A year prior he was supposed to release his "coin" but instead worked with Monero and then suggested it isn't truly anon
I will respond to statements of factual inaccuracy. If you can find a quote from any of my usernames which refutes any of the following, then please share. I said and still maintain the following about Monero: - I once joined the dev chat room for a few moments, and they were going on and on about Linux and networking esoterica, which is not my interest nor forte. Seemed far off from the things I would like to focus on and gets my juice pumping.
- there is no great scaling for it in use as a currency that I can see
- it can't scale decentralized
- it uses I2P (which along with Tor I don't trust) to obscure the user's IP address (and if IP addresses are revealed the ring mixing anonymity can be unmasked)
- it doesn't appear to group and force mandatory rings in a way that prevents unmasking the anonymity
- the PoW hash function is not optimal for minimizing the differential between future ASICs and CPUs, i.e. I measurably know this because I have a better PoW hash function implemented
- In Cryptonote, the mixes have to be equal value which forces balances to be preloaded into powers-of-10, which complicates wallets, leads to more chances for combinatorial unmasking, and explodes the transaction data sizes (which has impacts on scaling, orphan rate, etc).
- afaik they have no coins to offer bounties because there was no ICO reserved for such (instead I heard the devs were mining the shit out of the egregiously front loaded debasement curve and rumor was the guy who optimized the PoW hash netted himself $150,000 before releasing the optimizations), nor would they like a rancorous dev coming in and rearranging the house
- I've heard (not verified) they inherited a sloppy C code base and I hate C and C++, even I am very proficient in those programming languages
- fluffypony (is he Australian?) was nasty to me from the get go (perhaps I was to him but I was just expressing my opinions similar to what I am saying now), which turned me off since he is apparently the most active dev. I've had respectful exchange with him since, and I retain no animosity towards even people who appear to have lost their mind.
- over a year ago, rpietila was telling everyone to buy more BTC at $600 and XMR was the greatest thing since sliced bread and I was turned off by the lack of cooler heads and objectivity. Since then, I come to respect smooth and realized that rpietila isn't the key voice of XMR (and I don't dislike rpietila, he is my friend and even a potential token amount seed investor of my controlling group... no I am would not pull rpietila away from XMR, he just likes small diversifications and he is my friend after all).
- XMR was a coin for those devs who already had money to invest, not for a dev like me who exhausted his former 18,000 oz stash and needs to strike it big one more time in life coming to old age without a retirement, blind in one eye, teenage dependents, and diagnosed with a chronic, progressive illness Multiple Sclerosis.
- it feels like most in Monero are Europeans and I am an American. This seems to be related to their major boasting about how the coin was launched "fairly" as a collectivist mining (with front loading no less
 ) instead of as an ICO. Seems even though we can probably work together technically if we have some independence and orthogonality in modules, there do exist some cultural attitude differences. Americans (of yore and I am a throwback X gen) tend to be adamantly capitalist, anti-collectivist, very "can do", etc.. My best friend from high school was a Lt. Colonel in USAF and he lamented to me once that he hated meeting with the NATO counterparts because mostly all they did was talk. Obviously Germans are perfectionists and I have some German ancestry. - I was very ill most of 2013 and 2014
- they basically took someone else's work and capitalized on, convincing the market that other Cryptonotes were inferior. For me this felt more like freeloading than capitalism. Even if Boolberry was sort of instigating them by trying to make comparisons, the entire Cryptonote outcome felt like a clusterfuck to me. What innovations did Monero do? I recalled Michael Jordan's criticism when Lebron joined with Dwade and LongNeck in Miami, "I didn't want to join Larry Bird and Magic Johnson, I wanted to beat them." Competition and innovation makes the world a better place. Lebron is athletically nearly as gifted as MJ was, but he doesn't appear to have the same mental gifts. On the flip side, whatever made MJ great as a player, makes him a horrible GM/owner[1].
- probably lots of other reasons I am not thinking of off the top of my head
There were other things I had written and later retracted such as for example in debates with smooth. For example, I once had asserted that off chain mixing could have some advantage in that the mixes were not seen by the public, but smooth pointed out that if the NSA is truly recording every packet, then all the unmasking can be done if ever for example Tor's encryption is broken. There were other examples of issues that I retracted during discourse, such as formerly thinking Cryptonote rings could not be pruned, yet recently I revealed how to do that. My main issue with Monero right now is that I can't see that they've solved all the issues and have momentum on its use as an anonymous currency. They are apparently making progress with a new web wallet coming, rpietila is making a game to potentially drive use as a currency. They probably have other initiatives in the works and I know also they feel that once the debt contagion accelerates, then they will be a beneficiary. We will see. Also Monero doesn't precisely fit my goals which are to get rich, work on something interesting, and to solve the totalitarianism I believe we are facing. One aspect of "interesting" for me, is to rock the boat and make big waves. I love shocking people. Think of me as Michael Jordan or Dennis Rodman, in that I want to shoot the ball with my eyes closed or win doing it my way.  | Yeah I am an American. That doesn't mean I can. Lots of loud mouthed loser Americans,  . America is at the top of the mountain and headed down the backside, but Europe is already more than halfway down from its former glory. The Asians will be taking over for us by 2032. I am in Asia now trying to adjust. |
I have absolutely no desire to be involved in any pump and dump, nor do I want to own 1% of the economy (what a major responsibility and nearly impossible to allocate resources optimally at that scale). You can be sure if ever I am involved in something it will be a fight to the finish (or unification), very high quality, and very serious. For me it is as much about making a mark on my life before I go, the challenge of competition, the wonderment of try to build something, as it is gaining some fortune to enjoy the time I have remaining. Edit: also there some personal redemption involved in my motivation. For example, there is a certain Bitcoin core dev who seems to have a difficult to categorize what appears to be from my perspective an attitude problem about me. Perhaps it has something to do with the conjecture that math conquers creativity or something along those lines. Again I don't hold grudges, for me life is more fun if moveon, but some guys incessantly remind me that they do (hold grudges or repeat the same traits that rub me the wrong way). That is the food I love to eat. |
|
|
|
Thought this might be of interest: "...ProxyHam, an online anonymity box that puts you a mile away from your IP address...a “hardware proxy” designed to use a radio connection to add a physical layer of obfuscation to an internet user’s location. His open-source device, which he built for $200, connects to Wi-Fi and relays a user’s Internet connection over a 900 megaherz radio connection to their faraway computer, with a range of between one and 2.5 miles depending on interference from the landscape and buildings...The first part is a box the size of a large dictionary, containing a Raspberry Pi computer connected to a Wi-Fi card and a small 900 megahertz antenna..." http://www.wired.com/2015/07/online-anonymity-box-puts-mile-away-ip-address/One of the things we may be able to accomplish with real-time micropayments is to monetize the user's home WiFi routers and internet connections. This will do more to help Net Neutrality than all of Obama's corruption to use propaganda to get dumb ass socialist users to vote for letting the fox manage the hen house. |
|
|
|
|
It is great to see all these people working together to accomplish a goal. I know it is a great feeling for the developers to reach a point of critical mass.
It does however have a certain level groupthink (non-objectivity) attached to it, and people tend to emotionally marry the investments they feel a teamwork attachment to.
I don't know why I am making this comment. Perhaps I am saying I envy or relish the feeling of being involved in a great team result, but also those damn black swans. C'est la vie.
|
|
|
|
|
Smooth I agree complexity is the killer. One way to decrease complexity is separation-of-concerns. The base coin protocol should for example be as orthogonal as possible to the wallets. Ideally even the base coin protocol would be nearly orthogonal modules, such as:
* consensus subsystem
* transaction subsystem (drop in CN, CCT, or what have you, even use more than one at the same time)
* SPV client-server subsystem
Oh shit, I am sharing my design.
Backdoors can be minimized with clear semantic code, strongly typed language, detailed comments, and minimal code. Cryptographic critical paths should especially be documented line-by-line.
Such nirvana is easy to write down as a goal and hard-to-do.
Any way, I think code shouldn't be so boring. Should interest people just to study it for its elegance and semantic terseness. If I get bored with pedantic minutia reading code, I am usually gone. So that pretty much eliminates C as a language choice for me. After 5 MB of C and 68000 assembly source code I wrote in the 1980s, I think I had my lifetime's fill of that crap already.
|
|
|
|
No worries mates. I think I've said enough don't you? Cheers. |
|
|
|
What if you "disappeared" and because of that the other 6 "retire" or "lose interest" and turn over control to "Gavinmike".
Then someone else can fork the repo and take over. If no one cares enough to do that, then it doesn't really matter does it? If you are asking for some sort of ironclad guarantee of no potential failure modes of an asset with potential million-to-one returns in the event of meaningful success then you don't really understand economics, and I don't think that is the case. I guess you are just pointing out possible failure modes for others, which is fair game. I was cracking a joke but at the same time saying if the ideological devs could be scared away and replaced by G-MEN pretending to be ideological, similar what is sometimes alleged against Gavin and Mike Hearn. Ideally you don't need any more core devs and the coin is done. But I realize that is probably unrealistic. |
|
|
|
Actually quite in character for MOA I'm afraid to say and that everyone is getting to see.. As well for you to take his wild one sided accusations and run with them. It should be apparent this has alot to do with my position on the block size debate.
All I have to say is that the allegations are without merit and i expect to win.
HolyFuckinShit! If I nailed it on this post my head will truly explode in awe of my surpreme analytical abilities. Edit: Looking more carefully, I have to admit that Anonymint deserves the credit, though I did muse about the existence and motivations of shills as stated prior to his post. All I know is I can't get cypherdoc's google ads to disappear. They follow me on every computer I open. He must have some powerful friends, if I can't figure out how they are tracking me every where I go and displaying his ad just to make me paranoid. Did I mention I am losing my sanity? Or am I leading you where I want you to go. Seriously though Cypherdoc is either one really bored eyedoc, or he's shilling and not chillin'. I've grown fond of the chap (his Sesame Street BOOs and all in a Stockholm Syndrome), and hoping he can work his way out of the mess (as long as it includes reasonable justice without punitive, spiteful injustice). |
|
|
|
PS: Klee is a fellow Greek and I like his way of thinking.
I tried the PnF crap and managed to lose $70,000+ in 2012 doubling down after getting stopped out on options. After that I started reading Armstrong and have lost any money on any investment since. kLee was profiting quite well from following my timing calls on the Bitcoin price moves and now he decides to delete my posts that disagree with him. I guess he has to learn the hard way, such as when most of his coins got stolen for failing to do basic wallet security. You can lead a horse to water, but you can't make a stubborn Greek drink. |
|
|
|
I disagree. Order DOESN'T exists ONLY at higher levels of conceptualization. There's a mathematical proof for this.
I suspect the disagreement is only in definitions of words. I am trying to articulate that order is relative to perspective. So if you want to find order, you need a conceptualization (a.k.a. perspective) that enables to you recognize that order. I refer to that process as higher level, but that doesn't mean higher as in macroscopic versus quantum. It means higher in the sense of applying some rules on the interpretation other than the default one that rendered only noise. Hey WTF are you praising PnF TA nonsense? Surely you know that TA does not have anything better than a 50/50 perspective on future prices moves, and worse than that if you include human emotion since one mathematical truth (of the wealth effect, i.e. mcap != capital invested) is the majority always has to lose more in the markets than the minority. In case you need to refer to them again, I moved all the posts kLee deleted here. Armstrong is predicting price moves correctly. I proved it again in the PnF thread. |
|
|
|
Throwing all the Martin Armstrong related posts here, that kLee deleted from his PnF thread in the Speculation subforum. I think this commentary is too valuable to be lost from the public eye. Thanks to kLee for creating this extra work for me.
A reply of yours, quoted below, was deleted by the starter of a self-moderated topic. There are no rules of self-moderation, so this deletion cannot be appealed. Do not continue posting in this topic if the topic-starter has requested that you leave. You can create a new topic if you are unsatisfied with this one. If the topic-starter is scamming, post about it in Scam Accusations. PnF looks promising though.
huh  Let kLee fool himself so he can learn the hard way, but I thought you were based in mathematical facts not superstitution.
A reply of yours, quoted below, was deleted by the starter of a self-moderated topic. There are no rules of self-moderation, so this deletion cannot be appealed. Do not continue posting in this topic if the topic-starter has requested that you leave. You can create a new topic if you are unsatisfied with this one. If the topic-starter is scamming, post about it in Scam Accusations. TPTB with all the respect to you and Armstrong can we keep this thread PnF related?
I will leave, but before I go I want to point out that PnF and other technical anal-sis, is useless. Quoting Armstrong's energy model points out why that is the case (thus on topic). I've helped you make some money which you desperately need given your illness. Any way good luck, I will not post in your threads again.
A reply of yours, quoted below, was deleted by the starter of a self-moderated topic. There are no rules of self-moderation, so this deletion cannot be appealed. Do not continue posting in this topic if the topic-starter has requested that you leave. You can create a new topic if you are unsatisfied with this one. If the topic-starter is scamming, post about it in Scam Accusations. macgsa, Here is more info on Armstrong's models. See for example the Energy Model which is claimed to be an improvement on one-dimensional oscillators or stochastic indicators. http://www.armstrongeconomics.com/modelsP.S. Don't tell iCebreaker, he might blow a fuse.
A reply of yours, quoted below, was deleted by the starter of a self-moderated topic. There are no rules of self-moderation, so this deletion cannot be appealed. Do not continue posting in this topic if the topic-starter has requested that you leave. You can create a new topic if you are unsatisfied with this one. If the topic-starter is scamming, post about it in Scam Accusations. I will LMAO when we breach $300 and then stabilize above it never to see below again.
If we move significantly above $400, then you can LMAO with confidence. Otherwise, you are very likely to be the greater fool, based on Armstrong's thesis of public vs. private assets and the timing of the coming contagion in October as I explained upthread. Remember capital flows chase capital flows, because of the wealth effect (i.e. the market price and thus market cap > the capital invested). Thus when the stampede is in a certain direction, capital follows there and out of where it was. Then you have to add the margin calls and leverage induced liquidity contagion that exacerbates the effect. Has Armstrong specifically stated anything about future BTC predictions? That would've been a nice incentive for me to buy his "Socrates" S/W.  Afaik he makes only predictions regarding to gold. And Anonymint treats gold and bitcoins the same way, as private assets. Afaik he has written about private assets as a class of assets, not only as gold. He has explained how the US stock market has apparently phased shifted and moved recently from being aligned with public assets to alignment with private assets, which is why it is moving into a low for October instead of a blowoff peak. Back in August 2012 when he predicted a doubling or tripling of the US stock market, he made it clear that this could either come before October or in 2017, depending on whether the stock market phased shifted or not. By now, he is reasonably certain it has phase shifted. The USD has also aligned with private assets for the period 2015.75 to 2017.95. After that 2017.95, all hell will break loose, pandemics, global war, etc.. and the USD is toast. He has not written about Bitcoin except to say he hates cryptocurrency and thinks it is doomed. I dismiss this as myopia on his part because his global flows models can't pick up on such small caps and he hates it because he thinks all cryptocurrency is associated with the move to electronic money totalitarianism and he also looks at it as a false hope at odds with his "Solution Conference" solution (debt for equity swaps). It is possible that Bitcoin is off in its own world and has no correlation to other private assets. I strongly doubt it. The speculative ramps for Bitcoin in 2011 and 2013 correlated with those in gold and silver. Bitcoin has been aligning itself with private assets, just with more speculative volatility because it was such a small market cap.
A reply of yours, quoted below, was deleted by the starter of a self-moderated topic. There are no rules of self-moderation, so this deletion cannot be appealed. Do not continue posting in this topic if the topic-starter has requested that you leave. You can create a new topic if you are unsatisfied with this one. If the topic-starter is scamming, post about it in Scam Accusations. trading is so easy when we have a machine that predicts the future and you guys to translate its data  thanks! Yw, but remember one has to be cautious until the market has confirmed. Looks like we have confirmation now. So many people saying I am insane or am on ignore. Hopefully insanely rich and peacefully ignored, lol. http://www.armstrongeconomics.com/archives/34170Each aspect of PRICE, TIME, and Pattern Recognition (Global Market Watch) is entirely independent. Therefore, we gave three levels on the Dow the 18500, 23000, and 32000/40000. When we introduce TIME, the first opportunity for a major high was 2015.75 and the three price targets would then come into play. So while the maximum objective would have been 32000/40,000 as early as 2015, we have been unable to get through the first target at 18500. Hence, if we saw a price advance to 23,000 with the TIME of the ECM (October 1, 2015), then we should expect a correction because we met both TIME and PRICE. Failing to reach that next threshold at 23,000 means the next TIME target becomes 2017. Exceeding 23,000 before TIME means you then go to the next target in PRICE, being the 32,000/40,000 area.
We identify time windows and for such targets; to form important highs or lows there MUST be the alignment of both TIME and PRICE unfolding often according to Pattern Recognition.
A reply of yours, quoted below, was deleted by the starter of a self-moderated topic. There are no rules of self-moderation, so this deletion cannot be appealed. Do not continue posting in this topic if the topic-starter has requested that you leave. You can create a new topic if you are unsatisfied with this one. If the topic-starter is scamming, post about it in Scam Accusations. http://armstrongeconomics.com/archives/33539Silver is headed below $12 and gold below $1050. Most likely bottoming below $9 and $850. The lowest possible for gold in the $600s. We have a bounce here in BTC and PMs, then headed for lower lows, which means < $150 for BTC and probably double-digits  It will be a blood bath.  You've been warned. And I have not been wrong since I started following Armstrong some years ago.
A reply of yours, quoted below, was deleted by the starter of a self-moderated topic. There are no rules of self-moderation, so this deletion cannot be appealed. Do not continue posting in this topic if the topic-starter has requested that you leave. You can create a new topic if you are unsatisfied with this one. If the topic-starter is scamming, post about it in Scam Accusations.
A reply of yours, quoted below, was deleted by the starter of a self-moderated topic. There are no rules of self-moderation, so this deletion cannot be appealed. Do not continue posting in this topic if the topic-starter has requested that you leave. You can create a new topic if you are unsatisfied with this one. If the topic-starter is scamming, post about it in Scam Accusations. kLee with such narrow bands you can easily get stopped out by volatility. If you want to be a day trader, you need Armstrong's entropy model to do it well. You'd be wise to pay for his services. If you can't afford, then stop day trading because you will end up losing. As a small investor, you can HODL or you can bet on understanding Armstrong's model broadly. I am placing good odds on a bounce to $315 and I am long. At $315 I will be short until we get that blood bath < $100. I have confidence in the model, because I understand why it is predicting this. And it makes sense from many different vantage points. For example, look at the poll of the expected prices for 2015. 36% think $1000+. So we still need a blood bath to wash out all the fools. The reason we are getting a rally here is because it is necessary to maximize the amount money the fools want to lose, as they will double-down and buy more and then HODL all the way down to the bottom. The chart you quoted which shows the rally after every multi-week period of low volatility is apropos. Armstrong pointed out that June and July are the season of the year for gold (thus private assets such as Bitcoin) to rally.
The risk you are failing to attribute to gold is that you won't be able to find any where to sell it.
The government will close down all black markets when they move us to electronic money.
Black markets can only exist where the mainstream money is not trackable. Ponder that.
Your only chance to not lose all your wealth will be an anonymous crypto-currency. Remember I warned you and you didn't listen.
Why would someone who has anonymous crypto-currency want to trade it for gold wherein they risk their anonymity in a sting operation. Duh.
A reply of yours, quoted below, was deleted by the starter of a self-moderated topic. There are no rules of self-moderation, so this deletion cannot be appealed. Do not continue posting in this topic if the topic-starter has requested that you leave. You can create a new topic if you are unsatisfied with this one. If the topic-starter is scamming, post about it in Scam Accusations. I think Armstrong does sell different levels of access to his model. My vague understanding from his vague descriptions is that his stochastic model for day trading incorporates another dimension of structure that is hidden within the price data. Apologies haven't replied to you on your thread. Armstrong made some new posts about chaos this past week on his blog. Hope you have time to review them and quote from them to your thread for posterity. I don't have time.
Silver is headed below $12 and gold below $1050.
The reason for that is the strong Dollar. No. You will see the private assets rise with the dollar after October. The reason is because there is a mad rush into the short end of the bond curve in Europe as the contagion there develops into the BIG BANG in October (which btw has been predicting by Armstrong since 1985 when he first published his model's prediction!). Understand that capital chases capital, because it heads where the prices are rising the fastest. So this is sucking capital out of other assets. Also during a contagion, the most liquid (not leveraged assets) are sold first. This coming low in private assets is to set up their massive rise after the BIG BANG in October.
A reply of yours, quoted below, was deleted by the starter of a self-moderated topic. There are no rules of self-moderation, so this deletion cannot be appealed. Do not continue posting in this topic if the topic-starter has requested that you leave. You can create a new topic if you are unsatisfied with this one. If the topic-starter is scamming, post about it in Scam Accusations. The mad rush into short end of the yield curve for safe haven in bonds will be the peak of government Oct 2015 (i.e. public assets), which will be a low in private assets (i.e. stocks, gold, Bitcoin). After that we in the crazy global sovereign debt collapse and private assets will rise like crazy. For the moment we are having a seasonal summer bounce in private assets to suck in all the greater fools before the collapse into the low Oct 2015. Of course it is possible that this summer rally already peaked. I was thinking more to $315, but it doesn't have to be. I still think it will, to pull in more "Bitcoin to the mood types". The WEC will be critical to surviving what comes next, not just a single day. The crazy period we face is 2015.75 into 2017.90.
We have been warning that we may see a Phase Transition in equities BEGIN with the 2015.75 and the FALSE MOVE. But this should be the PEAK in government – NOT the peak in markets outside of interest rates.
A reply of yours, quoted below, was deleted by the starter of a self-moderated topic. There are no rules of self-moderation, so this deletion cannot be appealed. Do not continue posting in this topic if the topic-starter has requested that you leave. You can create a new topic if you are unsatisfied with this one. If the topic-starter is scamming, post about it in Scam Accusations. The mad rush into short end of the yield curve for safe haven in bonds will be the peak of government Oct 2015 (i.e. public assets), which will be a low in private assets (i.e. stocks, gold, Bitcoin). After that we in the crazy global sovereign debt collapse and private assets will rise like crazy. For the moment we are having a seasonal summer bounce in private assets to suck in all the greater fools before the collapse into the low Oct 2015. Of course it is possible that this summer rally already peaked. I was thinking more to $315, but it doesn't have to be. I still think it will, to pull in more "Bitcoin to the mood types". The WEC will be critical to surviving what comes next, not just a single day. The crazy period we face is 2015.75 into 2017.90.
We have been warning that we may see a Phase Transition in equities BEGIN with the 2015.75 and the FALSE MOVE. But this should be the PEAK in government – NOT the peak in markets outside of interest rates.
I am really curious how it will play out. Your point makes sense in my eyes, i am just not brave enough to sell my coins in hope to buy back significantly lower. These are very interesting times. The best (safest) choice right now is to HODL and wait. I've no intention on moving even a tiny bit. I will be selling every BTC I own if we hit $300. And doubling my BTC when I buy back below $150. I can't promise that of course, but I've watched Armstrong's model over the years and it has always been correct (if you understand how time and price are orthogonal and you need to weigh other factors in the model). For example, it predicted the closing price for oil Dec. 31, 2014 at $54 back when oil was $100+ and no one was expecting the collapse. There absolutely will be a mad stampede into the short-end of the yield curve in bonds in Europe as the debt contagion LIQUIDITY CRISIS over there is unleashed over the next few months. When the Europeans return from summer vacations, all hell is going to break out over there. There are a lot of Europeans holding BTC and when they need to raise cash because of the liquidity crisis that will be caused by the contagion, they will sell what is liquid. Must read: http://armstrongeconomics.com/archives/33799http://armstrongeconomics.com/archives/33843http://armstrongeconomics.com/archives/33837P.S. my resolve is aided also by the fact that I am working on an altcoin and think I will see a lot more upside there than I ever will with BTC, thus I my perspective on BTC is as more a savings account and not an investment (relatively speaking). This removes a lot of the "Bitcoin to the moon" emotion that clouds the rationality of others. They are too married to their investment. |
|
|
|
Because I am not up-to-speed on communicating with the Monero devs (on Github or other back channels), and because my efficiency is my utmost priority and given posting in this forum is the most efficient way for me to communicate my thoughts to all that follow me, I will post this somewhat out-of-band comment here in hopes of getting a response from smooth (or if need be tacotime or fluffypony).
I do not have time to read various Monero research papers and otherwise dig to see if the following concern is already addressed.
I am concerned about a hole in the anonymity of Cryptonote ring signatures. I had sort of described this issue to smooth (who apparently relayed it to all) when I was contemplating ways that BCX might unmask the anonymity of users. I do not recall if I made this specific weakness explicit as follows.
If the actual input to a transaction (in Monero terminology this is the output of the prior transaction) is not also an input to another transaction's ring signature (and when all the other inputs to the ring are spent) or if it is also the input to a subsequent ring in which all the other inputs were outputs created after the said transaction was created, then the anonymity of the said transaction is entirely unmasked.
Combinatorial trees can be searched as well, thus even if only some of the other inputs were outputs created after the said input was created, this could cascade into unmasking the anonymity or at least reducing the anonymity set. And note the anonymity set also vulnerable to further reduction by out-of-band attacks such as IP de-obfuscation, rubber hoses, stolen private keys, hacked users, etc.
There are some tweaks that need to be made to insure the above is unlikely. Hopefully Monero is enforcing some restrictions already on which outputs can be used in ring inputs? If not, they need to get on it pronto.
P.S. for those who thought I wasn't sincerely attempting to help Monero during the BCX incident, I hope the above satisfies you. I think before I had an agreement with the Monero devs (via smooth) not to write publicly all the details of the above weakness in order to give them time to address it. I think they've had sufficient time and I want to make sure this is addressed.
TPTB_need_war, I'm a little confused by your comments here, : "If the actual input to a transaction (in Monero terminology this is the output of the prior transaction) is not also an input to another transaction's ring signature (and when all the other inputs to the ring are spent) or if it is also the input to a subsequent ring in which all the other inputs were outputs created after the said transaction was created, then the anonymity of the said transaction is entirely unmasked."
[ could you explain how an input to a transaction is not also an input to another transactions ring signature when other inputs to the ring are spent? Specifically, how do you know the other inputs are spent, if they are also in ring signatures? (Ofc all other inputs could be sent with 0-mixin, but fluffyponyza has mentioned that this is in MRL004, and will be modified in a upcoming fork (for example mymonero forces min-mixin 3). Also in your second sentence (sorry it's a little hard to parse), "[if actual input to a transaction] is also the input to a subsequent ring in which all other inputs were outputs created after the said transaction was created ," how do you know in the subsequent (or initial ring) that said input is not being grabbed ad-hoc from another user as a decoy input for both the initial and subsequent ring without knowing which inputs have actually been spent? could you please help me out by perhaps giving an example of how either of these would work (disregarding the 0-mixin case which has been addressed by fluffypony / mrl-004) (unless you have some way of telling whether outputs have been spent, thus proving the proofs of Fujisaki/Suzuki https://eprint.iacr.org/2006/389.pdf incorrect, what you suggest seems impossible to me). Ok - I see there is an error in this logic.. in FS, they don't have any additional data about the ring itself (like inputs / outputs) so perhaps with some graph analysis with this might be possible.. -I don't think it would be a difficult fix if this was possible however, you just need to compute the graph of the people you are mixing with and make sure there are no loops.. (if the graph gets too big, pick a new ring).. Someone was kind enough to ping me in private to come back here. Otherwise I wouldn't have seen this. I am not reading this thread normally. What I was getting at is the ordering that transactions appear in the block chain. I provided some examples where combinatorial analysis has whittled done the anonymity set such that you have transaction in which all the inputs to a ring have been included in enough rings (taking into account all other inputs to those rings) that it is known that all those inputs have been spent, but it is not known which input is the spender to each of the said rings. From there are ways to isolate which input is the spender. 1) If the last use of one the inputs is in a ring includes only other inputs that already reached their saturation (or any smaller set say just two of inputs that didn't reach saturation), then we know that said input is the spender (or know the spender is one of the smaller set of unsaturated inputs). Here is an example in chronological order: Ring 1: I0, I1, I2 Ring 2: I0, I1, I3 Ring 3: I0, I2, I3 Ring 4: I1, I2, I3 Ring 5: I2, I3, I4 ------> I4 is surely the spender 2) The second case I wrote was indeed difficult to parse because it was incorrect. I believe I was thinking about how to insure the overlapping in #1 doesn't occur and afaics that requires deciding which outputs must be mixed with which outputs before any ring with those outputs has been created. I apparently conflated those thoughts when trying to contemplate the explanation of a case where combinatorial analysis unmasks the anonymity such as #1 above.
The worst thing that can happen to me is that I'm "disappeared", but that's why the core team is seven strong:)
What if you "disappeared" and because of that the other 6 "retire" or "lose interest" and turn over control to "Gavinmike". Much better the code was done and locked in stone. But I know that is very difficult to achieve at this experimentation stage. Sufficed to say your "cooperation" would not go so far as to backdoor anything or use libs you otherwise would not have, correct?
That's why it's OPEN SOURCE.  Sometimes even that isn't enough: https://www.schneier.com/blog/archives/2006/01/countering_trus.html |
|
|
|
Throughout history, there has always been someone around who will take your gold. They would have to confiscate the guns before they try for the gold, there will be resistance.
I am not asserting they will come take your gold. I have not written that. I am saying that gold you can't trade without being expropriated when you trade it, is the same as having a zero value (assuming the taxation rate is roughly 100%[1]).
My point is what will you trade it for when there is no cash?
And of those things you can trade it for, which of those won't be registered with the government (e.g. real estate, cars).
Also when unemployment reaches 50% and the governments are hiring people by the millions to be snitches and do sting operations, how will you trade while hiding from the government?
If you can't hide from the government, then how can you stop the government from expropriating it via taxation?
Another very effective way to attack goldbugs who try to exchange their gold, is to drive the economy into such a mess that crime becomes rampant, thus most trades will go down as muggings. Oh so you carry your guns to the trade, and the mob brings bigger guns to the party. An arms race back to the era of mobsters... I can be fairly certain how quickly you will tire of that type of world and throw in the towel on gold leaving it to sit in your basement forever useless. You could hold it for 20 years like those who held from $850 in 1980 down to $250 by the turn of the century, losing 1000% gains in stocks and bonds interim.
Also once the rule of law is gone, the government can do basically anything they want to. So expect bullshit such as Civil Asset Forfeiture on your gold when you trade it at a registered dealer. Meaning they seize your income from the trade declaring it money laundering or whatever and you are unable to disprove or win a fight in the kangeroo courts.
There was a former US Treasury official who was quoted by an anonymous source, "We will burn the fingers of goldbugs up to their armpits". Perhaps that might have been Robert Rubin.
[1] I don't assume the tax rate will be 100%, but I think they may force savings into nationalized accounts, meaning in effect 100% expropriation. Also note that that a 90% tax (I believe upper tax rates reached this level in the USA prior to WW2) on capital gains with 500% capital gain, is 72% effective tax on purchasing power (assuming gold's rise reflects the loss in purchasing power of the dollar which may not be the case). Also if you can't prove your tax basis, they might tax as if your tax basis is zero. |
|
|
|
i already posted that article here.
I know I had seen someone post it because that is why I opened that page lol, but I couldn't remember where (not senile just in rush with too much multitasking). Apologies for not quoting your post. I normally try to do that (even with my antagonists). hey TPTB, you never commented on my revised attack:
Let's try this one: non economic actor decides to spam persistently at little cost to them (minimum fees or even 0 fees) as blocks get close to being filled by real activity, say starting like where we are right now, at the 50-60% level. Fees for regular users skyrocket making use untenable.
I think the fees for other users will only rise to just higher than the fees in the spam in order to displace the spam from the priority queue (assuming miners order their mempool by transaction fee then first seen, with first seen taking precedence over transaction fee only when there is a double-spend). I was pondering if this could be employed against zero-confirmation transactions, but it seems not to be the case. |
|
|
|
I am well diversified outside of PMs, they in total are less than 12% of my net assets.
That is a sane level imo. Throughout history, there has always been someone around who will take your gold. They would have to confiscate the guns before they try for the gold, there will be resistance.
I am not asserting they will come take your gold. I have not written that. I am saying that gold you can't trade without being expropriated when you trade it, is the same as having a zero value (assuming the taxation rate is roughly 100%[1]). My point is what will you trade it for when there is no cash? And of those things you can trade it for, which of those won't be registered with the government (e.g. real estate, cars). Also when unemployment reaches 50% and the governments are hiring people by the millions to be snitches and do sting operations, how will you trade while hiding from the government? If you can't hide from the government, then how can you stop the government from expropriating it via taxation? Another very effective way to attack goldbugs who try to exchange their gold, is to drive the economy into such a mess that crime becomes rampant, thus most trades will go down as muggings. Oh so you carry your guns to the trade, and the mob brings bigger guns to the party. An arms race back to the era of mobsters... I can be fairly certain how quickly you will tire of that type of world and throw in the towel on gold leaving it to sit in your basement forever useless. You could hold it for 20 years like those who held from $850 in 1980 down to $250 by the turn of the century, losing 1000% gains in stocks and bonds interim. Also once the rule of law is gone, the government can do basically anything they want to. So expect bullshit such as Civil Asset Forfeiture on your gold when you trade it at a registered dealer. Meaning they seize your income from the trade declaring it money laundering or whatever and you are unable to disprove or win a fight in the kangeroo courts. There was a former US Treasury official who was quoted by an anonymous source, "We will burn the fingers of goldbugs up to their armpits". Perhaps that might have been Robert Rubin. [1] I don't assume the tax rate will be 100%, but I think they may force savings into nationalized accounts, meaning in effect 100% expropriation. Also note that that a 90% tax (I believe upper tax rates reached this level in the USA prior to WW2) on capital gains with 500% capital gain, is 72% effective tax on purchasing power (assuming gold's rise reflects the loss in purchasing power of the dollar which may not be the case). Also if you can't prove your tax basis, they might tax as if your tax basis is zero. |
|
|
|
My thesis (even when I started this thread under my prior user name) has been that TPTB are intentionally destroying the nation-state central banks in order to make the world dependent on and clamor for one-world political sharing arrangement where the one-world institutions would provide discipline and oversight on the nations which had proven they could not manage their own affairs. But this is the classic Hegelian dialectic diversion, because we know damn well that the same power brokers who control the BIS also control the Fed and the ECB. So this is clearly creative destruction by TPTB:
http://www.telegraph.co.uk/finance/economics/11704051/The-world-is-defenseless-against-the-next-financial-crisis-warns-BIS.html
The world is defenceless against the next financial crisis, warns BIS
Monetary policymakers have run out of room to fight the next crisis with interest rates unable to go lower, the BIS warns
The world will be unable to fight the next global financial crash as central banks have used up their ammunition trying to tackle the last crises, the Bank for International Settlements has warned.
The so-called central bank of central banks launched a scatching critique of global monetary policy in its annual report. The BIS claimed that central banks have backed themselves into a corner after repeatedly cutting interest rates to shore up their economies.
These low interest rates have in turn fuelled economic booms, encouraging excessive risk taking. Booms have then turned to busts, which policymakers have responded to with even lower rates.
Claudio Borio, head of the organisation’s monetary and economic department, said: “Persistent exceptionally low rates reflect the central banks’ and market participants’ response to the unusually weak post-crisis recovery as they fumble in the dark in search of new certainties.” |
|
|
|
My thesis (even when I started this thread under my prior user name) has been that TPTB are intentionally destroying the nation-state central banks in order to make the world dependent on and clamor for one-world political sharing arrangement where the one-world institutions would provide discipline and oversight on the nations which had proven they could not manage their own affairs. But this is the classic Hegelian dialectic diversion, because we know damn well that the same power brokers who control the BIS also control the Fed and the ECB. So this is clearly creative destruction by TPTB: http://www.telegraph.co.uk/finance/economics/11704051/The-world-is-defenseless-against-the-next-financial-crisis-warns-BIS.htmlThe world is defenceless against the next financial crisis, warns BIS Monetary policymakers have run out of room to fight the next crisis with interest rates unable to go lower, the BIS warns The world will be unable to fight the next global financial crash as central banks have used up their ammunition trying to tackle the last crises, the Bank for International Settlements has warned. The so-called central bank of central banks launched a scatching critique of global monetary policy in its annual report. The BIS claimed that central banks have backed themselves into a corner after repeatedly cutting interest rates to shore up their economies. These low interest rates have in turn fuelled economic booms, encouraging excessive risk taking. Booms have then turned to busts, which policymakers have responded to with even lower rates. Claudio Borio, head of the organisation’s monetary and economic department, said: “Persistent exceptionally low rates reflect the central banks’ and market participants’ response to the unusually weak post-crisis recovery as they fumble in the dark in search of new certainties.” |
|
|
|
OROBTC,
I have come to realize that most of the behavior in this thread can be perhaps be explained by fear. (psychology being another of my other autodidact flirtations...they say a "jack of all trades is a master of none")
For example, fear that their investment in Bitcoin can only be safe if they slay all attempts to better it (even if BTC value was safely pegged across chains, because they fear dilution of their "to the moon" expectations).
Similarly I think goldbugs are defending the indefensible because they're trying to convince themselves to ignore the justifiable FUD (fear, uncertainty, doubt) they sense is creeping up on them.
My problem with precious metals is that the only time I've ever bought and sold any from a person on the street, I got a horrendous exchange rate (roughly double the melt value). And there wasn't enough liquidity available to make viable for anything near to survival. I see lots of buyers stacking but no buyers using, thus in the future this becomes a one-sided market of sellers of hoards and no buyers using. This means you will sell your precious metals only at a dealer who can proxy them off to large liquid investor markets. You are not going to meet up with investors in the streets.
The totalitarianism is going to take control over all these market makers because there will not be any black market in cash to escape from government regulation, because paper cash will be (is being already) eliminated. If you argue that Bitcoin will be that cash, then just buy Bitcoin instead because who would then meet up in the street to trade a good with higher utility and safety for one that risks life and limb every time it is traded? if you argue that Bitcoin could go to zero, I can argue that gold can too because the greatest common denominator between illiquidity and expropriation is the same as zero value.
I think initially there will be a significant rise in precious metals off this coming final low (< $1050, probably $850 or less) because there will be a panic as the sovereign debt contagion dominoes and $200+ trillion of global wealth will finally abandon bonds as safe haven and run into the dollar, us stocks, gold, and Bitcoin rather indiscriminately. But after the USA tops out in 2017 (due to rising dollar choking off exports and the ingress of those safe haven funds peaking), then we will descend into a totalitarian hell worse than anything in the last 309 years. At that point, it will become clear that gold and paper cash are dead.
Those who think paper cash isn't close to being eliminated in third world countries, I can tell you that I am increasingly surprised how many people pay here in the Philippines with a card (frustrating as hell to go the grocery because it slows the queue considerably). Also what is likely is during the coming contagion, TPTB will turn up the dial on the pressure on cash by refusing to supply sufficient cash thus those with cards will become like kings envied by the rest of the population. Filipinos can emulate and adopt new things incredibly fast. I remember there was a Shell gas station commercial with a Ferrari and the phrase "hey Joe wan Joe". Within days and for months hence, I was called from the distance incessantly where ever I went in the hinterlands with "Hey Joe wan Joe". If you are talking about getting commerce done, filipinos will use the most efficient means available with lightning speed of adoption. They are simply that resourceful and flexible when their basic daily needs are threatened.
So you want to sell out of your diversification into gold in 2017. By that time, you should have the clarity you need on cryptocurrency. I am nearly certain they will be the safe haven for the astute by that time. But we have some seriously intense work that has to be accomplished between now and then. The outcome is far from certain from the current vantage point.
I would just caution you to average down into gold. Don't rush your purchases. The bottom for private assets around October perhaps.
|
|
|
|
|
OROBTC,
I have come to realize that most of the behavior in this thread can be perhaps be explained by fear. (psychology being another of my other autodidact flirtations...they say a "jack of all trades is a master of none")
For example, fear that their investment in Bitcoin can only be safe if they slay all attempts to better it (even if BTC value was safely pegged across chains, because they fear dilution of their "to the moon" expectations).
Similarly I think goldbugs are defending the indefensible because they're trying to convince themselves to ignore the justifiable FUD (fear, uncertainty, doubt) they sense is creeping up on them.
My problem with precious metals is that the only time I've ever bought and sold any from a person on the street, I got a horrendous exchange rate (roughly double the melt value). And there wasn't enough liquidity available to make viable for anything near to survival. I see lots of buyers stacking but no buyers using, thus in the future this becomes a one-sided market of sellers of hoards and no buyers using. This means you will sell your precious metals only at a dealer who can proxy them off to large liquid investor markets. You are not going to meet up with investors in the streets.
The totalitarianism is going to take control over all these market makers because there will not be any black market in cash to escape from government regulation, because paper cash will be (is being already) eliminated. If you argue that Bitcoin will be that cash, then just buy Bitcoin instead because who would then meet up in the street to trade a good with higher utility and safety for one that risks life and limb every time it is traded? if you argue that Bitcoin could go to zero, I can argue that gold can too because the greatest common denominator between illiquidity and expropriation is the same as zero value.
I think initially there will be a significant rise in precious metals off this coming final low (< $1050, probably $850 or less) because there will be a panic as the sovereign debt contagion dominoes and $200+ trillion of global wealth will finally abandon bonds as safe haven and run into the dollar, us stocks, gold, and Bitcoin rather indiscriminately. But after the USA tops out in 2017 (due to rising dollar choking off exports and the ingress of those safe haven funds peaking), then we will descend into a totalitarian hell worse than anything in the last 309 years. At that point, it will become clear that gold and paper cash are dead.
Those who think paper cash isn't close to being eliminated in third world countries, I can tell you that I am increasingly surprised how many people pay here in the Philippines with a card (frustrating as hell to go the grocery because it slows the queue considerably). Also what is likely is during the coming contagion, TPTB will turn up the dial on the pressure on cash by refusing to supply sufficient cash thus those with cards will become like kings envied by the rest of the population. Filipinos can emulate and adopt new things incredibly fast. I remember there was a Shell gas station commercial with a Ferrari and the phrase "hey Joe wan Joe". Within days and for months hence, I was called from the distance incessantly where ever I went in the hinterlands with "Hey Joe wan Joe". If you are talking about getting commerce done, filipinos will use the most efficient means available with lightning speed of adoption. They are simply that resourceful and flexible when their basic daily needs are threatened.
So you want to sell out of your diversification into gold in 2017. By that time, you should have the clarity you need on cryptocurrency. I am nearly certain they will be the safe haven for the astute by that time. But we have some seriously intense work that has to be accomplished between now and then. The outcome is far from certain from the current vantage point.
I would just caution you to average down into gold. Don't rush your purchases. The bottom for private assets around October perhaps.
|
|
|
|
When values are hidden, the spenders are just as equiprobable, as when the denominations are equal.
How do you hide the value when all the commitments to the mix are the same and the other n equiprobable spenders also know the the value of their output commitment? That is why I asked you is it possible to have different values map to the same commitment? I assume yes. The follow on question is can we find the set of values of that map to the same commitment? The input and output values are not the same, as there will be transaction fees and some randomness in the sub-satoshi area of the fuzzvalue. The sub-satoshi area alone should provide about 200 bits of random difference between input and output which is secure against logarithm. So I think in the worst case it should still be secure against an outside analyzer. It could be that some participants of the transaction gain more information, since they also have to exchange the exact fee spent by the outputs of any partially build transaction. But I think it could be similarly solved as the problem of adding inputs and outputs without knowing who added which input and which output. Here and in your other post earlier, you seem to misunderstand that I was asking and asserting certain ideas based around my idea for a different design that employed two sums on two different elliptic curves with revealed weights, but that idea hinged on being able to use ring signatures to mix who is the source of each input with the additional requirement that it would need to be possible to have a multitude of different values map to the same commitment value. When Mixles confirmed that the last requirement was implausible, I abandoned that idea. It is understandable that you would lose track of what I referring to, because I compacted (multiplexed) orthogonal thought processes into my posts and it can be difficult enough to follow through writing the non-intertwined thoughts of another person. I wasn't going to mention this on your prior illustration of this misunderstanding, but then on your second invocation, I decided to add this explanation of the confusion I had introduced. I have since abandoned homomorphic value hiding entirely. I now believe it doesn't add anything that can't be accomplished with careful management of Cryptonote ring sigs. And it adds the catastrophic risk of undetected inflation (no matter how implausible the risk) and destroys tracking of aggregate statistics on the economy such as velocity of money. That is my marketing opinion, which is orthogonal to the technical work (which is I think is interesting), so please continue without me. Thanks for allowing me to investigate and get my questions answered. |
|
|
|
No, the 380 bit security of the elliptic curve much exceeds the 128 bit security of t=128. Mixles didn't choose the order of the curve so high to get more security, but to prevent wrap-arounds. 128 bit security is the same as the 256 bit bitcoin curve provides.
Isn't 128-bits deemed to be too low for hash functions? Afaik, 256-bit hash functions have only 128-bits of security against finding a collision due to the Birthday attack. Since afaics we are concerned with collisions in this application, I think the actual security is 2^(t/2) not 2^t and that is if the hash function is perfectly random. It's not a collision attack between two hashes. There is only one hash involved here and it has to fit its own input. If the hash function is a random oracle it is possible to prove that 2^t calls to the hash oracle are necessary on average to produce a fake proof. Of course, true hash functions are not random oracles, but they come very close. I think there is more trust in current hash functions than, say, in ECC (simply because hash functions have been longer around than ECC). Also current hash functions cannot be broken by quantum computers as far as I know. I understand that you want to play devil's advocate and I agree that the impact is much larger than in the crypto used in the Bitcoin main chain. If you can fake a single signature in bitcoin, you can just access one output, but if you can fake a proof of being a small positive number, you can drain the whole side-chain. If CCT would be implemented in the main chain, you can even mint as much money as you want and it would be undetectable unless you spend too much. My personal opinion is that the security t=128 is good enough for now but it may change in a few decades if the cost per computation continues to decrease exponentially at the same rate it has done so far. Quantum computing apparently enables Grover's algorithm which afaik effectively reduces to 2^(t/2). This is one reason to prefer 256-bit hashes, although practical quantum computers would be probably be at least 10 - 15 years from now. My concern is that when analyzing the security of hash functions, there are subtle degradations such as distinguishers, near-collision attacks, boomerang attacks, etc.. I do not think we can fathom all the ways such potential attacks may interact with the other invariants, in a such a way that reduces the entropy. I think it is fool's folly to assume otherwise and advocate such aggressive tolerances. It runs counter to my sensibilities as an engineer to underdesign for failure tolerance. Perhaps I have missed some mathematical insight which invalidates my concern but generally it is more difficult to prove something can't exist than it is to argue about what is known to exist. If so, please feel free to point it out. Mea culpa in advance. Not talking down to you. Merely telling you 3 times, with increasing assertiveness, that this one particular line of inquiry is a dead end (reasons both explained and in literature), as you have asked me to tell you.
There are 16060000 10-minute blocks in 100 years. So you need to dedicate the current Bitcoin network hashing power for 100 years to reduce that to 2^32, during which the hash length (or function family) will probably be upgraded (mitigating your attempt and losing you many years of Bitcoin block rewards), and quantum computers will be all the rage. Just switching the hash function nesting (e.g. sha(sha(sha(E|F|U|V)))%128) every couple of years (maybe even automatically based on the hash of some recent block checkpoint) is sufficient to prevent the attack, without changing the bit length. This is probably a better way to discourage practical attack, rather than to have a single unmoving target sit there for 100 years.
Please move on to the other ideas, as I will not be spending any more time on this, nor on making things personal.
Seems you continue to miss the point I made, which is that any breakage for Bitcoin's use of a hash function, would need to be replicated a multitude of times (without detection) in order to do widespread damage. Whereas, with homomorphic value hiding, your design's employment of a hash function only needs to be broken once to destroy the entire coin (unless that breakage can be detected and corrected). Edit: if you argued that the difference in brute force computation for breaking the hash function once or 1024 times is only 2^10, I would retort that the breakage might be opportunistic on a particular input structure that only occurs once per year. My point is we can't just pull strong assumptions out of our ass. You know it all though, so when you say a line of inquiry has no merit, then you are always correct: Long term, it might be possible to auto-generate equivalent-difficulty hash functions. A new hash function for every block. That would fix things back down to FPGA technology level, and contribute better to generic hardware development.
I climbed down that theoretical physics rabbit hole and I am convinced there is nothing there. The entropy is limited by the number of opcodes in the hardware or software instruction set. It is not possible to spontaneously generate deterministic order of out disorder; and PoW requires a deterministic winner of each block. Order that arises from chaos was already there but under sampled (i.e. unobserved). Attempt noted. |
|
|
|
|
Show Posts
