:

https://dashtalk.org/threads/development-update-oct-19-2015.6429/

https://dashtalk.org/threads/dash-team-at-bitcoin-wednesday-amsterdam-presentation.6287/page-6 (see last post on page)

Appears to be something like this Open Transactions white paper:

http://stashcrypto.com/how-it-works/


So Evan is planning to allow a quorum of masternodes to confirm a transaction through thresholded multisig. He will move transaction confirmation off chain, similar to the InstantX which moved certain transactions presigned to certain outputs off chain to the masternode. The transaction's hash will determine I assume which quorum the transaction is routed to.

So yes he is doing exactly what I expected him to do. The weakness is that a little bit of corruption in the masternodes and you have either chaos of a block chain that is double-spent or loss of fungible permission-less commerce. The difficulties are in coordination overhead (DoS, etc), fungibility, and verifiable global coherence. The security model of crypto currency either has to be proven to still be in force, or he has to explain how he has modified the security model and why his alternative is secure. The Bitcoin security model is that any full node can download the entire block chain history and verify everything.

Evan claims immunity to 51% attacks. I also claimed this is in my design in recent months. He didn't mention that in the March post, so assume he (or Dash people) read my posts. (remember the masternode concept originally started back when Darkcoin was created when I was in discussion in the forum with Evan about the weaknesses of his first design for Darkcoin).

I know how he intends to achieve 51% attack immunity. But I think he will lose verifiable global coherence. I claimed that feature knowing that I could not commit these shortcut errors in design that I assume he is making. Any way, I haven't seen his design, so let's see if I end up being correct. Perhaps they will read this post and try to correct the mistakes they were going to make.

---

Edit#2: found this and seems to confirm to me that he is doing it the way I expected him to do it. Not enough details are revealed for me to determine how he is handling the issues I stated above.

---

Edit#3: It doesn't appear this is aimed at block chain scaling rather only at faster confirmation times for transactions. Because it appears that all the confirmation records have to come back to the block chain. So you still need huge blocks and lots of CPU power to verify all the confirmation records. He is authorizing a quorum to preconfirm the transaction before the block confirmation.

---

Edit#4: I realized his claim of immunity against 51% attacks is probably not true. Because if the minority refuses to honor the collusion between some masternodes and 51% of the mining hashrate, then those masternodes can stop responding to the minority block chain, thus forcing the minority chain either to violate its own protocol or be orphaned. Or he may have in his protocol that masternodes are excluded when they stop responding, but if 51% of the masternodes are gone then it means 51% of the money supply has probably gone from the minority chain too, because in Dash coins are conflated with masternodes. So this could collapse the value of the minority chain in exchange markets. Overall it doesn't look like "immunity" against 51% attacks because the masternode is very much a concept of he who has the money rules the coin.

I am going to unlock the thread again in case any one wants to comment.

After all, it looks like Monero cryptographer Shen-Noether's design for this Holy Grail of on-chain anonymity where Cryptonote one-time rings are combined with homomorphic value hiding can do the same functionality as my design can. My white paper was completed in July all by myself. Shen's white paper was only completed in October and he interacted with some from Blockstream and apparently others.

The difference in our two designs appears to end up only in terms of efficiency. His design works with Blockstream's Confidential Transactions. My design works with an unpublished version of Denis Lukianov's Compact Confidential Transactions which contains my improvements to make it even more compact and probably 3-4 times faster (https://www.reddit.com/r/Bitcoin/comments/395go1/compact_confidential_transactions_alternative/cv11nn6) (pending tests).

So you can compare CCT to CT and see that my design should have a better than 850% size advantage (see section 4.6 Comparison to CT) and the performance should also be faster than Shen's:

http://voxelsoft.com/dev/cct.pdf#page=10

Bitshares explains why efficiency of transactions is very important if you want to minimize transactions fees while maximizing the number of validating mining (PoW or PoS) nodes listening on the network:

http://wiki.bitshares.org/index.php/DPOS_or_Delegated_Proof_of_Stake#Scalability

My white paper will eventually be published of course. Some coin may get it secretly to implement first before it is published.

I am not totally against selling the exclusivity for it to Monero, but I don't think that is their development model. Monero is going after the open source model where to get paid you need to be paid by your company to work on Monero, e.g. Blockstream is paid $21 million to work on these technologies and I assume Shen-Noether would like to impress them and maybe increase his work offers due to increased recognition of his achievements. I am not even a part-time mathematician so I have no chance/motivation in hell of using my paper to increase my chances of gaining lucrative ongoing employment as a mathematician. Thus I seek to maximize the benefit or effect my work can impart to myself and the community which is most aligned with my direction in crypto. Had I known that Shen and some of the best cryptographers from Bitcoin were working intensely on this, I would not have expended the effort to design what is better left to those people who are paid to do this full-time. It was a tangent from my usual vocation as a programmer. I did it because I thought no one else was going to solve it soon and I wanted to know how I could implement rings without that damn requirement for power-of-10 balances in Cryptonote. I think Monero will eventually redesign what I did, or they can wait until mine is published. It isn't really big problem for them. Their model is the methodical march forward of the open source model.

I personally still believe having the best tech and being first mover in a market with it, can add stature for a coin and/or ecosystem.

Nice to see this thread unlocked - was starting to get a little irritating with the narrative hogging.

I think J.J. Abrams would be jealous at the amount of column inches and hype that you're currently generating.

When can we expect some meat and potatoes?

How did I not answer that question already in the prior post to the best of my ability to predict the future scenarios?


Could you please be more precise? What hype was that? We are in the Altcoin discussion thread. I have a thread about a radical improvement to Cryptonote which is even better than the Zerocash which was a technology that originally made a lot of people excited. And what have I hyped? I have sought the best value and direction for my invention while also evaluating Monero-Shen's comparable invention.

Having a dialogue with the community so as to learn what works and doesn't work seems to be a desirable trait.

hype¹
hīp/
promote or publicize (a product or idea) intensively, often exaggerating its importance or benefits.

It's okay - it was a throwaway comment not designed to be in the perjorative. Consider it to be tounge-in-cheek.

As an investor I'm always keen for action - that was my point.

Okay thanks. I edited my post based on your tongue-in-cheek feedback, just to make sure I had links to where the estimates of the 850% size and 3-4 times performance gains are documented. I made that post today because following up on the estimates was on my todo list from the past couple of days.

I'll be happy to get off this anonymity issue and back on to other work where I feel I can create some intense action. The anonymity is important to me and now I am done with that for a while and just need to see if anyone wants to implement my design now. Otherwise it can wait for if I do my own coin.

Ten days later I found some time to follow up...

https://www.reddit.com/r/Monero/comments/3oi16k/ring_ct_for_monero_a_work_in_progress_comments/cw7kkvy



To help them with their delusions, I have taken to logging into my various Reddit accounts and up voting their posts and down voting my own posts. Hopefully that causes them to think more highly of themselves and stack on more overconfidence. Maximum overconfidence comes right before Humpty Dumpty has the great fall.

LOL, I can't prove you didn't vote down your own comments, but hearing a man who claims to be as good a running back as Barry Sanders wax poetic on delusions of grandeur is about as much hypocrisy as I can stand. Look in the mirror next time you lecture about ego; I'm sure you'll like what you hear.

How on earth do you get that you have prior art?! Where is your published paper, predating Shen's, that describes your scheme???

Honestly, I'm too busy to have a circuitous discussion about this, so I'll let Wikipedia explain what prior art means:

WOW... Just WOW....

https://i.imgur.com/EDXfPJv.jpg

The Monerotards just can't ever admit that someone else could do anything they couldn't do and give proper credit and respect where it is due. Sigh.

And then they wonder why their shitcoin is going no where and those who have the talent to make it go somewhere are not motivated to join with their sick attitudes.

You guys are hilarious. Keep making excuses to deny reality but it won't help you in the real world.

Not even one thank you for pointing an egregious error in Shen's proposed solution which could have enabled me to crash your market price had I withheld the information and supplied it after you implemented a hard fork with the design error. Instead I get verbal diarrhea about senile rage. My and the community wide anger against Monerotards, is because of for example your Shen's condescending verbiage and now more of it from all you key persons in the Monerotard community and even the lead developer.


fluffypony, I provided links to the prior art that was published in public. If there is contention about the date of who published first, it is possible to go digging in AnonyMint's archives to find the earlier dated posts with the relevant information. Why do you waste my time with a post that shows you didn't even read the post I made that contains the links to the prior art (and the mention of earlier dated posts being in the earlier archives if necessary)? Do I waste yours?


Very indicative of the brow beating mental disease of Monerotards.

I'm not really following it but look, to get credit you have to publish stuff, or release products or something. If you do your work in secret and don't release things, that has its own benefits, but credit is not one of them.

I did acknowledge on that thread the stuff that you came up with last year about combinatorial unmixing, but beyond that everything you have claimed to do is unreleased. If you get scooped, that goes with the territory.

If you took the time to read what I wrote, then you don't have to waste my and your time writing this. I provided links to the published prior art.

As for proving my white paper was finished before theirs, you ass-u-me I didn't sign a hash to a public block chain and that when I release my white paper, that I can't make all you eat your verbal diarrhea.

Then there will be something to back up your claims, and basis for credit to be given. Currently there is not.

For my demand that he cite my prior art, I only referred to the publish prior art on the combinatorial unmasking prevention, of which his published proposed solution is incorrect. Thus even if I published my solution now (instead of the June 2015 provided by my published prior art, and I also have posts on that same art from 2014 if necessary I can dig them up), I would still have the prior art on the correct solution.

If you are going to post, at least bother to get your facts straight by reading my post first.

Well I agree with you that your approach is close enough to his in terms of subject matter that it should be cited as prior related work at least. As to relative advantages and disadvantages of the techniques you will have to hash that out among yourselves, or just state your opinion, he'll state his and let readers (and ultimately the market, assuming either or both is ever implemented) decide.

Too much talk.

A suggested improvement to the Compact Confidential Transactions (http://voxelsoft.com/dev/cct.pdf#page=16) which my Zero Knowledge Transactions builds on:

I am no longer seeking to raise money to implement or release my white paper. I am not just commenting in this thread about the technology in that white paper.

Thus the poll is already irrelevant at this point, except to be a record of an expression of the value voters assigned to my research.

It is possible my technology might be implemented in another Cryptonote or other coin (although this seemed to not have progressed beyond an initial coordination so far), and at this point it appears the mostly likely coin where it will first appear will be my own coin. But anonymity is somewhat of a lower priority for me at the moment, although I continue to make sure that my designs are compatible with the Zero Knowledge Transactions (for future integration with it).

I am not closely tracking what Monero and Æon are implementing. Appears at least Monero may be fast tracking on Shen-Noether's design, but I haven't verified that.

I've been busy doing 1) math; and 2) designing how micro-transactions scale and the impacts of value hiding of (Compact or just) Confidential Transactions (which also pertains to my derivative Zero Knowledge Transactions):

1. https://bitcointalk.org/index.php?topic=1085436.msg12964946#msg12964946

2. https://bitcointalk.org/index.php?topic=1249015.0

Critically important discovery regarding anonymity for crypto-currency, which renders my Zero Knowledge Transactions white paper (and as well Shen-Noether's both) worthless:

The details on this are a bit mind-twisting, so I did find an error in my prior post as follows. And it means we apparently do still need Ring Confidential Transactions and/or my Zero Knowledge Transactions:

My advice to you is to perhaps try less to narrow your views by thinking about block chains. I encourage you to think more about trees.

By placing that comment in this thread about anonymity, that exhibits to me you don't have a very good grasp of the technologies of crypto since block chain consensus algorithms are orthogonal to anonymity algorithms.

Trees and DAGs are not a solution for block chain consensus (and they have nothing to do with anonymity). They fork uncontrollably. This will all be explained. Just let Iota, Railblocks, etc. go forth, then at the appropriate time it will be explained they are technically flawed. We can't escape from proof-of-work (PoW) and maintain decentralized consensus. Period. Proof-of-stake is discussed else where and I don't to repeat what I have already written in my archives (someday I will summarize it all in a paper).

I'd love to see a proof of that. Not meant as a challenge and I don't necessarily disagree at this point. It just seems hard to say that because we don't know of a way there can't be a way, and such a proof would be interesting.

In fact I have a vague notion of idea that may be possible, but I haven't reduced it to a usable form. (Not at all related to PoS or other such techniques, and my idea may too devolve to PoW in some unseen way.)

Let's start with the refutations I did in the past couple of months to some old quotes from jl777 about the ability to game stake and shorting together. I think the insight was there. I need to get back to that when attempting to prove it and write a paper. I didn't want to dig right now as it is a lower priority tangent for me at the moment. Hey that is no attack on jl777 as he has said he is agnostic to the choice of PoW or PoS, so he will adjust as to what is proved. To prove that assertion will be more difficult than just having a single insight, similar to proving P ≠ NP (https://bitcointalk.org/index.php?topic=1284083.msg13264616#msg13264616).

My comment may have been unclear. I have a vague notion of a (maybe) non-PoW method that might actually work.

I have no idea whether it is possible to prove that no non-PoW method is possible. I don't think showing that PoS is impossible (not sure if we are even there yet, but as you say, refutations of claimed PoS methods always seem reasonably easy, if tedious) is sufficient.

This is no proof, but you can say for certain that the cost of executing a double spend in any POS system is a simple constant proportional to the amount of stake you control. In POW, the cost is super linear in the number of blocks, which is far better security.

Then of course there is no reason for me to elaborate. You seem to have cured cancer here as well and think you have it all under control.

If i'm to be honest though. I don't think you have even brushed the surface of zk-snarks and its ability to do away with the blockchain. I don't think you understand how it even functions or can potentially function. I'm sure one day we can chat, when your head is not so far up your ass that all you can see is what you are digesting.

Please explain the relationship between zk-snarks and trees.

I have continued this off-topic discussion about block chain consensus in a more appropriate thread (https://bitcointalk.org/index.php?topic=1219023.msg13276564#msg13276564). This thread has nothing to do with block chain consensus. LongAndShort, please when starting a new line of discussion, find an appropriate thread to introduce your thread jack.


If it pertains to block chain consensus, please in another thread. I have an idea what he is referring to. His SNARKy attitude will be dealt with in a humbling manner.

Don't you understand that "fundamentally broken" means they don't work for the features they claim that are an improvement over Bitcoin.

The link I provided to you for Ethereum explains that afaik they never solved the primary economic issue facing scaling programmable block chains, which is that every full node has to verify the block chain, thus every full node has to run the programmable script. But the problem is who to pay the gas (ether) to so that all full nodes are paid for verification? This has DDoS implications as well. In short, they never solved the core economic problem and thus Ethereum is just a fucking toy that can't actually work.

Ditto Monero as explained below (the arguments were in the links I provided to you before but again I am always forced to repeat myself because readers are so clueless about technology that they can't even understand what I write).


You are a n00b and you don't do enough research to know what you are writing about. Why should anyone believe you?

Monero is not anonymous when your metadata can be correlated. One example of metadata which unmasks your anonymity is your IP address. And no, Tor and I2P mixnets do not hide your IP address from the government, in fact they are thought to be Sybil attacked honeypots that not only tell the government your IP address but also alert the NSA et al that you should come under extra scrutiny.

And IP address is not the only metadata that can destroy your anonymity in ring signatures. Other examples can include cookies in your browser and other activity you did on the web. Other examples also include telephone calls and other activity you did around that time, which have statistical significance.

I wrote about that in the link in the post I made upthread which is quoted below.


Ring signatures do not obscure everything. Only Zerocash can obscure everything so that then metadata is no longer a problem. I see Vitalik @ Ethereum has been reading my Bitcointalk posts, because now he has written a blog post to copy most of the points I have been making for the past months (https://blog.ethereum.org/2016/01/15/privacy-on-the-blockchain/).

Additionally I have been making the point since the BCX incident that ring signatures can theoretically be unmasked by combinatorial analysis of the block chain. In the recent debate I had with Monero's cryptographer Shen-noether at Reddit about his white papers, I pointed out that his proposed solution to combinatorial unmasking was flawed. He and smooth did the usual ad hominem attack on my person, and then I rebutted them with logical facts and they were forced to finally put their tail between their legs.

Bullshit. So much bullshit in these discussions of cryptocurrency technology. Especially coming from all the Monero pumpers who haven't done their homework, because they are retarded, closed-minded, and boastfully so.


Just a (arguably plagiarized) copy of Cryptonote technology, so same conclusions as for Monero.

https://z.cash/ is the only potential solution for making metadata correlation irrelevant, but all I know about it is here:

http://zerocash-project.org/

Seems the project died or stalled? Afaik they've been quiet past months or most of 2015?

Also scaling issues will probably still apply thus it is possible that Zerocash doesn't scale to world wide use, or other problems such as DDoS. I won't know until I dig deeper into it. Perhaps they discovered such issues and stopped working on it.

Anonymity is very difficult to achieve. I would guess maybe impossible once all the technical factors are considered. But I am still willing to try. I personally will come back to Zerocash's technology later, after I finish fixing block chain scaling and decentralization (which is more important priority and more realistic).