XMR vs DRK

[5w00p]

FWIW, I met Riccardo Spagni, aka fluffypony, in REAL LIFE in Burbank, California in November 2014.

He is who he says he is. He is an intelligent, honest, perceptive, and conscientious person.

In response to the N. van Saber... thing: You can also find the letters  n, s, and a in Dashcoin.

[1714288943]

1714288943

[1714288943]

1714288943

[Vispicious]

**PUTS ON TINFOIL HAT**

Satoshi Nakamoto has the letters NSA in the name. Bitcoin was made by the NSA< thats definite proof!

**TAKES OFF TINFOIL HAT**

[smooth]

I met Riccardo Spagni, aka fluffypony, in REAL LIFE in Burbank, California in November 2014.

He is who he says he is. He is an intelligent, honest, perceptive, and conscientious person.

You can can also find the letters  n, s, and a in Dashcoin.

Riccardo Spagni you say?

Hmm. Very suspicious I think.

The bitcointalk user masternode is Director of the Darkcoin Foundation.

They're everywhere.

[BlockaFett]

Just reading more....Monero forked from Bytecoin which had hidden references to intel-agency recruitment group Cicada 3301 : http://www.coinssource.com/the-mysteries-and-puzzles-behind-the-cryptonote-technology/

more on Wikipedia: https://en.wikipedia.org/wiki/CryptoNote#Bytecoin_and_Cicada

good luck using XMR on Darknet

[Vispicious]

Cicada is a group that uses crytography to make puzzles. i know all about it, it has nothing to do with NSA or CIA or NBA or NFL. after i found out that dash had a instamine scam i spent the last hour checking up on monero. and guess what! it comes out clean. so thats 1 coin on my good list, time to search bitcoindark

wanna guess somethin else, a darknet admin on agora said that they would never use dash cause its a btc clone. monero prob has best bet, but idk if thats even a good thing! haha

[smooth]

Just reading more....Monero forked from Bytecoin which had hidden references to intel-agency recruitment group Cicada 3301 : http://www.coinssource.com/the-mysteries-and-puzzles-behind-the-cryptonote-technology/

more on Wikipedia: https://en.wikipedia.org/wiki/CryptoNote#Bytecoin_and_Cicada

good luck using XMR on Darknet

Bytecoin connection to Cicada 3301 is fake. Cicada 3301 has stated that anything not signed by them is not them. The Bytecoin stuff wasn't. End of story.

[5w00p]

Blocka, ol' buddy, ol' pal!

C'mon man! Can't we all just get along?

[Hueristic]

Just reading more....Monero forked from Bytecoin which had hidden references to intel-agency recruitment group Cicada 3301 : http://www.coinssource.com/the-mysteries-and-puzzles-behind-the-cryptonote-technology/

more on Wikipedia: https://en.wikipedia.org/wiki/CryptoNote#Bytecoin_and_Cicada

good luck using XMR on Darknet

Actually if you want the real dirt, elliptic curve seed values are all backdoored by the NSA. You should follow that down the rabbit hole.

[majamina]

So we're back to 'TLA/guv is an unassailable adversary'.

One point worth considering here for 'XMR vs DASH' is on-chain vs off-chain mixing. Assuming TLA can compromise these coins, with XMR they can unlock the entire blockchain and see all the private transactions, correct?

With DASH they have to compromise a large portion of the masternode network and observe transactions, with the masternode network being, to an extent, a moving target. Therefore it's reasonable to say that some transactions will never be compromised, e.g. if TLA pay no attention to DASH for the first few years all transactions during this period will never be revealed.

As the masternode network changes TLA plays whack-a-mole. With XMR there's a single, stationary mole.

[G2M]

So we're back to 'TLA/guv is an unassailable adversary'.

One point worth considering here for 'XMR vs DASH' is on-chain vs off-chain mixing. Assuming TLA can compromise these coins, with XMR they can unlock the entire blockchain and see all the private transactions, correct?

With DASH they have to compromise a large portion of the masternode network and observe transactions, with the masternode network being, to an extent, a moving target. Therefore it's reasonable to say that some transactions will never be compromised, e.g. if TLA pay no attention to DASH for the first few years all transactions during this period will never be revealed.

As the masternode network changes TLA plays whack-a-mole. With XMR there's a single, stationary mole.

I'm fairly certain that if being able to discover a view key from a public address is possible, then being able to decipher a private key from a public DRK address would also be possible.

If that's the case, then both would be just as susceptible to deanonymization as importing the private key from a DRK wallet would reveal all destination addresses even if using darksent.

Additionally, deciphering the private key from a DRK address would immediately give one access to the funds, whereas with Monero you'd also have to decipher a separate spend key. Not saying much here.

Either way, you'd also have a whole lot of other problems if "TLA can compromise these coins" in this way.

For example, double spending would likely be possible as well, along with a whole other slew of things that are much more widely used than any cryptocurrency would be compromised as well.

Additionally, the Monero blockchain is littered with stealth address, whereas the DRK blockchain is riddled with actual public addresses, so that's a whole other step in the discovery of the anon history.

[illodin]

Would be interesting to be a fly on the wall when the NSA researchers are talking about this thread in their weekly meeting.

[generalizethis]

Would be interesting to be a fly on the wall when the NSA researchers are talking about this thread in their weekly meeting.

I thought the meetings were flies on the wall?

[majamina]

I'm fairly certain that if being able to discover a view key from a public address is possible, then being able to decipher a private key from a public DRK address would also be possible.

If that's the case, then both would be just as susceptible to deanonymization as importing the private key from a DRK wallet would reveal all destination addresses even if using darksent.

Additionally, deciphering the private key from a DRK address would immediately give one access to the funds, whereas with Monero you'd also have to decipher a separate spend key. Not saying much here.

Either way, you'd also have a whole lot of other problems if "TLA can compromise these coins" in this way.

For example, double spending would likely be possible as well, along with a whole other slew of things that are much more widely used than any cryptocurrency would be compromised as well.

Additionally, the Monero blockchain is littered with stealth address, whereas the DRK blockchain is riddled with actual public addresses, so that's a whole other step in the discovery of the anon history.

Interesting points, thanks.

I'm not sure of the answer here, but I know people talk about DASH's 'off-chain mixing' and how this invalidates any future decryption of the blockchain.

Will do some more reading.

[Anon136]

Would be interesting to be a fly on the wall when the NSA researchers are talking about this thread in their weekly meeting.

Lol yea right. Monero might be on the radar of someone in the deep state. But they are not going to be talking about this thread in a meeting. Thats silly.

[Hueristic]

Would be interesting to be a fly on the wall when the NSA researchers are talking about this thread in their weekly meeting.

Lol yea right. Monero might be on the radar of someone in the deep state. But they are not going to be talking about this thread in a meeting. Thats silly.

Agreed, This thread is nothing but fluff. Those meetings are light years beyond this dribble.

In reality, the only worth this thread has is to give a chuckle while having a morning coffee.

[toknormal]

I'm not sure of the answer here, but I know people talk about DASH's 'off-chain mixing' and how this invalidates any future decryption of the blockchain.

Will do some more reading.

This whole debate is becoming a bit superfluous IMO because it's concerning itself with completely the wrong criteria.

Bitcoin itself is already anonymous by virtue of having eliminated counterparties (the banking system) from the monetary system. There is no legal, informational or other link between a bitcoin address and an actual person - it can only be 'inferred'.

The problem therefore isn't one of 'hiding' and encryption, it's one of maintaining a high level of monetary fungibility so that one unit of the currency is reasonably indistinguishable from another in terms of value.

There already is a historical precedent for this and it has nothing to do with secrecy, encryption or hidden transactions. It's simply a monetary medium known as 'cash', which for thousands of years has implemented optimal fungibility through successive mixing of multiple inputs into a single output and recycling that process iteratively.

What is a cash drawer in a high street shop ? - a mixer ! People turn up all day long, buy stuff with cash, incrementing the balance in the cash drawer on a piecemeal basis. Than when trading closes, the cash is deposited as a lump sum in the bank (as a single 'output').

This is the model that should be carried into cryptocurrencies because it optimises both anonymity and visibility which, contrary to what many argue, are complimentary properties not exclusive ones. Bitcoin's publicly viewable ledger was one of the great breakthroughs of Satoshi's model. What it was missing was the 'cash drawer' recycling element that characterised base monetary media for centuries, keeping them fungible and re-enforcing their anonymity with respect to connecting ownership to real world persons.

By encrypting and hiding everything, all we're doing is burying all those great features that make the mechanics of the cryptocurrency visible, accountable and publicly 'ownable'. So what if someone manages to trace back a single cash movement to its originating address ? That doesn't amount to 'de-anonymisation' in terms of connecting that address to a person because there is a whole chain of 'cash drawer' steps that precede even the detected address (and the one before that and....). Even if it did there are far easier ways to connect a real person to an address than wasting months of effort and computing power trying to discover which 'cash drawer' originally contained my pizza payment.

This is why I've consistently argued that it's not a question of which approach does the best job of hiding a transaction, it's a question of which one enhances all monetary properties - in this particular case, fungibility & privacy - in a way that most optimally compliments all other properties of digital money. In that respect, this 'hiding from the NSA' stuff is a complete distraction. If they want to know who you are and what you spend your money on there are far easier ways for them to do that than trawling blockchains. That's only one of hundreds of electronic footprints that people have and probably the best protected anyway, regardless of what technology it deploys.

[Joshuar]

I'm not sure of the answer here, but I know people talk about DASH's 'off-chain mixing' and how this invalidates any future decryption of the blockchain.

Will do some more reading.

This whole debate is becoming a bit superfluous IMO because it's concerning itself with completely the wrong criteria.

Bitcoin itself is already anonymous by virtue of having eliminated counterparties (the banking system) from the monetary system. There is no legal, informational or other link between a bitcoin address and an actual person - it can only be 'inferred'.

The problem therefore isn't one of 'hiding' and encryption, it's one of maintaining a high level of monetary fungibility so that one unit of the currency is reasonably indistinguishable from another in terms of value.

There already is a historical precedent for this and it has nothing to do with secrecy, encryption or hidden transactions. It's simply a monetary medium known as 'cash', which for thousands of years has implemented optimal fungibility through successive mixing of multiple inputs into a single output and recycling that process iteratively.

What is a cash drawer in a high street shop ? - a mixer ! People turn up all day long, buy stuff with cash, incrementing the balance in the cash drawer on a piecemeal basis. Than when trading closes, the cash is deposited as a lump sum in the bank (as a single 'output').

This is the model that should be carried into cryptocurrencies because it optimises both anonymity and visibility which, contrary to what many argue, are complimentary properties not exclusive ones. Bitcoin's publicly viewable ledger was one of the great breakthroughs of Satoshi's model. What it was missing was the 'cash drawer' recycling element that characterised base monetary media for centuries, keeping them fungible and re-enforcing their anonymity with respect to connecting ownership to real world persons.

By encrypting and hiding everything, all we're doing is burying all those great features that make the mechanics of the cryptocurrency visible, accountable and publicly 'ownable'. So what if someone manages to trace back a single cash movement to its originating address ? That doesn't amount to 'de-anonymisation' in terms of connecting that address to a person because there is a whole chain of 'cash drawer' steps that precede even the detected address (and the one before that and....). Even if it did there are far easier ways to connect a real person to an address than wasting months of effort and computing power trying to discover which 'cash drawer' originally contained my pizza payment.

False. Even Satoshi ackowledged there may be something better that can be done with Ring Signatures than the plain old transparent blockchain. He makes a post alluding to the fact that a implementation of ring signatures on the blockchain may be better than the open blockchain. Adding coinjoin to the protocol wouldn't make much sense when you can have ring signatures.

Here you go:

This is a very interesting topic.  If a solution was found, a much better, easier, more convenient implementation of Bitcoin would be possible.

Originally, a coin can be just a chain of signatures.  With a timestamp service, the old ones could be dropped eventually before there's too much backtrace fan-out, or coins could be kept individually or in denominations.  It's the need to check for the absence of double-spends that requires global knowledge of all transactions.

The challenge is, how do you prove that no other spends exist?  It seems a node must know about all transactions to be able to verify that.  If it only knows the hash of the in/outpoints, it can't check the signatures to see if an outpoint has been spent before.  Do you have any ideas on this?

It's hard to think of how to apply zero-knowledge-proofs in this case.

We're trying to prove the absence of something, which seems to require knowing about all and checking that the something isn't included.

As you can see, right there he is basically refering to what Cryptonote has accomplished today. It's odd that you refer to "anonymity" and "visibility" , since Cryptonote supremely offers those aspects(You can be anonymous or transparent if you wish). The fact is, to which even Satoshi alluded to, is that Cryptonote(Ring Signatures/Monero) is the best trustless implementation of an anonymity/privacy scheme on Earth.

[eizh]

G2M is correct. If you're able to do two-way mapping of hash functions, then everybody is collectively screwed independent of XMR v. DRK or on-chain v. off-chain.

[othe]

This whole debate is becoming a bit superfluous IMO because it's concerning itself with completely the wrong criteria.

- Correct, the real problem DRK has that i don't need to own the masternodes, just the majority of coinjoins.

Bitcoin itself is already anonymous by virtue of having eliminated counterparties (the banking system) from the monetary system. There is no legal, informational or other link between a bitcoin address and an actual person - it can only be 'inferred'.

- It's not and was never intended to be, it's pseudonymous, on the other hand if you think its anonymous enough then there really is no reason for DRK to exist.

The problem therefore isn't one of 'hiding' and encryption, it's one of maintaining a high level of monetary fungibility so that one unit of the currency is reasonably indistinguishable from another in terms of value.

- Of course it is; Only with encryption you can defeat the fungibility issue, DRK doesn't make it more fungible, you mix dirty coins with other dirty coins the same as a BTC mixer or darkwallet, after a while most coins will be tainted and you have the same problems as BTC or even worse.

There already is a historical precedent for this and it has nothing to do with secrecy, encryption or hidden transactions. It's simply a monetary medium known as 'cash', which for thousands of years has implemented optimal fungibility through successive mixing of multiple inputs into a single output and recycling that process iteratively.

- Thats untrue, banknotes get marked and they have serial numbers, If you get banknotes from a known bank robbery and they get marked they get confiscated and you lose them.

What is a cash drawer in a high street shop ? - a mixer ! People turn up all day long, buy stuff with cash, incrementing the balance in the cash drawer on a piecemeal basis. Than when trading closes, the cash is deposited as a lump sum in the bank (as a single 'output').

- And what does that "mixer" do? Nothing... Have fun "mixing" your 5 million stolen from a bank robbery cash bills this way, it works as slow as mixing with darksend, you won't get them mixed before you die...

This is the model that should be carried into cryptocurrencies because it optimises both anonymity and visibility which, contrary to what many argue, are complimentary properties not exclusive ones. Bitcoin's publicly viewable ledger was one of the great breakthroughs of Satoshi's model. What it was missing was the 'cash drawer' recycling element that characterised base monetary media for centuries, keeping them fungible and re-enforcing their anonymity with respect to connecting ownership to real world persons.

- DRK doesn't create infungible money, it's the same as Darkwallet and a Mixer, you just get other dirty coins back....nothing is reinforced there, heck people aren't even forced to use darksend and no one will because it's a pain use.

By encrypting and hiding everything, all we're doing is burying all those great features that make the mechanics of the cryptocurrency visible, accountable and publicly 'ownable'. So what if someone manages to trace back a single cash movement to its originating address ? That doesn't amount to 'de-anonymisation' in terms of connecting that address to a person because there is a whole chain of 'cash drawer' steps that precede even the detected address (and the one before that and....). Even if it did there are far easier ways to connect a real person to an address than wasting months of effort and computing power trying to discover which 'cash drawer' originally contained my pizza payment.

- trololol. Then let's just use Bitcoin.

This is why I've consistently argued that it's not a question of which approach does the best job of hiding a transaction, it's a question of which one enhances all monetary properties - in this particular case, fungibility & privacy - in a way that most optimally compliments all other properties of digital money. In that respect, all this 'hiding from the NSA' stuff is a complete distraction. If they want to know who you are and what you spend your money on there are far easier ways for them to do that than trawling blockchains. That's only one of hundreds of electronic footprints that people have and probably the best protected anyway, regardless of what technology it deploys.

- No you argued because you apparently have a big stake of DRK and all you want is more money, in fiat terms.

I may quote yourself:

Thats why I didn't invest in XMR. Because it's run by a couple of trainspotters who don't understand money.

I wonder who doesn't understand the word money here.

[majamina]

G2M is correct. If you're able to do two-way mapping of hash functions, then everybody is collectively screwed independent of XMR v. DRK or on-chain v. off-chain.

OK gotcha.

I wonder why people go on about the off-chain benefits....doesn't sound like any benefit at all in this case.