Peter Todd calls dash snake oil.

[generalizethis]

I can't follow where the coins came from without cryptography.  this is futile.

Then stop wasting our time and learn cryptography.

Explain to me how I can trust a cryptographic algorithm that says a coin is indeed valid and was created properly and that nothing malicious has happened, though none of that information is visible or verifiable on the blockchain.  Explain to me how I can know this.  Not in theory, but in unbreakable proofs.  Perhaps the cryptography has indeed kept the coins true, but how do I know bad information, extra coins, a super block payout can not happen?  How do I know this, I can't verify the validity of any of these coins except to accept what the cryptography says is spendable at that moment in time.

And by the way, your response is extremely rude.  If you can't converse but only attack, you should shut it.  Knowing how to do a cryptographical proof has nothing to do with knowing how to properly and usefully apply that proof in a system. (I can do the first, but am open to the fact I'm wrong about the second)  I see a hole I can't trust. I'm asking for an explanation, but none of you have given it to me, other than "hey, it's cryptography man, you can trust it baby!"  Sorry, that's not good enough for me.

First, you can get on github and verify the math--which experienced cryptographers have done. Having to verify each transaction when you can simply verify the math that regulates each transaction seems a bad (inefficient) way to go about things. If you don't understand cryptography, you should admit it and move on or learn it and add to the conversation--its like you are telling a physicist that a neutrino doesn't exist because you can't see it or understand the math. And asking them to teach you the math is a task that is probably not possible for most humans and wouldn't be fair to ask, even if you could learn it, because you are on a forum and you aren't paying them to tutor you. Christof Paar has a great intro course online if you are interested.

I also think it's rude that you mislabel people's honest labor in an effort to spin the argument away from Todd's comments, so don't throw rocks. Unless you can disprove the math behind ring signitures, you're barking up the wrong tree. This is old and proven cryptography that has yet to be broken. But besides the math there is an analysis that doesn't require any math whatsoever; if monero's coin distribution suffered from any anomalies, you would be sure to hear about it from exchanges, wallet holders, and developers in the space. This hasn't happened since its birth, so i guess math, even really cool and complex math, works as expected.

[TanteStefana2]

I can't follow where the coins came from without cryptography.  this is futile.

Then stop wasting our time and learn cryptography.

Explain to me how I can trust a cryptographic algorithm that says a coin is indeed valid and was created properly and that nothing malicious has happened, though none of that information is visible or verifiable on the blockchain.

This is incorrect. All of the information that is used by the cryptography is visible and verifiable on the blockchain. That's the whole point of it all.

a super block payout can not happen

FWIW the block payout amounts in cryptonote are visible and public. See the first transaction in every block on the chain explorer. That's not really the point though. You still need cryptography to verify that any of it is actually valid, regardless of which coin you are using.

it's cryptography man, you can trust it baby!"

You could learn math and work through the proofs yourself. Failing that you are blindly trusting the cryptography regardless of which coin you use. That's why they are called cryptocurrencies.

I can do the math, I understand that part, it is the implementation I am not understanding, or must be missing something because I see holes.  Yes, each block, a coin is created, I understand that.  But where that coin goes, how it is broken up or combined with other coins in the future (if trying to follow it forward) is hidden.  Ok, another way of saying it.  Cryptographical proofs grant authority to change things in the blockchain ledger.  Either to create the entry in the ledger by being the first to find a solution that meets the criteria, granting the right to create a block, or cryptography is used to show authority to spend coins with a key.  When a coin is created via a block reward, but it has no "name" that you can see created and morphed into another "name" (which is what I'm calling account numbers) How can you possibly know that someone hasn't found a way to insert coins that were never mined, but simply produced because they can fit into the system.  Not double spent, just brought into existence?  How can you know this can't happen when no coins have a "name"? or "family history"?

[smooth]

When a coin is created via a block reward, but it has no "name" that you can see created and morphed into another "name" (which is what I'm calling account numbers) How can you possibly know that someone hasn't found a way to insert coins that were never mined, but simply produced because they can fit into the system.  Not double spent, just brought into existence?  How can you know this can't happen when no coins have a "name"?

1. Every coin has a name. There are unique TXIDs and then each output has an index. So the name of an output worth 9 XMR is 23b3c77b13d8a3a08f96f2820aebcb395490306a89df981c604638b3fb10aa56.0 (first output of that transaction).

2. Coins can't simply be "brought into existence", and this you can definitely see right in the block explorer. Every transaction has sum(outputs) < sum(inputs), or alternately sum(outputs) = sum(inputs) - fees. There is no way to bring coins into existence this manner. The only ways coins could come into existence would be mining (also visible in every coinbase transaction) or through double spending, which you exclude, and which is ruled out by properly verifying the cryptography.

[TanteStefana2]

When a coin is created via a block reward, but it has no "name" that you can see created and morphed into another "name" (which is what I'm calling account numbers) How can you possibly know that someone hasn't found a way to insert coins that were never mined, but simply produced because they can fit into the system.  Not double spent, just brought into existence?  How can you know this can't happen when no coins have a "name"?

1. Every coin has a name. There are unique TXIDs and then each output has an index. So the name of an output worth 9 XMR is 23b3c77b13d8a3a08f96f2820aebcb395490306a89df981c604638b3fb10aa56.0 (first output of that transaction).

2. Coins can't simply be "brought into existence", and this you can definitely see right in the block explorer. Every transaction has sum(outputs) < sum(inputs), or alternately sum(outputs) = sum(inputs) - fees. There is no way to bring coins into existence this manner. The only ways coins could come into existence would be mining (also visible in every coinbase transaction) or through double spending, which you exclude, and which is ruled out by properly verifying the cryptography.

so the txid from the creation of the coin, is used for the bases of identifying the history of a coin and ability to spend it rather than an account number?  How do you do that?  Sorry, but unless I'm mistaken, the txid in BTC and DASH is not normally an identifying "name" of any sort.

See, without anything to check it against, I can see a TXID being inserted.  Maybe not that simplistically, but those numbers are simply generated from the transaction, but if you don't have the foundation for the transaction......... Ugh, I'm having trouble explaining where I see the hole....

[smooth]

When a coin is created via a block reward, but it has no "name" that you can see created and morphed into another "name" (which is what I'm calling account numbers) How can you possibly know that someone hasn't found a way to insert coins that were never mined, but simply produced because they can fit into the system.  Not double spent, just brought into existence?  How can you know this can't happen when no coins have a "name"?

1. Every coin has a name. There are unique TXIDs and then each output has an index. So the name of an output worth 9 XMR is 23b3c77b13d8a3a08f96f2820aebcb395490306a89df981c604638b3fb10aa56.0 (first output of that transaction).

2. Coins can't simply be "brought into existence", and this you can definitely see right in the block explorer. Every transaction has sum(outputs) < sum(inputs), or alternately sum(outputs) = sum(inputs) - fees. There is no way to bring coins into existence this manner. The only ways coins could come into existence would be mining (also visible in every coinbase transaction) or through double spending, which you exclude, and which is ruled out by properly verifying the cryptography.

so the txid from the creation of the coin, is used for the bases of identifying the history of a coin and ability to spend it rather than an account number?  How do you do that?  Sorry, but unless I'm mistaken, the txid in BTC and DASH is not normally an identifying "name" of any sort.

You are mistaken. In Bitcoin and presumably Dash the previous txid is exactly what is used to identify the existing output (aka "coin") being spent:

Input:
Previous tx: f5d8ee39a430901c91a5917b9f2dc19d6d1a0e9cea205b009ca73dd04470b9a6
Index: 0

[TanteStefana2]

When a coin is created via a block reward, but it has no "name" that you can see created and morphed into another "name" (which is what I'm calling account numbers) How can you possibly know that someone hasn't found a way to insert coins that were never mined, but simply produced because they can fit into the system.  Not double spent, just brought into existence?  How can you know this can't happen when no coins have a "name"?

1. Every coin has a name. There are unique TXIDs and then each output has an index. So the name of an output worth 9 XMR is 23b3c77b13d8a3a08f96f2820aebcb395490306a89df981c604638b3fb10aa56.0 (first output of that transaction).

2. Coins can't simply be "brought into existence", and this you can definitely see right in the block explorer. Every transaction has sum(outputs) < sum(inputs), or alternately sum(outputs) = sum(inputs) - fees. There is no way to bring coins into existence this manner. The only ways coins could come into existence would be mining (also visible in every coinbase transaction) or through double spending, which you exclude, and which is ruled out by properly verifying the cryptography.

so the txid from the creation of the coin, is used for the bases of identifying the history of a coin and ability to spend it rather than an account number?  How do you do that?  Sorry, but unless I'm mistaken, the txid in BTC and DASH is not normally an identifying "name" of any sort.

You are mistaken. In Bitcoin and presumably Dash the previous txid is exactly what is used to identify the existing output (aka "coin") being spent:

Input:
Previous tx: f5d8ee39a430901c91a5917b9f2dc19d6d1a0e9cea205b009ca73dd04470b9a6
Index: 0

So is the public key and the hash the same thing in cryptonote?

[smooth]

When a coin is created via a block reward, but it has no "name" that you can see created and morphed into another "name" (which is what I'm calling account numbers) How can you possibly know that someone hasn't found a way to insert coins that were never mined, but simply produced because they can fit into the system.  Not double spent, just brought into existence?  How can you know this can't happen when no coins have a "name"?

1. Every coin has a name. There are unique TXIDs and then each output has an index. So the name of an output worth 9 XMR is 23b3c77b13d8a3a08f96f2820aebcb395490306a89df981c604638b3fb10aa56.0 (first output of that transaction).

2. Coins can't simply be "brought into existence", and this you can definitely see right in the block explorer. Every transaction has sum(outputs) < sum(inputs), or alternately sum(outputs) = sum(inputs) - fees. There is no way to bring coins into existence this manner. The only ways coins could come into existence would be mining (also visible in every coinbase transaction) or through double spending, which you exclude, and which is ruled out by properly verifying the cryptography.

so the txid from the creation of the coin, is used for the bases of identifying the history of a coin and ability to spend it rather than an account number?  How do you do that?  Sorry, but unless I'm mistaken, the txid in BTC and DASH is not normally an identifying "name" of any sort.

You are mistaken. In Bitcoin and presumably Dash the previous txid is exactly what is used to identify the existing output (aka "coin") being spent:

Input:
Previous tx: f5d8ee39a430901c91a5917b9f2dc19d6d1a0e9cea205b009ca73dd04470b9a6
Index: 0

So is the public key and the hash the same thing in cryptonote?

The public key is not the same thing in Bitcoin or cryptonote, and the public key is not used to identify transactions in the Bitcoin protocol. The public key is used as an input into verification, which is also the case in Cryptonote (although in that case it is a one-time key, equivalent to a wallet now reusing addresses in Bitcoin). When block explorers display transactions indexed by public key they are using a database (of their own construction) lookup, not directly using data from the blockchain itself.


 

[TanteStefana2]

When a coin is created via a block reward, but it has no "name" that you can see created and morphed into another "name" (which is what I'm calling account numbers) How can you possibly know that someone hasn't found a way to insert coins that were never mined, but simply produced because they can fit into the system.  Not double spent, just brought into existence?  How can you know this can't happen when no coins have a "name"?

1. Every coin has a name. There are unique TXIDs and then each output has an index. So the name of an output worth 9 XMR is 23b3c77b13d8a3a08f96f2820aebcb395490306a89df981c604638b3fb10aa56.0 (first output of that transaction).

2. Coins can't simply be "brought into existence", and this you can definitely see right in the block explorer. Every transaction has sum(outputs) < sum(inputs), or alternately sum(outputs) = sum(inputs) - fees. There is no way to bring coins into existence this manner. The only ways coins could come into existence would be mining (also visible in every coinbase transaction) or through double spending, which you exclude, and which is ruled out by properly verifying the cryptography.

so the txid from the creation of the coin, is used for the bases of identifying the history of a coin and ability to spend it rather than an account number?  How do you do that?  Sorry, but unless I'm mistaken, the txid in BTC and DASH is not normally an identifying "name" of any sort.

You are mistaken. In Bitcoin and presumably Dash the previous txid is exactly what is used to identify the existing output (aka "coin") being spent:

Input:
Previous tx: f5d8ee39a430901c91a5917b9f2dc19d6d1a0e9cea205b009ca73dd04470b9a6
Index: 0

So is the public key and the hash the same thing in cryptonote?

The public key is not the same thing in Bitcoin or cryptonote, and the public key is not used to identify transactions in the Bitcoin protocol. The public key is used as an input into verification, which is also the case in Cryptonote (although in that case it is a one-time key, equivalent to a wallet now reusing addresses in Bitcoin). When block explorers display transactions indexed by public key they are using a database (of their own construction) lookup, not directly using data from the blockchain itself.
 

OK,
I'm not going to give up on understanding this, but I do need to take a break.  Thank you for your help.  I'll come to the monero thread later when I can more clearly write my questions, and have done more research.  Or maybe better yet, pm you, as I don't like being attacked. Thank you again.

[iCEBREAKER]

You're an idiot Icebreaker, don't embarrass yourself.

At least I can understand the basics of Cryptonote without needing smooth to spoon feed me mashed bananas like a helpless infant.

Here comes the plane, open wide!   MMMmmm, yummy Cryptonotes!   

[toknormal]

I think people are getting confused between the optimal properties of base money and the priorities of record keeping on behalf of the holders of such.

If I expand my little example of earlier - where a plumber agrees to do a job for you in exchange for your bike but asks you to keep it for him for a while till he picks it up, then the distinction can be illustrated. So you give him an IOU for the bike. The IOU’s get traded, then a third level emerges where a bank keeps track of all the IOU’s in a set of accounts. This all forms a monetary chain of trust as shown below.



The numbers in the bank account represent something (the ‘value’ is sourced somewhere else), so we don’t need to worry about any adverse impact of keeping the records private, even though we may refer to those account balances as “money”. We trust the IOU 3rd party to honour those numbers.

The IOU’s represent something, so we equally don’t need to worry about impacting adversly on the properties of base money by keeping them private.

The bike, however, is at the end of the chain. It is ultimately the “money” for this particular exchange by definition (because it was agreed at the beginning of the transaction). Different rules apply here because we are at the end of the chain of trust and the bike must be desirable in it’s own right - not because it represents something else. In this case, authenticity is the only criteria - privacy only features in the recording of the transaction.

If we are trying to invent a new form of monetary media (base money, not derivative money as in bank accounts), we already have 2000 years or more of precedent to guide us. The design objectives are already known - simply implement these as faithfully as possible (as Dash is doing) to have the best chance of adoption. Gold got valuable because it exhibited these monetary properties and worked as money, not because it was attractive aesthetically. Klondyke gold rushers didn't say "hey - lets get our hands on some of that, it's really private". They said, "lets get our hands on some of that, it's a publicly understood, valued and recognisable asset".

If people find that hard to understand intuitively, look at it analytically instead. Consider the impact of obfuscation on the accepted base monetary properties (we’re talking here about ‘natural’, commodity base money like precious metals, not backed by a trusted third party). For a start, obfuscation does not feature in any of the core properties - that should ring warning bells with you already. Secondly, obfuscation simply impacts adversly on almost all of them, simply by mitigating the ability to arrive at a public consensus of its veracity.

Cryptonote based currencies are well suited for recording private transactions in a higher order financial layer such as bank accounts and bookkeeping systems where the numbers in the balance represent value that is sourced (backed) elsewhere. But they are a non-starter as a definition of ‘base money’ because they are far too obfuscated.

Toknormal you have not the slightest clue how the technology works. The NSA document you linked bears no resemblance at all to how cryptonote works

The relevance is that they both specify monetary systems which use cryptographically obscured transactions and balances. In the first case (the 1996 document) it is an appropriate use of such because we are not talking about unbacked money. Having the bank in the loop supports the value and as long as the bank "honours" the numbers in my cryptographically protected balance, I don't need to worry about public consensus arriving at a definition of it being money in its own right.

Metals, Coal and even Paper cash do not have privacy "buit into them".

This is fundamentally wrong. Physical money is inherently private in that only the parties transacting have knowledge of the transaction

You're confusing the base money with the record keeping function for transactions and balances. An easy mistake to make because we live in an economic environment where the two are synonymous. Cryptocurrency, however, portends to replacing the gold / coal / oil itself as money, not the records of ownership and exchange for such.

[generalizethis]

I want to pay a hooker without my wife knowing.

Do I read a mantra on what money should be written by a pseudoeconomist and buy a coin with same the anonymity level as bitcoin?

Or do I use the coin that's agreed upon to have the best anonymity?

How will I ever decide? 

[TanteStefana2]

I want to pay a hooker without my wife knowing.

Do I read a mantra on what money should be written by a pseudoeconomist and buy a coin with same the anonymity level as bitcoin?

Or do I use the coin that's agreed upon to have the best anonymity?

How will I ever decide?  

I think for you, you should definitely be a Lemming   Follow what you're told.  It's the best policy, just ask Ross Ulbricht,

[generalizethis]

I want to pay a hooker without my wife knowing.

Do I read a mantra on what money should be written by a pseudoeconomist and buy a coin with same the anonymity level as bitcoin?

Or do I use the coin that's agreed upon to have the best anonymity?

How will I ever decide?  

I think for you, you should definitely be a Lemming  Follow what you're told.  It's the best policy, just ask Ross Ulbricht,

You're the one following the master to his node and paying him for the risk to your privacy. And you probably have spent so much time in that cult that you believe people accidentally instamine coins, but don't have the heart to fair launch. OOOPSY 

[iCEBREAKER]

I think people are getting confused between the optimal properties of base money and the priorities of record keeping on behalf of the holders of such.

If I expand my little example of earlier - where a plumber agrees to do a job for you in exchange for your bike

First, you fail to defend Dash against Peter Todd's "snake oil/fake crypto" charges.

Then you lash out at Monero, making untrue assertions which you failed to prove, becoming in the process embarrassingly lost in the intricacies of Basic Cryptonote 101.

And now, you are retreating with hands a-waving into comforting fuzzy generalities about "optimal properties of base money" while invoking ink-cloud nonsense about plumbers and bikes.

If you backpedaled any faster, your bike chain would have come off.

And if you "don't like being attacked" I suggest not attacking others.

[toknormal]

As for what Tok is trying to say here (I believe, I could be getting him wrong, hate to put words in people's mouths) is that cryptonote was designed initially to be used with a central authority that holds the "keys".

Not quite "holds the keys", more "honours the balances".

If I hold an account balance which I KNOW I can exchange for a higher order form of money (e.g. the bike in the example above or physical gold in the example of gold shares / gold backed currency) then I don't need to worry about redefining my account balance as money in its own right. A trusted 3rd party has already 'rubber stamped' it for me.

Cryptocurrency, however, has no such rubber stamping 3rd party other than the public. It therefore has a far bigger challenge to meet than supporting privacy and that is supporting value. (i.e. arriving at a public consensus that it is money, and base money at that).

As I've posited above, any obfuscation whatsoever of the base monetary media, just inhibits this evolution of a public consensus definition of base money. As an absolute base minimum you need to have all the following aspects exposed to the entire userbase of the system at all times for every address:

For any given address at random:

[1] - all the transactions that contribute to that balance (all inputs)
[2] - all the transactions that depleted that balance (spends)
[3] - the originating addresses for [1]
[4] - the destination addresses for [2]

That is a public audit for a given address balance that will support a public consensus of its integrity and veracity. No amount of math formulae or cryptographic b.s. substitutes for such transparency.

Although one person cannot go through every address in the blockchain to satisfy themselves of the global integrity of the system, the aggregation and general network effect of millions of people doing so every minute and every second of the day is an endorsement that no trusted third party, nor any cryptographically obscured blockchain could ever match.

People with "Fiat heads on" and a "Fiat mindset" see these balances as corresponding to people. They do not. They are anonymous as cash is. Just because you can see the originating address of a transaction doesn't tell you what the nature of the transaction was and whether money changed hands or just moved between two addresses controlled by the same person. It doesn't tell you if the controller was initiating a transaction on behalf of someone else, themselves or even if it was an automated transaction.

As for gleaning information from outside the blockchain, that is mitigated by maximising the fungibility of the monetary medium (which is, as I keep repeating, not the same as maximising its obscurity).

It is not the job of a monetary media to support the privacy of its holders beyond - in the case of cash - maximising fungibility (which IS one of the recognised monetary properties) . Its job is to efficiently store value and to that end a publicly defined currency needs a public blockchain that supports a public audit of the kind I just described.

[canth]

As for what Tok is trying to say here (I believe, I could be getting him wrong, hate to put words in people's mouths) is that cryptonote was designed initially to be used with a central authority that holds the "keys".

Not quite "holds the keys", more "honours the balances".

If I hold an account balance which I KNOW I can exchange for a higher order form of money (e.g. the bike in the example above or physical gold in the example of gold shares / gold backed currency) then I don't need to worry about redefining my account balance as money in its own right. A trusted 3rd party has already 'rubber stamped' it and will honour my balance.

Cryptocurrency, however, has no such rubber stamping 3rd party other than the public. It therefore has a far bigger challenge to meet than supporting privacy and that is supporting value. (i.e. arriving at a public consensus that it is money, and base money at that).

As I've posited above, any obfuscation whatsoever of the base monetary media, just inhibits this evolution of a public consensus definition of base money. As an absolute base minimum you need to have all the following aspects exposed to the entire userbase of the system at all times for every address:

For any given address at random:

[1] - all the transactions that contribute to that balance (all inputs)
[2] - all the transactions that depleted that balance (spends)
[3] - the originating addresses for [1]
[4] - the originating addresses for [2]

That is a public audit for a given address balance that will support a public consensus of its integrity and veracity. No amount of math formulae or cryptographic b.s. substitutes for such transparency.

Although one person cannot go through every address in the blockchain to satisfy themselves of the global integrity of the system, the aggregation and general network effect of millions of people doing so every minute and every second of the day is an endorsement that no trusted third party, nor any cryptographically obscured blockchain could ever match.

People with "Fiat heads on" and a "Fiat mindset" see these balances as corresponding to people. They do not. They are anonymous as cash is. Just because you can see the originating address of a transaction doesn't tell you what the nature of the transaction was and whether money changed hands or just moved between two addresses controlled by the same person. It doesn't tell you if the controller was initiating a transaction on behalf of someone else, themselves or even if it was an automated transaction.

As for gleaning information from outside the blockchain, that is mitigated by maximising the fungibility of the monetary medium (which is, as I keep repeating, not the same as maximising its obscurity).

It is not the job of a monetary media to support the privacy of its holders beyond - in the case of cash - maximising fungibility (which IS one of the recognised monetary properties) . Its job is to efficiently store value and to that end a publicly defined (as opposed to bank-defined) currency needs a public blockchain that supports a public audit of the kind I just described.

That's a lot of words. TLDR; Toknormal has an opinion that any math stronger than addition and subtraction can't be used to verify cryptocurrency based balances. What's that backed up by? Oh, nothing?

https://www.youtube.com/watch?v=pWdd6_ZxX8c

[TanteStefana2]

I want to pay a hooker without my wife knowing.

Do I read a mantra on what money should be written by a pseudoeconomist and buy a coin with same the anonymity level as bitcoin?

Or do I use the coin that's agreed upon to have the best anonymity?

How will I ever decide?  

I think for you, you should definitely be a Lemming  Follow what you're told.  It's the best policy, just ask Ross Ulbricht,

You're the one following the master to his node and paying him for the risk to your privacy. And you probably have spent so much time in that cult that you believe people accidentally instamine coins, but don't have the heart to fair launch. OOOPSY  

I completely and thoroughly understand DASH.  I understand completely how and how well it protects my privacy.  This is why I'm inclined not to trust other solutions, because I see holes in them.  Aside from that, if cryptonote were to actually prove to me that it can not be manipulated, I still wouldn't be inclined to back it because it has a major issue in blockchain size.  Dash is 50% older than Monero, yet has 25% the blockchain size.  Can the chain be trimmed and still be solid?  Can this be done with a completely hidden chain such as cryptonote's, which I already don't trust?  It's going to be hard to convince me.  But I will keep an open mind and continue to try to see my way through this

otoh is by far the biggest DASH holder.  Nobody out there touches him.  And he bought them all, so I think the dam braking in the begining, and it's subsequent sell off (because it was just another silly alt coin for all anyone knew back then) means absolutely nothing to anyone who is serious about the technology.  So it's your loss.

[toknormal]

Toknormal has an opinion that any math stronger than addition and subtraction can't be used to verify cryptocurrency based balances

An account balance IS the result of addition and subtraction - nothing else.

So yes, what the public needs to see as an audit of an account balance is addition and subtraction - nothing else.

For any given address at random:

[1] - all the transactions that contribute to that balance (all inputs)
[2] - all the transactions that depleted that balance (spends)
[3] - the originating addresses for [1]
[4] - the destination addresses for [2]

https://www.youtube.com/watch?feature=player_detailpage&v=1-mOKMq19zU#t=15

[generalizethis]

I want to pay a hooker without my wife knowing.

Do I read a mantra on what money should be written by a pseudoeconomist and buy a coin with same the anonymity level as bitcoin?

Or do I use the coin that's agreed upon to have the best anonymity?

How will I ever decide?  

I think for you, you should definitely be a Lemming  Follow what you're told.  It's the best policy, just ask Ross Ulbricht,

You're the one following the master to his node and paying him for the risk to your privacy. And you probably have spent so much time in that cult that you believe people accidentally instamine coins, but don't have the heart to fair launch. OOOPSY  

I completely and thoroughly understand DASH.  I understand completely how and how well it protects my privacy.  This is why I'm inclined not to trust other solutions, because I don't trust them.  Aside from that, if cryptonote were to actually prove to me that it can not be manipulated, I still wouldn't be inclined to back it because it has a major issue in blockchain size.  Dash is 50% older than Monero, yet has 25% the blockchain size.  Can the chain be trimmed and still be solid?  Can this be done with a completely hidden chain such as cryptonote's, which I already don't trust?  It's going to be hard to convince me.  But I will keep an open mind and continue to try to see my way through this

otoh is by far the biggest DASH holder.  Nobody out there touches him.  And he bought them all, so I think the dam braking in the begining, and it's subsequent sell off (because it was just another silly alt coin for all anyone knew back then) means absolutely nothing to anyone who is serious about the technology.  So it's your loss.

I'm not trying to convince you of anything; you're obviously a hardened loyalist who is trying to spin a Bitcoin Dev's analysis of their investment into a hand-waving distraction, "But over here..."

Masternodes are a human controlled point of failure that has never nor ever will be incorporated into a serious cryptosystem. These systems are fragile enough without excessive parts that serve no real purpose other than to funnel money into the greedy hands of early adopters.

Snake oil.

 

[smooth]

Dash is 50% older than Monero, yet has 25% the blockchain size.

If it were the case that ring signature mixing were extensively used (it will be in the future but is not and has not been the case so far), then the chain would be around 3 times bigger than a Bitcoin-like chain with similar usage. This is derived from a combination of the mix factor (bigger signatures), denominations (more signatures), and a much tighter encoding for transactions (smaller base size).

Likewise, if Darksend were extensively used, the Dash chain would also be some similar multiple of a Bitcoin-like chain with equivalent usage (due to the additional transactions created for "rounds" of Darksend).

Thus one can conclude from the numbers you cite that some combination of these are true (probably both):

1. The difference in size is largely due to higher usage of Monero

2. DarkSend is not being extensively used.

And therefore:

3. If Dash had the same usage as Monero, and Darksend were extensively used, then the chain would be much closer in size, if not larger (possibly larger because of multiple rounds of Darksend, along with the bulkier Bitcoin-style transaction encoding)

But let's not get too far off topic here. As usual the Dashers like to pay distract-and-obfuscate when it comes to any criticism of Dash, changing the subject to talk about Monero instead. Apparently regardless of how valid the criticism or how credible the source. Monero having a larger blockchain does not make Dash any less snake oil.