|
102
|
Alternate cryptocurrencies / Announcements (Altcoins) / Re: Official Anoncoin chat thread (including history)
|
on: August 30, 2014, 08:59:17 PM
|
If you look at Monero pools you'll see lots of miners with hashrates equivalent to 20,000 CPU cores and more and it wouldn't be profitable for people to buy or rent that many CPU cores.
Can you please show two or three example, where this could/was be seen? And please define "lots" so we understand, what you mean. Check the stats of large Monero pools like this releativelly small Monero pool for example - https://minergate.com - One user with almost 70kH/s and ten users all above 6kH/s. While large botnets don't even need to use pools as they can solo mine on each node in the botnet while the sum of their work would be enough to solo mine easily. As ten-thousand nodes hashing at 10H/s (say on a CPU's that could max 100H/s on average if dedicated) will find the same amount of blocks as one node hashing at 100kH/s. What is your best estimate for the percentage of work being done by botnets over at Monero? It sounds like there is potentially ~140 kH/s at minergate. Lets multiply that by 10 to account for other pools and solo miners, which gives about 1.4 MH/s. The network hash rate is about 26 MH/s, so this comes out to about 5% of the total work being done. Anything that is less than 10% wouldn't bother me at all. Given that there are probably several independent botnets operating, my guess is that Monero is probably very decentralized. In the worst case, you might be able to make the argument that botnets are about as "evil" as asics (in terms of centralization). |
|
|
|
|
103
|
Alternate cryptocurrencies / Announcements (Altcoins) / Re: Official Anoncoin chat thread (including history)
|
on: August 30, 2014, 08:45:52 AM
|
This attack shows how using a myriad of AuXPoW chains could avoid this problem. As by using a myriad of chains then the attacker would need to attack more than one chain. While using AuxPoW with the biggest coin on each chain would greatly increase the network hashrate. I think you should quickly adopt AuxPoW with litecoin how Dogecoin has just done so to help stop any potential future attacks. Then the myriad with NeoScrypt Feathercoin merge-mining and Lyra2 Vertcoin merged-mining can brought in a later date. Plus it may be worth including Cryptonight Monero AuxPoW with the myriad. Plus possibly X11 Darkcoin merge-mining included in the Myriad. To have a total of three to up to possibly five myriad chains all in AuxPoW with the biggest networked coin on each chain. As with a myriad of five chains then an attacker would need to control three of the five AuxPoW chains to control the network.
Not being a miner, I am leaning towards Crytponight as my favorite proof-of-work algorithm. It is heavily CPU oriented, which will put off mining centralization for some time. Perhaps there are similar cpu-oriented algorithms out there, but cryptonight addresses another important point: If we go toward merged mining in the future, which coin would we want to do this with? The only coin that I know of that is putting privacy first, and for which the developers have some integrity, is Monero. Given the new partnership between the two developers in PrivacySolutions.no, if we went in this direction, this choice seems to be a no brainer. The only other algorithm out there I have some respect for is Peercoin's proof-of-stake (though I would prefer a 100% proof-of-stake system...). A built in inflation of ~1% is something that we could probably live with. No one would get rich mining via POS, which is fine by me. Unfortunately, I don't think that POS will work once Zerocoin is implemented. POS would probably only work with ANC balances (which can be "staked"), and not with zerocoins that are in an anonymous escrow pool. I suspect that about a third of ANC will be locked up in zerocoins, which will limit the number of people mining via POS. It is possible that I am wrong, and that zerocoins could be staked like ANC, but this would probably require some important modifications to the original algorithm, and with zerocoin development going on, combined with the arrival of scrypt asics, I don't think that we will have the time to implement this. Going with Cryptonight Monero AuxPoW would just be handing all the newly hashed coins over to botnet 'owners'. Having a GPU friendly hashing algorithm helps to keep the botnets away to a larger extent. Vertcoin is planning on changing to the Lyra2 hashing algorithm. Which will be GPU friendly plus the Vertcoin core dev team are committed to do what it takes to avoid ASIC centralisation. Also there's soon to be Feathercoin's new NeoScrypt algo which should also be GPU friendly. Then there's Darkcoin's X11 hashing algo which is GPU biased as well. There's three GPU friendly hashing algorithms. Scrypt merged-mining with Litecoin would be the quickest and easiest solution for now to secure the network. While the myriad could be added in later. Peercoin is interesting in that it promotes the running of full nodes through staking. Which in turn helps to avoid the dangers of the likes of Sybil attacks. Although as stated Peercoin is of course inflationary in nature with no hard cap on the total amount of coins to be issued. Could you describe what the problem with botnets is? I am admitedly ignorant here, but from what I understand, this is not a big deal. Centralization. One entitiy in control of a huge portion of the hashrate. But as long as they don't have insentive to attack the network it will not be any problem. On the other side, botnets will dump the coins so you will get more supply on the exchanges then you might have had with a more desentralised network with more miners wanting to hold their coins. So the problem is that the CPU power of the botnets would be comparable to the CPU power of all normal Anoncoin miners? A lot of miners dump their coins as well, so I don't know if that would really make much of a difference on the price. |
|
|
|
|
104
|
Alternate cryptocurrencies / Announcements (Altcoins) / Re: Official Anoncoin chat thread (including history)
|
on: August 30, 2014, 07:14:51 AM
|
This attack shows how using a myriad of AuXPoW chains could avoid this problem. As by using a myriad of chains then the attacker would need to attack more than one chain. While using AuxPoW with the biggest coin on each chain would greatly increase the network hashrate. I think you should quickly adopt AuxPoW with litecoin how Dogecoin has just done so to help stop any potential future attacks. Then the myriad with NeoScrypt Feathercoin merge-mining and Lyra2 Vertcoin merged-mining can brought in a later date. Plus it may be worth including Cryptonight Monero AuxPoW with the myriad. Plus possibly X11 Darkcoin merge-mining included in the Myriad. To have a total of three to up to possibly five myriad chains all in AuxPoW with the biggest networked coin on each chain. As with a myriad of five chains then an attacker would need to control three of the five AuxPoW chains to control the network.
Not being a miner, I am leaning towards Crytponight as my favorite proof-of-work algorithm. It is heavily CPU oriented, which will put off mining centralization for some time. Perhaps there are similar cpu-oriented algorithms out there, but cryptonight addresses another important point: If we go toward merged mining in the future, which coin would we want to do this with? The only coin that I know of that is putting privacy first, and for which the developers have some integrity, is Monero. Given the new partnership between the two developers in PrivacySolutions.no, if we went in this direction, this choice seems to be a no brainer. The only other algorithm out there I have some respect for is Peercoin's proof-of-stake (though I would prefer a 100% proof-of-stake system...). A built in inflation of ~1% is something that we could probably live with. No one would get rich mining via POS, which is fine by me. Unfortunately, I don't think that POS will work once Zerocoin is implemented. POS would probably only work with ANC balances (which can be "staked"), and not with zerocoins that are in an anonymous escrow pool. I suspect that about a third of ANC will be locked up in zerocoins, which will limit the number of people mining via POS. It is possible that I am wrong, and that zerocoins could be staked like ANC, but this would probably require some important modifications to the original algorithm, and with zerocoin development going on, combined with the arrival of scrypt asics, I don't think that we will have the time to implement this. Going with Cryptonight Monero AuxPoW would just be handing all the newly hashed coins over to botnet 'owners'. Having a GPU friendly hashing algorithm helps to keep the botnets away to a larger extent. Vertcoin is planning on changing to the Lyra2 hashing algorithm. Which will be GPU friendly plus the Vertcoin core dev team are committed to do what it takes to avoid ASIC centralisation. Also there's soon to be Feathercoin's new NeoScrypt algo which should also be GPU friendly. Then there's Darkcoin's X11 hashing algo which is GPU biased as well. There's three GPU friendly hashing algorithms. Scrypt merged-mining with Litecoin would be the quickest and easiest solution for now to secure the network. While the myriad could be added in later. Peercoin is interesting in that it promotes the running of full nodes through staking. Which in turn helps to avoid the dangers of the likes of Sybil attacks. Although as stated Peercoin is of course inflationary in nature with no hard cap on the total amount of coins to be issued. Could you describe what the problem with botnets is? I am admitedly ignorant here, but from what I understand, this is not a big deal. |
|
|
|
|
105
|
Alternate cryptocurrencies / Announcements (Altcoins) / Re: Official Anoncoin chat thread (including history)
|
on: August 29, 2014, 09:45:46 PM
|
Like I said, other solutions won't have any doubts regarding loopholes . I wouldn't touch any currency utilizing zero knowledge proofs with a ten foot pole. If you dont understand something and if your scared, dont blame it on the technology. This is your fault after all. Ok, as an example let's consider ring signatures. A solution that provides cryptographically guaranteed anonymity without the risk of keys that can create unlimited coins. Who in their right mind would prefer Zerocoin/Zerocash? Let's use a gas tank in a car as an analogy. Would you prefer a gas tank that has a hole, which has a metal plate welded over it, or one without any hole to begin with? The metal plate should theoretically prevent leaks, but who would choose it over a tank with no hole to begin with? Hey there. You are 100% correct about zerocash. There is a major risk that the security keys could be compromised, and the worst part is that no one would even know it. This will be a major impediment to it being adopted. However, Anoncoin is not implementing zerocash: They are implementing zerocoin, and the two are not the same. A very brief description of the differences between the two is given here: https://wiki.anoncoin.net/Zerocash. I think that when you look into this in just a little more detail, that you will find there is no risk in zerocoin. The question is actually very simple. Zerocoin needs to generate a number N that is equal to the product of two prime numbers P and Q, all while not divulging P or Q to anyone, including the person that pick the number N. It turns out that you can in fact do this. Yes, the proof is a little technical (see Sander 1999), but it is not controversial. Zero-knowledge proofs are not controversial either, this is all well established, and if you have a bit of patience, you should be able to grasp the basics in this article: https://wiki.anoncoin.net/Zero-knowledge_proofLastly, ring signatures are good, but they do not really offer "anonymity". I think that this is the best on the market right now. However, how many signatures contribute to the ring signature? The probability of guessing who sent the transaction is simply 1 divided by this number. |
|
|
|
|
106
|
Alternate cryptocurrencies / Announcements (Altcoins) / Re: Official Anoncoin chat thread (including history)
|
on: August 29, 2014, 09:30:59 AM
|
I see huntercoin that has a genuinely innovative project.
PoZ: Proof of Zebra. Mine Huntercoin killing zebras in Africa with Pablo  My name is not pablo anymore. If some variation of the huntercoin mining technique were incorporated into anc, something that let 1 person with the cheapest pc mine 0.1 usd per day sitting on a park bench, anc would be at a high price within weeks. Unless anc waits 6 months, when dozens of coins are doing that. Then it willjust playing catch up like it is now. Dear sock puppet. If someone could mine 0.1 USD sitting on a park bench with the cheapest pc, how much do you think that a professional mining operation would make? Do you think that this would make anoncoin (or any other coin that implemented this idea) safe from a 51% attack, or from the difficulty manipulation we just experienced? It would be great if you could read up on how cryptocurrencies actually work so that we could have a more informed discussion here. |
|
|
|
|
107
|
Alternate cryptocurrencies / Announcements (Altcoins) / Re: Official Anoncoin chat thread (including history)
|
on: August 28, 2014, 09:55:43 PM
|
This attack shows how using a myriad of AuXPoW chains could avoid this problem. As by using a myriad of chains then the attacker would need to attack more than one chain. While using AuxPoW with the biggest coin on each chain would greatly increase the network hashrate. I think you should quickly adopt AuxPoW with litecoin how Dogecoin has just done so to help stop any potential future attacks. Then the myriad with NeoScrypt Feathercoin merge-mining and Lyra2 Vertcoin merged-mining can brought in a later date. Plus it may be worth including Cryptonight Monero AuxPoW with the myriad. Plus possibly X11 Darkcoin merge-mining included in the Myriad. To have a total of three to up to possibly five myriad chains all in AuxPoW with the biggest networked coin on each chain. As with a myriad of five chains then an attacker would need to control three of the five AuxPoW chains to control the network.
Not being a miner, I am leaning towards Crytponight as my favorite proof-of-work algorithm. It is heavily CPU oriented, which will put off mining centralization for some time. Perhaps there are similar cpu-oriented algorithms out there, but cryptonight addresses another important point: If we go toward merged mining in the future, which coin would we want to do this with? The only coin that I know of that is putting privacy first, and for which the developers have some integrity, is Monero. Given the new partnership between the two developers in PrivacySolutions.no, if we went in this direction, this choice seems to be a no brainer. The only other algorithm out there I have some respect for is Peercoin's proof-of-stake (though I would prefer a 100% proof-of-stake system...). A built in inflation of ~1% is something that we could probably live with. No one would get rich mining via POS, which is fine by me. Unfortunately, I don't think that POS will work once Zerocoin is implemented. POS would probably only work with ANC balances (which can be "staked"), and not with zerocoins that are in an anonymous escrow pool. I suspect that about a third of ANC will be locked up in zerocoins, which will limit the number of people mining via POS. It is possible that I am wrong, and that zerocoins could be staked like ANC, but this would probably require some important modifications to the original algorithm, and with zerocoin development going on, combined with the arrival of scrypt asics, I don't think that we will have the time to implement this. |
|
|
|
|
108
|
Alternate cryptocurrencies / Announcements (Altcoins) / Re: Official Anoncoin chat thread (including history)
|
on: August 28, 2014, 12:13:43 PM
|
As an update, the stuck tx's will be "soon" mined. Once i find a block  Now tell us more about the blocks you have found the last 24 hours? Everybody please put this troll on ignore and be done with him, he just wants to spread panic, why else register a new account today just to talk trash in this thread. Then do you have any explanation for the blockchain problem? The explanation is very simple. The difficulty for mining has jumped to 500 (not sure why, probably multipools?). It is going to take a long time to mine the next block. Nothing to worry about. Just look here http://ancblockchain.com/chain/AnoncoinIt is my understanding that this kind of problem will be fixed in the next release: the devs are going to replace the kimoto gravity well algorithm with something better. Sorry but you are wrong. Someone is spamming the network with 8 Ghz since more than 24 hours! Hello Troll You cant "spam" the network, you can only try to solve blocks. Your talking about 8GHz but in fact you probably mean 8GHs which is something different. If there would be constantly 8GHs @ ANC, then we wouldnt have this situation. The current problem is that someone comes, mines some blocks and leaves again. I'd pressume you have some buy orders and want cheap coins, creating panic may help you to get this but it will hurt you too long-term. Please learn the things your talking about, otherwise we/i cant take you serious. PS: answering to this is futile, ignore fixed you... The blockchain is down during more than 24 hours by a miner? Who's the troll here? I never claimed responsibility for this attack. What's your problem? You don't have arguments? According with network stats below, one "miner" with a power until 50Ghz takes the control of the network and blockchain? What we can expect next time? A 90% attack? http://www.coinwarz.com/cryptocurrency/coins/anoncoinNo one here is able to solve that problem with an update? ANC is only promises? Sock puppet: it is GHash/sec - billion hashes per second. Also, it doesn't look like this was a 51% attack (double spend) to me. Though I don't fully understand the logic of the attackers, it appears that they are manipulating the difficulty, which is set by the Kimoto Gravity Well algorithm. This is either to load up on coins, to sell later at a profit (the price of ANC is too low now to make profit), or it is a malicious attack to discredit the coin. If it is malicious, that's great! Someone cares  |
|
|
|
|
110
|
Alternate cryptocurrencies / Announcements (Altcoins) / Re: Official Anoncoin chat thread (including history)
|
on: August 27, 2014, 08:10:46 PM
|
As an update, the stuck tx's will be "soon" mined. Once i find a block Now tell us more about the blocks you have found the last 24 hours? Everybody please put this troll on ignore and be done with him, he just wants to spread panic, why else register a new account today just to talk trash in this thread. Then do you have any explanation for the blockchain problem? The explanation is very simple. The difficulty for mining has jumped to 500 (not sure why, probably multipools?). It is going to take a long time to mine the next block. Nothing to worry about. Just look here http://ancblockchain.com/chain/AnoncoinIt is my understanding that this kind of problem will be fixed in the next release: the devs are going to replace the kimoto gravity well algorithm with something better. |
|
|
|
|
111
|
Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Storj - Decentralized Storage
|
on: August 27, 2014, 01:54:03 PM
|
lol failed marketing, developing, planning, and most of all, fail community. notably the 'special' one, smaragda.  PS: no one wants cheap SJCX. I wouldnt touch it more until it was free. The coin literally has ZERO value. Its not cheap until it cost 1 satoshi. This thread is becoming very boring, very fast. I vote that we: 1. Close down this thread and move all meaningful conversation to the Storj forum (which is where almost everyone is anyways). 2. Create a new thread called "Storj - Speculation" that will be dedicated to speculation in the price and future of Storj. |
|
|
|
|
112
|
Alternate cryptocurrencies / Announcements (Altcoins) / Re: Official Anoncoin chat thread (including history)
|
on: August 27, 2014, 09:01:38 AM
|
Does anyone have an opinion on a 100% proof-of-stake system, similar to Peercoin? (actually, they use a mixed POW and POS system.)
The benefit is that there is little energy used with POS compared to energy hungry POW algorithms.
The downside is that there is built in monetary inflation (albeit, very low at 1% for peercoin, if I remember correctly).
People are more attracted to 100% proof of stake in new coins now. Only miners don't like it. For the coin and the value of the coin 100% proof of stake is better than regular mining. regular mined coins / btc, ltc etc / 1 star proof of stake / nxt, cap, etc / 2 stars innovative productive / xpm, ric etc / 3 stars innovative productive variation of proof of stake / huc, etc / 4 stars Going to 100% regular proof of stake is like adding a piece of celery to a bowl of rice. Is it an improvement? Yes. a significant improvement? No. Nothing creative or new about it but yes, rice with celery is better than rice without celery. With a block reward of 2.5 ANC in some months, we will loose all small miners against big centralized miners that will control the network as they want. Then, in my opinion, PoS would be a good option. They could program the inflation rate to have same coins distribution as the actual PoW algo (4 million ANC at the same approximated date). With regard to the block reward halving: This has always bothered me. Halving the block reward every X blocks is nearly equivalent to an exponential decrease in the block reward with time. Why don't we just hard code the block reward to be reward = C * exp (-b/lambda) where b is the block number, lambda a decay constant, and C a constant that depends on the total number of coins? Using step functions was a dumb idea from the start, and I don't know why Satoshi did this. It seems to me that it would be trivial to update the anoncoin code to have a continuously decreasing block reward, if everyone thought it was a good idea. |
|
|
|
|
113
|
Alternate cryptocurrencies / Announcements (Altcoins) / Re: Official Anoncoin chat thread (including history)
|
on: August 26, 2014, 08:56:17 PM
|
Say your opinion!
A hypothetical question that does not necessarily have any ulterior motive; If Anoncoin switched hashing algorithm, what type of hashing algorithm would you liked to see then?
a) The current hashing algorithms used by coins are becoming a variation of the way fiat is created. If you have money you can make money. Even cpu is basically like that. b) If coins were generated in a more novel way that provided some added value to the process they would catch on. Peercoin and primecoin added value to the process. There are many ways to make the coin generation process less useless. Anoncoin could develop an algo that is both fair, in that any person can generate a small amount of coins easily, and also useful, in that the process does something worthwhile besides only creating coins. Does anyone have an opinion on a 100% proof-of-stake system, similar to Peercoin? (actually, they use a mixed POW and POS system.) The benefit is that there is little energy used with POS compared to energy hungry POW algorithms. The downside is that there is built in monetary inflation (albeit, very low at 1% for peercoin, if I remember correctly). |
|
|
|
|
114
|
Alternate cryptocurrencies / Announcements (Altcoins) / Re: Official Anoncoin chat thread (including history)
|
on: August 26, 2014, 08:51:14 PM
|
Wait what? ZC can't be transferred?  Here is how it will (probably) work: 1. Zerocoin Mint Transaction In your wallet, you will convert a part (or all) of your ANC into zerocoins, with 1 ANC = 1 Zerocoin. The Zerocoins will be denominated in factors of 10, so you will need to choose how to do this. Your wallet will store some information for each zerocoin you generate (like the coin serial number, an associated random number used to generate the coin, and the denomination). The blockchain will record information saying that "your public ANC address sent X ANC to the zerocoin pool." 2. Zerocoin Spend TransactionYou tell your wallet to redeem some zerocoins to a specified ANC address. This part is done using zero-knowledge proofs and the private info in your wallet so that you don't disclose who you are. This ANC address could be yours (if you want to "wash" your coins) or someone elses (if you want to do an anonymous transaction). 1 ANC will be credited to this ANC address for each Zerocoin that is redeemed. The end result is the following: The person who receives the ANC from the Zerocoin spend transaction won't know who they came from. All they will know is that they come from 1 of the people who ever owned zerocoins up to that date. As the number of people owning zerocoins will likely be VERY large, it will be impossible to guess who that person is. This differs from most other mixing services where the number of people you are mixed with is small, allowing you to play guessing games to eventually figure out who sent the coins. The only thing you will need to worry about is the following: If the number of people who contributed to the zerocoin pool for denomination X is small, you are in danger of being found out. The wallet should thus tell you how many coins are in the escrow pool for each denomination. Even if this number is large, there is a possibility that all these coins belong to the same person! Thus it would also be a good idea for the wallet to tell you how many unique ANC addresses were used in the zerocoin mint transactions. Why would anyone use other denominations than 1 ZC? Because there is a transaction cost for each zerocoin proof. Miners need to verify each proof (which is considerably harder than just verifying a hash), and to incentivize them to do so, each zerocoin that is spent will have a small transaction fee. For a 1000 ANC transaction, you could either redeem 1000 zerocoins each with a 1 ANC denomination (with 1000 times the transaction fee), or just 1 zerocoin with a 1000 ANC denomination (with just 1 transaction fee). I think that darkcoin does something similar. I have no idea what the transaction fees will be, but I suspect it will probably be 10 times larger than the normal fee of 0.01, so lets say it is 0.1 ANC I think that there are two ways to deal with the fee. Lets say you want to send 1 ANC to someone. (1) You could mint a zerocoin with a denomination of 1.1 ANC. When you redeem the coin, the 0.1 fee goes to the miner and the 1 ANC goes to the recipient. (2) You could mint a zerocoin with a denomination of 1 ANC, and then a second one with the denomination of the fee, 0.1 ANC. To send 1 ANC to someone, you would need to send a 1 ANC zerocoin to them, plus send a 0.1 ANC zerocoin to the miner. Option 1 is faster, as only 1 proof needs to be verified, but if you change the transaction fee at a later date, that would really screw things up. For option 2, the miner would need to verify twice as many zerocoin proofs in order to get the fee. For the sake of simplicity (specially for casual users), the wallet software should have an "anonymous send" function which would both mint and spend ZC to a destination ANC address using the most appropriate denomination, so that the user doesn't have to know ZC or understand what is going on behind the scenes. ANC has to be simple in order to be popular, and advanced users will always be able to mint ZC manually. The only thing users would have to understand is that "normal" send is not quite anonymous, and "anonymous send" is a bit more expensive because of the intermediary ZC step. One problem with doing this is that your transaction could be deanonymized by a timing analysis. If you buy X zerocoins, and then immediately spend the same amount, that would look really suspicious in the block chain. Another possible solution might be instead to have all coins in your wallet immediately converted to zerocoins. Perhaps the wallet could say "You just recieved X ANC. Would you like to convert them to Zercoins?" |
|
|
|
|
115
|
Alternate cryptocurrencies / Announcements (Altcoins) / Re: Official Anoncoin chat thread (including history)
|
on: August 26, 2014, 03:07:52 PM
|
Wait what? ZC can't be transferred? Here is how it will (probably) work: 1. Zerocoin Mint Transaction In your wallet, you will convert a part (or all) of your ANC into zerocoins, with 1 ANC = 1 Zerocoin. The Zerocoins will be denominated in factors of 10, so you will need to choose how to do this. Your wallet will store some information for each zerocoin you generate (like the coin serial number, an associated random number used to generate the coin, and the denomination). The blockchain will record information saying that "your public ANC address sent X ANC to the zerocoin pool." 2. Zerocoin Spend TransactionYou tell your wallet to redeem some zerocoins to a specified ANC address. This part is done using zero-knowledge proofs and the private info in your wallet so that you don't disclose who you are. This ANC address could be yours (if you want to "wash" your coins) or someone elses (if you want to do an anonymous transaction). 1 ANC will be credited to this ANC address for each Zerocoin that is redeemed. The end result is the following: The person who receives the ANC from the Zerocoin spend transaction won't know who they came from. All they will know is that they come from 1 of the people who ever owned zerocoins up to that date. As the number of people owning zerocoins will likely be VERY large, it will be impossible to guess who that person is. This differs from most other mixing services where the number of people you are mixed with is small, allowing you to play guessing games to eventually figure out who sent the coins. The only thing you will need to worry about is the following: If the number of people who contributed to the zerocoin pool for denomination X is small, you are in danger of being found out. The wallet should thus tell you how many coins are in the escrow pool for each denomination. Even if this number is large, there is a possibility that all these coins belong to the same person! Thus it would also be a good idea for the wallet to tell you how many unique ANC addresses were used in the zerocoin mint transactions. Why would anyone use other denominations than 1 ZC? Because there is a transaction cost for each zerocoin proof. Miners need to verify each proof (which is considerably harder than just verifying a hash), and to incentivize them to do so, each zerocoin that is spent will have a small transaction fee. For a 1000 ANC transaction, you could either redeem 1000 zerocoins each with a 1 ANC denomination (with 1000 times the transaction fee), or just 1 zerocoin with a 1000 ANC denomination (with just 1 transaction fee). I think that darkcoin does something similar. I have no idea what the transaction fees will be, but I suspect it will probably be 10 times larger than the normal fee of 0.01, so lets say it is 0.1 ANC I think that there are two ways to deal with the fee. Lets say you want to send 1 ANC to someone. (1) You could mint a zerocoin with a denomination of 1.1 ANC. When you redeem the coin, the 0.1 fee goes to the miner and the 1 ANC goes to the recipient. (2) You could mint a zerocoin with a denomination of 1 ANC, and then a second one with the denomination of the fee, 0.1 ANC. To send 1 ANC to someone, you would need to send a 1 ANC zerocoin to them, plus send a 0.1 ANC zerocoin to the miner. Option 1 is faster, as only 1 proof needs to be verified, but if you change the transaction fee at a later date, that would really screw things up. For option 2, the miner would need to verify twice as many zerocoin proofs in order to get the fee. |
|
|
|
|
116
|
Alternate cryptocurrencies / Announcements (Altcoins) / Re: Official Anoncoin chat thread (including history)
|
on: August 26, 2014, 02:24:41 PM
|
Wait what? ZC can't be transferred? Here is how it will (probably) work: 1. Zerocoin Mint Transaction In your wallet, you will convert a part (or all) of your ANC into zerocoins, with 1 ANC = 1 Zerocoin. The Zerocoins will be denominated in factors of 10, so you will need to choose how to do this. Your wallet will store some information for each zerocoin you generate (like the coin serial number, an associated random number used to generate the coin, and the denomination). The blockchain will record information saying that "your public ANC address sent X ANC to the zerocoin pool." 2. Zerocoin Spend TransactionYou tell your wallet to redeem some zerocoins to a specified ANC address. This part is done using zero-knowledge proofs and the private info in your wallet so that you don't disclose who you are. This ANC address could be yours (if you want to "wash" your coins) or someone elses (if you want to do an anonymous transaction). 1 ANC will be credited to this ANC address for each Zerocoin that is redeemed. The end result is the following: The person who receives the ANC from the Zerocoin spend transaction won't know who they came from. All they will know is that they come from 1 of the people who ever owned zerocoins up to that date. As the number of people owning zerocoins will likely be VERY large, it will be impossible to guess who that person is. This differs from most other mixing services where the number of people you are mixed with is small, allowing you to play guessing games to eventually figure out who sent the coins. The only thing you will need to worry about is the following: If the number of people who contributed to the zerocoin pool for denomination X is small, you are in danger of being found out. The wallet should thus tell you how many coins are in the escrow pool for each denomination. Even if this number is large, there is a possibility that all these coins belong to the same person! Thus it would also be a good idea for the wallet to tell you how many unique ANC addresses were used in the zerocoin mint transactions. |
|
|
|
|
117
|
Alternate cryptocurrencies / Announcements (Altcoins) / Re: Official Anoncoin chat thread (including history)
|
on: August 26, 2014, 10:03:33 AM
|
Say your opinion!
A hypothetical question that does not necessarily have any ulterior motive; If Anoncoin switched hashing algorithm, what type of hashing algorithm would you liked to see then?
a cpu only algo Agreed, CPU only. 1 CPU, 1 vote. + By the way,any hashing algorithm will be matched by ASICS in the coming time.I'm not worried about the algorithm. Finally, someone else who is able to understand this How come any hashing algorithm will be matched by ASIC ? Is it possible to explain this in layman terms? ASIC stands for Application-specific integrated circuit. The difference between GPU/CPU and ASIC, is that you are "hashing" in an "electrical way" without a layer wrapped around (ASM - CPU language, OS, etc). Because of this they are much more efficient, but they can only do what their build for. You can create an ASIC for everything u want. All you need is the money/ppl to design and create it. When scrypt (LTC) came out, it was ment to be CPU only. Someone found a way to parallelize the algorythm so mining with GPUs got possible. Later the scrypt based coins got really big so creating ASICs was worth it, now they exist since quite some time. It is possible to make something really hard to be implemented in an ASIC, but most of ppl who say this dont even understand what their talking about. They just say it as a marketing purpose. Agreed. Perhaps a different way to look at this is the following: how much time will it take for an ASIC of a particular algorithm to appear on the market? If you want to avoid centralization of mining, it seems to me that you are condemned to hard-fork to alternative proof-of-work algorithms every X years. The goal should therefore be to make X as large as possible, all while making the computational gains associated with ASICs vs CPUs as small as possible. |
|
|
|
|
118
|
Alternate cryptocurrencies / Announcements (Altcoins) / Re: Official Anoncoin chat thread (including history)
|
on: August 26, 2014, 09:54:29 AM
|
If there is going to be a 2-Blockchain-Solution, I ask myself whether Exchanges are able to trade this Zerocoin separately?
I mean... ANC and this ZC are tied together as I understand this, since we would be able to exchange it with one another, right?
Still wondering : )
ZC trading would be stupid and probably wont work well. ZC is ment so you have anonymous transactions. The value is bound to ANC directly, its not a "new coin", "subcoin" or anything like this. Think of it as a token, if i "convert" 10 ANC to ZC, i have 10 ANC ZC tokens. Now i can redeem these 10 tokens to get 10 ANC back, but nobody knows which original 10 ANC it was, therefore its anonymous. Also, the zerocoins will not be "stored" in the second blockchain. As far as I know, this will just be a long list that contains the zerocoin zero-knowlegde proofs used when converting a previously minted zerocoin to an anoncoin. After these proofs have been verified, they are useless, and there is not much reason to keep this hanging around. As far as I know, it is not possible to transfer zerocoins. To do this you would need to give someone the private serial number and random number associated with the coin. I believe that you can transfer "zerocash coins", but that is a different story. |
|
|
|
|
120
|
Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Storj - Decentralized Storage
|
on: August 20, 2014, 10:28:43 AM
|
LEARN HOW TO FUCKIN' READ YOU RETARDS!!!  ...you know who you are... P.S. Have fun jacking off each other on my Ignore List too! Edit: Let me rephrase that in case you didn't understand... LEARN HOW TO READ YOU FUCKIN' RETARDS!!! I couldn't agree more. What is wrong with you people? You invest money without reading the terms, without going to the Storj forum, and without asking questions on the forum? Every single question I asked there was answered immediately by the developers. Most questions asked in this forum were answered already earlier in the tread, which is NOT long. I have to say that I am really impressed with what Storj is doing, and their attention to the community that is supporting them. It is true that some things were not clear initially in the crowdsale, and I interpret this because the team was a bunch of coders, and not lawyers (look at the Ethereum terms for their crowdsale for comparison....). The developers are working on a project that is truly transformative. Even if I lose money, I will be happy that I won't have to pay dropbox anymore for the rest of my life. And that with the assurance that my data is private! |
|
|
|
|
Show Posts
