There are exceptions. Like myself.
But I agree that for example over at zerohedge (gold bugs paradise), bitcoin is very much hated, both "tyler durden" and most of the people in the comment section are largely CONTRA bitcoin.
All articles are PRO gold/silver... most articles about bitcoin have a negative undertone.
They behave like prostitutes who don't like that another more beautiful and younger prostitute has entered their turf or something...  

Why can't they love both, like me?  (I mean the moneis, not necessarily the prostitutes)

I lurk that thread hard, the mockups are beautiful. You guys (gals) are quite the team, thanks for doing the much needed overhaul!

20 years?

That's why the ADD issue and zero-patience for long-term projects / extremely short "investment" horizon.

I think Camo's scenario is only an issue if everyone is using the exact same mixing depth.  Differences in user-selected mixing depth create more or less randomized exit points, no?  With volume, I'm not sure how you can provably link a sum entering the anon phase with a sum exiting.

So, it boils down to denomination method coupled with volume, if there ever is that much...

I think I saw mempool get up to 12 once...

Even if a pubkey can't be used to make a privkey (the foundation of keypair encryption, so we presume it hasn't exploded yet), the sigs can still be verified as being related to the same privkey, even if we don't know the privkey.

Isn't that the whole point of signing? So that the action or message can be certified as coming from the correct source? This, all pubkeys and signatures can be correlated tot he same privkey, even if we don't know what it is.

We can still say "The same key did all this." I think PGP would be in a very sad state if that were not true... Not to mention all cryptocurrencies would be completely fucked... Thus, denominated sends still correlate to their aggregate value even if there are 1000 denomianted TXes all on the same block. We just wait for the same thing to happen on the exit end... A sent X to B.

The MNs aren't actually mixing TXes, they're just signing.. Which makes me wonder; why even bother? So it's a fog... It's a fog that we can easilly identify that which goes in and out of said fog... So, uh, it's functionally like there is no fog. Say I walk into the fog, then I come out. Did I become a different person? Even if I change my short while in the fog, you can still tell by other traits that it's me...

You've latched onto a trivialized case of Darksend+. The laundered amount and the transaction amount do not normally match! The only way they would match is if you laundered your wallet of 27 DRK and then emptied all the denominated addresses totally to a new address to pay for something costing 27 DRK. That's not how it will work in practical terms. You'll launder 27 coins and then send 12 of them to pay for something that costs 12 DRK. Now there's no suggestive link between laundering and transaction amount. These events also occur at different points in time (and for the laundering part, you can mix your coins 2 to 8 times over).

It's not a problem anyway. Say you send your entire balance, and it's the only transaction in that block. An observer sees some randomly denominated amounts pass between multiple random addresses. What meaningful information can be gleaned from that? Bugger all, I contend.

You've latched onto a trivialized case of Darksend+. The laundered amount and the transaction amount do not normally match! The only way they would match is if you laundered your wallet of 27 DRK and then emptied all the denominated addresses totally to a new address to pay for something costing 27 DRK. That's not how it will work in practical terms. You'll launder 27 coins and then send 12 of them to pay for something that costs 12 DRK. Now there's no suggestive link between laundering and transaction amount. These events also occur at different points in time (and for the laundering part, you can mix your coins 2 to 8 times over).

This is very close to what I'm trying to explain.

It doesn't absolutely PROVE anything, but it lets the nosy fuckers in on a hint that might find them something more... As such, it's not really helping anything...

The banking laws for the EU have already been changed to declare deposits in savings are not actually your's anymore. If you're hiding your money in DRK, they can claim you've stolen your own money... Ask a Cypriot how that works out... Oh, you didn't notice that the entire European Union has quietly adopted that which Cyprus didn't quite get away with? All they need is a "suggestive link," that's what guvthugs call a "lead." It's not proof, but now they're all over you like a bad suit, and they don't even have to find anything. If they hate you enough, they'll just make shit up. You'll be yet another faux child pornographer locked away, you dirty pervert! If those addresses ever budge, they'll know who...

I'm trying to demonstrate that this is a very good move by Evan, but it doesn't go far enough... I also might not understand it accurately and I await the Pimp Hand of Truth by one who actually wields it.

Point valid.

BUT!

They don't happen at random intervals. They happen all at once. But they don't happen all at once; mixing occurs over more than one round, and inputs don't all occur at round 1. Your inputs might begin at round 1 (in the graphic), while Joe's inputs might start at 2, and Sally's at 3, and so forth. So, the overall quantity can be correlated by sig. It's as if entry-point sends aren't denominated at all, even if they are. It still correlates.

If 1, 5 and 10 go in at J, then 1, 5, and 10, come out at P, and 1, 5 and 10 are signed by the same key at J, and end up at the same place at P... X = 1+5+10 A sent X to B on block J and P.
Somehow, we're not quite on the same page here.   (IMO) you might need to reword and flesh out clearly and exactly what you're saying, as it seems to be one of those things that seems clear in your head, but isn't translating that well to paper.
Same analysis, you just have to build it backwards. Backwards or forwards doesn't matter when the chain is documented for all eternity.

I await big cheese response.

I want to be clear. I am not trying to troll or say "DRK iz brokenZ! Abadon ship!" Or any other such bullshit. I know that it is a work in progress, I'm just trying to figure out where the progress needs to be... If I'm way the fuck off, by all means, I crave the Pimp Hand of Truth.

Not necessarily. When RC4 hits, there's going to be a frenzy of MN activity as everyone's balances get randomly denominated. After that, my gut instinct is that with increased actual use, the MN tx's aren't going to stand out at all amongst 'real' transactions.

That doesn't appear to be true from where I am standing.

If I am standing in the wrong place, help me relocate.

If everyone's wallet will now contain nothing but 100,50,25,10,5,1 etc. amounts all in randomly generated addresses, this is the problem well and truly fucking solved, timing analysis becomes impossible.

Want more anonymity than this? Start shopping for wigs and sunglasses.

It's going to make rich-list bragging pretty hard though. The whole blockchain is going to look like homogenous heat death.

Ahahahaha, fucking brilliant.

 

OK, I thought I was right about that, but the announcement sounded almost like it was sying "this fixes everything" and it's really just a very large step int eh right direction with what I count as 5 small loose ends to be tied up yet.

Can't the difference between signing and sending be identified? Yes. How does this obfuscate anything? It doesn't matter, because we don't know who/where the coins came from (the sending addresses aren't associated with anyone). You still need IP obfuscation to avoid a node associating a TX with your IP.

This is rewinding the conversation a bit. No longer focusing on the mixing/denominating technique, but on the fundamental idea of whether or not anything is actually being obfuscated by MNs at all...

OK, but with regards to tracking transactions via timing, would it not afford greater anonymity to have the transactions as temporally close as possible? Outliers stick out like a sore thumb.

Very good points. A good place to start with regards to the block cycle might be to assign it a random probabilty that stands to have it occur somewhere between every 5-15 blocks or so.

The ultimate goal is to seamlessly hide the person-to-person transactions among the general mixing so that one cannot discern the difference.

I know this probably won't be popular (speed-wise) but maybe a good approach would be for people to have the option to wait for the general mixing to send a transaction (built into the client)? It would certainly slow down transaction speed but if the transaction were synced with the general mixing it would be very difficult to track. It could be implemented in the form of a checkbox perhaps? Maybe call it DarkMist.

I agree that this makes sense for an objective, BUT:

Do the wallet-sent TX stand out in that mist? I still think the client should denominate before it sends to a masternode. This might happen by default per the pre-mix. But, sends from wallets are still not sends from identified MNs, so it's something identifiably not mist going into the mist... Thus, it might be identified coming out. I'd like to see a denominated multi-point-exit to shore this up.

It looks like it's almost there to me... I'd start my explanation of why I say that by saying first, it looks like the mist moved from the client to the MNS, and the identifiable part moved from the MNs to the clients... Now, this is not 100% true because the clients are receiving pre-mixed. But quantities and timing are still potentially, sometimes identifiable. Noted, there is a percentage linked on a google docs spreadsheet. Probability it not absolutely. That's why it's called probability and not absolutely.

If the client sent out DRK in the same denominations, and with the same IP obfuscation (which pre-suppsoes that there will be IP obfuscation added at some point) as the MNs used, there would be no way to know what the hell was going to where. IF change came out of the 8-box look randomly;

1) sometimes skipping a block in timing
2) some bits coming out earlier than others. (MN2 sends one hunk of denominated change, MN5 sends another hunk, etc)

Then the when goes to hell too.

Also, the 10 block cycle is a cycle, not a mist. It's the opposite of homogeneous...

Then you've truly got a homogeneous mist going. The picture/updated info is a mist into which a somewhat thicker mist comes and goes... It's not quite homogenous.

Don't take this as an insult or a troll. It's damn near perfect now. I'm just thinking out loud about how to make it a little MORE perfect...

I wonder if blowjayxt, our resident homojenius wants to chime in on how this is or is not homogeneous?

Pardon me for playing Devil's Advocate: But, if the coins don't actually change hands, how does this obfuscate anything?

It's possible he got a few PM's from mods.