Bitcoin Forum
March 02, 2015, 11:14:19 AM *
News: Latest stable version of Bitcoin Core: 0.10.0 [Torrent] (New!)
 
  Home Help Search Donate Login Register  
  Show Posts
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 ... 161 »
1  Bitcoin / Hardware / Re: HashFast announces specs for new ASIC: 400GH/s on: February 21, 2015, 12:46:15 AM
HashFast has apparently run out of money for envelopes and is now sending me the legal correspondence on open sheets of paper addressed to my name.
2  Alternate cryptocurrencies / Altcoin Discussion / Re: "Decentralized MasterNode Network" AltCoin Investment Thesis 2015 on: February 14, 2015, 09:31:00 PM
Yes. Be sure to set them up on VPSs for maximum security.
3  Alternate cryptocurrencies / Altcoin Discussion / Re: A good and exhaustive summary of differences between best anonymous coins ? on: February 12, 2015, 12:24:20 AM
Quote
also theres the lack of security against quantum computing

...that's every cryptocurrency that uses a hashing algorithm ever, because of Grover's algorithm (which breaks all known hash functions).
http://crypto.stackexchange.com/questions/419/what-security-do-cryptographic-sponges-offer-against-generic-quantum-attacks
4  Alternate cryptocurrencies / Altcoin Discussion / Re: A good and exhaustive summary of differences between best anonymous coins ? on: February 12, 2015, 12:17:07 AM
Bitshares also has anonymity with TITAN, which is basically default stealth transactions.

I'm not sure how stealth transactions compare to the coinjoin in darkcoin? Could some of the experts give an opinion on this?

Monero has forward and reverse secrecy by default.
Forward: All transactions in Monero are stealth by default, and keys are 100% non-reuseable.
Reverse: Transactions inputs can be mixed with outputs from any other unspent output in the past using the same amount with ring signatures.

So, you can't tell where anything is going, and in the near term soft fork (which we will be publishing a paper on shortly) you also won't be able to tell where funds are coming from with any degree of confidence, unless you choose to publish that information on your own.

Monero also has very different economic policies -- it has a tiny perpetual inflation designed to keep the supply growing and to enforce its use as a currency rather than a store of value. This also ensures that blocks in the future will always have some reward, so PoW can continue to secure the network.

Monero, we had always hoped, wouldn't be a "stealth this" or "darknet that", but rather a currency for the everyday person to use with some reasonable expectation of privacy. Because as anyone knows with Bitcoin, it's piss easy to tell if Joe Blow down the street bought his girlfriend an abortion, or if you just spent half your paycheck on booze and cigarettes or a donation to the EFF. It's about having the same reasonable expectation of privacy with a cryptocurrency that you would have with a normal bank account. The government can still always press you to release your private keys or whatever if they want you to pay taxes, and so on. It's a cryptocurrency to help bridge the world between cryptoequity (which Bitcoin really is) and regular currencies, and hopefully one day become an actual, usable currency (unlike Bitcoin).

It's not a threat to the government (it's still much more traceable than cash, just probably less so than DRK/SDC/whatever) or intended for you to use as Internet Crack Bucks. Probably if you want to buy stupid things online, you'd be better off mailing cash.
5  Alternate cryptocurrencies / Altcoin Discussion / Re: Ethereum just kicked everyone (including BTC's) ass (Native 2FA) on: February 09, 2015, 04:48:32 PM
You can do 2-of-4 multisig in any Bitcoin fork.
6  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] SpreadCoin | True Decentralization (No Pools) | Testing New Masternodes on: February 06, 2015, 07:27:37 PM
But Coinbase and BTC-e are not pools, they are exchanges/onlinewallets. That's awholenother beast.

A pool can only steal as much as it takes a miner to realize there's something wrong. So if a miner checks the statistics even just once a day, the damage is very limited in size. And the damage of reputation a pool might have from this is much higher than the actual profit that stealing might bring.

(Sorry, should have been 2-of-3 multisig, corrected it)

And the pool cannot steal anything if you're in a 2-of-3 escrow with say, the mediator being a trusted third party (reputable person on this forum, whatever).

So... yeah. I don't think that currently the software is 100% "pool impossible" or anything, it's more "bonded pool mining amenable, with increased incentives for solo mining".

The bigger issue will come when someone decides to multipool SpreadCoin, I'd guess... so you'd mine for a bit on their server for free to generate your initial bond (mining whatever currency is currently profitable), then that bond enables you to mine SpreadCoins but the payout is in BTC. Miners tend to be bottom feeders and will mine whatever is consistently bringing in cash, if the automated multipool is set up correctly I believe you can amortize the risk enough to remain profitable. But for the moment this is a lot of effort.
7  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] SpreadCoin | True Decentralization (No Pools) | Testing New Masternodes on: February 06, 2015, 07:18:19 PM
MrSpreads latest messages from spreadcointalk.org.

I'm not sure MrSpread's argument makes economic sense... Coinbase or BTC-e could also steal all their clients coins at any time, and have way more coins than a single pool ever will. However, pools are a business with real revenue and profit, which is lost in the event of theft for a small tangible reward. Certainly exchanges do run off with coins, but it seems like much fewer coins will ever exist on the pool, disincentivizing the pool from stealing the deposits. As has already been mentioned, all deposits can also be stuck in multisigs with a trusted third party (e.g. 2-of-3 multisig escrow), so that in the event that either the pool or the miner wants to try to steal the deposit, they can not.

At this point I think there is no reason that I can see that a pool cannot be made, the difference with Bitcoin, etc is that such a pool would be bonded mining as opposed to there being no fee for entry in BTC.

I think the issue more right now is that the value of making a pool simply isn't there. It cost almost $20k USD in bounties to get a pool running for CryptoNote coins when we did so with Monero, alongside the possibility of making fees from miners.
8  Bitcoin / Bitcoin Discussion / Re: ISIS Using Bitcoins :o on: February 06, 2015, 06:00:17 PM
It has already been proven, beyond a doubt, that terrorists are using Monero.

In what world? People barely even use Monero to play dice games.
9  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [XMR] Monero - A secure, private, untraceable cryptocurrency - 0.8.8.6 on: February 06, 2015, 05:34:16 PM
Someone wants to implement a contract protocol on top of Monero:

Quote
Ive designed a very specific technical implementation to add trustless, tradable, contracts on the Cryptonote prototcol.

The whitepaper can be downloaded from Google drive

https://drive.google.com/file/d/0B75gaqtEgDR8UHU2UVJ6TkYzMnRkdFFsbklBd3hVMDV1eDQw/view?usp=sharing

I am looking to implement this very soon on one of the existing Cryptonote coins.

Looking for suggestions, criticisms, anything that will facilitate this implementation. Unlike most other suggestions or whitepapers I have the full technical ability and experience to implement these changes. I don't want to deal with the prospect of launching a new coin, nor should I have to as these changes would only improve the features of an existing Cryptonote coin.

Roman Brown
romanbrown54@gmail.com

https://bitcointalk.org/index.php?topic=947796.0
10  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] SpreadCoin | True Decentralization (No Pools) | Testing New Masternodes on: February 06, 2015, 05:26:31 AM
For anyone wishing to do the share compression, look here in the source code:

https://github.com/spreadcoin-project/spreadcoin/blob/b05777db815d633a76aba5ef55ecb85390a4df7e/src/main.cpp#L1528-L1533
Code:
   // Start with nonce, time and miner signature as these are values changed during mining.
    BlockData << (nNonce & ~NONCE_MASK); // ignore lowest 6 bits in nonce to allow enumeration of 64 hashes without recomputing whole block hash
    BlockData << nTime;
    BlockData << MinerSignature;
    BlockData << nVersion;
    BlockData << hashPrevBlock;
    BlockData << hashMerkleRoot;
    BlockData << nBits;
    BlockData << nHeight;
    // Skip hashWholeBlock because it is what we are computing right now.
    BlockData << vtx;

    while (BlockData.size() % 4 != 0)
        BlockData << uint8_t(7);

    // Fill rest of the buffer to ensure that there is no incentive to mine small blocks without transactions.
    uint32_t *pFillBegin = (uint32_t*)&BlockData[BlockData.size()];
    uint32_t *pFillEnd = (uint32_t*)&BlockData[MAX_BLOCK_SIZE];
    uint32_t *pFillFooter = std::max(pFillBegin, pFillEnd - 8);

    memcpy(pFillFooter, &hashPrevBlock, (pFillEnd - pFillFooter)*4);
    for (uint32_t *pI = pFillFooter; pI < pFillEnd; pI++)
        *pI |= 1;

    for (uint32_t *pI = pFillFooter - 1; pI >= pFillBegin; pI--)
        pI[0] = pI[3]*pI[7];

    BlockData.forsed_resize(MAX_BLOCK_SIZE);

Nothing too crazy going on here from what I can tell, you start with the block header data/tx list and fill the block with crap going forward with *pI |= 1; (bitwise or operation), then iterate backwards through it multiplying with pI[0] = pI[3]*pI[7];.  You should be able to regenerate this all by simply starting from the initial header state and list of transactions.
11  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] SpreadCoin | True Decentralization (No Pools) | Testing New Masternodes on: February 06, 2015, 05:09:25 AM
First of all, lots of respect for you tacotime!

So roughly the method would be to have everyone send in their (solo) mined coins and then divide them up based on hashrate? And it sounds you would have a list of pubkeys to verify how much everyone mined.

But how would you know how much hash any given miner is supplying? Maybe some kind of custom software to monitor a miner's rigs? I'm somewhat ignorant on the specifics of pool mining and am just trying to wrap my head around this.

Yes, and yes.

Have them submit their partial solutions, which are blocks that are below target and register that as a share. As mentioned before, you should be able to compress padded blocks that use the recursive padding described in the paper, then after they're piped to the pool decompress them. If you're using some kind of naive solution that doesn't compress blocks, you would use adaptive difficulty and set target share rate to something like one share every 5 minutes so your pool and miner bandwidth isn't crazy.

One neat thing about this is that it does let whichever miner who wins the block pick the transactions in the block, instead of the pool itself. However, miners may wish to keep bandwidth usage low, which would encourage as small of blocks as possible (in the event that someone is able to get padding compression working).
12  Alternate cryptocurrencies / Altcoin Discussion / Re: What are the differences between ShadowCash and Darkcoin ? Both seems very nice on: February 06, 2015, 02:42:49 AM
I think SDC is not just a copy of cryptonote.  Its more complicated and cryptonote tech is just one of the pieces of the puzzle.  When Satoshi built bitcoin, he didn't invent any new tech either.  All he did was put existing technical puzzle pieces together in a way that created a powerful incentive system.  The incentive system is the brilliance behind Bitcoin.  ShadowCash is doing a similar thing, putting the puzzle pieces together in a brilliant way.

Also soon Isidor Zeuner will have his review out on ShadowCash, which compares Shadow to cryptonote and other schemes, showing their similarities and differences, so that may put an end to the debate.

ook
13  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] SpreadCoin | True Decentralization (No Pools) | Testing New Masternodes on: February 06, 2015, 02:22:43 AM
In the event a miner started stealing coins, it'd be kinda a funny battle between the miner and pool to get the spending TX in the 121st block before each other for all of the remaining blocks (you would assume the pool would ban the miner at the first block stolen).

The pool wouldn't have access to the funds, only the miner would. Well, unless you make the miner give his private key to the pool as well, but you don't even have to.
14  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] SpreadCoin | True Decentralization (No Pools) | Testing New Masternodes on: February 06, 2015, 02:16:17 AM
you have to account for variance. There is a non-zero probability (sorry, i missed that class so i can't say exactly how much) that the miner with 20% of the hashrate gets 120 blocks in a row. If that happens and he steals, then your collateral wont cover it.

At 20% of the hashrate, I believe the likelihood of getting all 120 blocks in a row would be (1/5)^120, or not very likely.  Basically the math that makes 6 confirmations in the Bitcoin blockchain unlikely to be overwritten also makes it extremely unlikely that any single small pool miner will ever get 100% of the blocks after finding a block.

The probability that the 20% miner will get approximately 24 blocks in that time period is relatively high; but I mean, why pool if you have 20% of the network? Assuming most miners have <= 1% network hash rate, it's unlikely that any small miner could take advantage of this to the full extent.

And, okay, let's say worst case, someone does run off with a little money from the pool. The pool would then just raise fees to pay for the loss and set their deposit higher. This is more of a matter of actuarial science, but I think it's clear that the risks shouldn't be huge to running a pool.

And finally, to further reassure the pool that the money will get to them, the miner can create the tx paying the pool from their coinbase immediately after the block is mined. The tx will then get mined into a block in CoinbaseMaturity many blocks unless the miner either (a) mines a block with a competing transaction or (b) create a doublespend tx with a significantly large fee that can instead be incorporated at a further loss to themselves. (a) is very unlikely given a small hash rate, (b) is possible but causes further loss to the miner and causes him to be banned from the pool immediately upon the doublespend at height CoinbaseMaturity.
15  Alternate cryptocurrencies / Altcoin Discussion / Re: What are the differences between ShadowCash and Darkcoin ? Both seems very nice on: February 05, 2015, 09:35:12 PM
I think this quote from smooth summarizes SDC rather effectively.


There are no other cryptonote-based coins in the top 100 on coinmarketcap besides XMR and BCN.

SDC uses a cryptonote-based design for their anonymous tokens, which is a bit different in terms of coin design and doesn't share code but the cryptography is almost identical.

They call it "zero knowledge solution" though.

Perhaps that is self descriptive.


I didn't see "XMR" or "BCN" in the title of this thread. The shameless promotion "distills" the "essence" of your motives here.

Interesting bit of information I found in the comment section of the recent SDC article regarding Cryptonote, which is why I'm glad SDC doesn't share it's codebase. https://en.wikipedia.org/wiki/CryptoNote#NSA_involvement

"Darknote" is also a CN based coin in the top 100

Clearly from a reputable source:
http://www.cryptobang.com/2014/10/05/what-nsa-created-cryptonote-for

Stuff the wiki has wrong:
(1) Keccak was announced as SHA3 in 2012, BCN/CryptoNote was being developed in late 2013 https://www.schneier.com/blog/archives/2012/10/keccak_is_sha-3.html
(2) CN doesn't use Chaumian blinding (signature blinding)
(3) Bitcoin implementations up to this point use non-deterministic k values, talk of using an HMAC to generate them has been relatively recent. You could make your own implementation that uses it though. https://bitcointalk.org/index.php?topic=285142.0
(4) "Being ASIC-resistant CryptoNote-based currencies can be easily manipulated by NSA possessing big computational resources." This is simply pure conjecturing
16  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] SpreadCoin | True Decentralization (No Pools) | Testing New Masternodes on: February 05, 2015, 09:17:52 PM
So, for a pool, I think what you would do is just have people send the BTC equivalent of one block's reward to the pool (which isn't much), then if the miner's steal the reward, the pool still retains their deposit so net miner gain is 0. You would have the miners themselves mine to their own pubkeyhashes, and you'd submit partial solutions to these blocks to the pool itself. When the miner gets a block, they would be given n many blocks to get the coinbase from their block to the pool to redistribute to the other miners. If they didn't return the reward to the pool, the pool would then just take their deposit and ban them.

So, I don't think there's a big issue with pooling, just a slightly more complicated implementation. There's a small associated cost with joining a pool, but it's not really much.
coinbase mature is 120 blocks, pool have to wait that time, before spend the block reward. a big miner can mine more blocks during this time, so every miner sould pay a bigger guarantee (60 spr for 10 blocks, 120spr for 20 block guarantee), do you think they will do this?

Probably, yeah. Considering 100 SPR is only $6 USD and assuming that that majority of miners probably have a cheeseburger worth of funds to spare, it should be fine.

I mean, reward is like 6.66 SPR, *= 120 blocks (worst case, extremely unlikely) is ~800 SPR. But if you have enough to get 100% of the network's blocks, why would you be on a pool? More likely case is that a big miner gets maybe 20% of the network... That's a deposit of ~160 SPR to prevent a large loss.
17  Bitcoin / Development & Technical Discussion / Re: I thought trxid is unique on: February 05, 2015, 09:06:58 PM
see https://github.com/bitcoin/bips/blob/master/bip-0030.mediawiki
18  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] SpreadCoin | True Decentralization (No Pools) | Testing New Masternodes on: February 05, 2015, 09:04:08 PM
Are you saying that a pool can appear as two pools while working on the same block?

Pools won't show up at all, it'll look like solo mining followed by a tx spending all the coinbase to the pool sometime later. The pool could choose to give totally random addresses for a miner to send funds to, making it impossible to see which pool it went to.
19  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] SpreadCoin | True Decentralization (No Pools) | Testing New Masternodes on: February 05, 2015, 08:36:30 PM
I would love to see such a propsed "escrow pool" that uses automated escrow by using multisignature on the SPR blockchain itself.
I wonder if this could work out.

I don't think multisig would work because I think that (a) coinbase needs to output to a single P2PKH output and (b) you'd have to have all members of the pools receive all blocks from each other and sign them before determining if they met difficulty, which would be super slow. You could maybe send the coinbases to a multisig account after, and have all the pool members sign off on payouts, but that seems overly complicated.

Can this even be automatized?
This all sounds we would need to trust someone to initiate all that, so this will just introduce a single point of failure again, which is what will prevent such pools from appearing in the first place.

I don't know why you would, seems to make it overly complicated when it doesn't need to be.
20  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] SpreadCoin | True Decentralization (No Pools) | Testing New Masternodes on: February 05, 2015, 08:32:01 PM
The collateral pool idea is not new:

Hey guys, would it be possible to create a pool like this;


Each miner mines to a separate address. The pool (and the miner obviously) knows the private key.
The pool has insurance of lets say, 15 spr in a separate address for each miner. The insurance needs to be paid by the miner before he starts mining.

The miner submits shares and once he finds a block he publishes it to the network.

If the miner steals coins from his address then he gets banned from the pool and the pools uses his insurance to pay the other miners.


Could this work? Or is it not possible because it isn't how mining works for spreadcoin?
The problem here is that if you will find a block and will not try to steal its reward pool can still claim that you are trying to steal it and use both your funds and block reward. For external observer it is not possible to distinguish between situations when you are trying to steal money and when pool operators are just lying about this. Even if pool is operated by some legally registered entity with non anonymous owners they can steal your money and you wouldn't be able to prove anything.

If you cannot find blocks consistently but are still mining that means that even one block's reward worth something for you.

I don't think his argument is valid, because
(1) The pool and other users know the pubkeyhashes that are mining.
(2) If the miner pubkeyhash finds a block and then refuses to give the funds back to the pool within say, 60 blocks, it's totally clear to everyone mining on the pool that this has happened aside from just the pool itself.
(3) Miners can mine to another pubkeyhash, but that's the exact same as solo mining.

The pool could steal from the users, but that's the same as with Bitcoin. It's more profitable for the pool to allow people to mine honestly and take a percent fee than it is to steal a generated block.
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 ... 161 »
Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!