boolberry (OP)
|
|
December 07, 2015, 12:01:43 AM |
|
4 votes for Kf2: XMRpromotions, ArticMine, 8XMR, LucyLovesCrypto
Current positionBased on the votes in this thread Team Monero has chosen to play Kf2. Now it is time for Team Boolberry to respond. I will plan to count votes again tomorrow at approximately 0:00 UTC. Team Monero (white pieces) vs. Team Boolberry (black pieces)black to move Game PGN: 1.e4 c5 2.Nf3 d6 3.d4 cxd4 4.Qxd4 a6 5.c4 Nc6 6.Qe3 g6 7.Nc3 Bg7 8.Be2 Nf6 9.O-O O-O 10.h3 Nd7 11.b3 Nc5 12.Bb2 f5 13.exf5 Bxf5 14.Rad1 Qa5 15.Rd2 Rf6 16.Nd5 Re6 17.Qf4 Ne4 18.Bxg7 Kxg7 19.Rb2 Nc3 20.Nd4 Re5 21.Bf3 Nxd5 22.Bxd5 Qc3 23.Nxf5+ Rxf5 24.Qd2 Qxd2 25.Rxd2 Rb8 26.a3 e5 27.Be6 Rf6 28.Bd5 Nd4 29.b4 b6 30.Rb2 g5 31.a4 Rff8 32.Rfb1 Rfc8 33.f3 Kf6 34.g3 Rc7 35.Rf1 Nf5 36.Kf2
|
|
|
|
boolberry (OP)
|
|
December 07, 2015, 12:19:41 AM |
|
Ne7: boolbery
|
|
|
|
newb4now
|
|
December 07, 2015, 02:48:19 AM |
|
Ne7: boolbery
1 vote Ne7: boolberry 1 vote h5: newb4now
|
|
|
|
newb4now
|
|
December 07, 2015, 02:54:05 AM |
|
Informative post on RingCT: Ring Confidential Transactions as defined and outlined in Shen Noether's RingCT pdfs My Goal of this thread is to simplify RingCT and its definition as much as possible so others can understand it (including myself)Disclaimer: I am just a curious mind. I do not pretend to know anything about RingCT and its underlying math/proofs/defintions. I am merely a curious soul trying to understand how this all works. I welcome any and all discussion directly related to the topic of this thread. IF I HAVE WRITTEN SOMETHING WRONG OR INCORRECTLY PLEASE POST OR PM ME ABOUT IT SO I CAN CORRECT IT.Latest version: https://github.com/ShenNoether/MiniNero/raw/master/RingCT0.5_copy.pdfThis paper is very math heavy and some variables are defined and some aren't. Hopefully after discussion there can be more clarity on the math that is used within. Preface/Purpose: Currently in Monero amounts that are transferred are public to view. Ring CT is an attempt to obfuscate the amount of a transaction (and all of its inputs and outputs) to add more transactional privacy. Definitions: MLSAG - Multilayered Linkable Spontaneous ad-hoc group signatures
E - an elliptic curve equation; −x2 + y2 = 1 + dx2y2;
q: a prime number; q = 2255 − 19
d = -121665/121666
Pj = xG = Public Key
G = Ed25519 base point
l: a prime order of the base point; l = 2252 + 27742317777372353535851937790883648493 =~ 7.25 x 1075
x = signer's spend key
I = xH(Pj) = Key Image (unique - no copies/duplicates allowed)
H = hash function returning a point (in practice toPoint(Keccak(Pk)))
h = hash function toScalar(Keccak(Pk)) <---- can take multiple parameters concatenated
m = message
α, si, i =/= j, i ∈ {1,...,n} are random values in Zq (the ed25519 base field) sj = α − cj·x mod l α = sj +cj·x mod l
Lj = αG = sj·G + cj·Pj <---- Intermediate value if i = s
Rj =αH(Pj) <---- <---- Intermediate value if i = s
cj+1 = h(m,Lj,Rj) or A.K.A. "non-interactive challenge"
σ = (I,c1,s1,...,sn) = Signature
Key Vector = the collection of all public keys Y = (y1,...,yr) and corresponding private keys X = (x1, ..., xr)
Generalized Ring = [Pij] where i = 1,...,n and j = 1,...,m = n-members and all of which have EXACTLY m-keys
<Other heading not sure what to call it lol>1. What I've deduced from reading up until page 6 is that the idea of obfuscating amounts will be accomplished with "mixing" with n signers that have the same amount of m keys. 2. Also noticed that the equations are recursive mod n. If you don't know what that means that means that for example define the following: Lj = sj·G + cj·Pj
cj+1 =H(m,Lj,Rj)Since L j is part of the definition of c j+1 and c j is part of the definition of L j that is the definition of recursion. A function/equation calling itself within its definition. The mod portion is the remainder of a division (example: 5 mod 3 = 2). In the context of this paper c n+1 = c 1 AND c n+2 = c 2...and so forth, because (n+1) mod n = 1 and (n+2) mod n = 2 sj = α − cj·x mod l α = sj +cj·x mod l3. With a single c i value, the P j values, I (key image), and all the s j values... ... all other c k values can be deduced while k =/= i. This provides space saving of about 1/2 the space/size when creating the signature. <------ is this part of Compact CT?The signature therefore is: σ = (I,c1,s1,...,sn)<more to come> Elliptic-curve overview: Example #1 with d = 30: x2 + y2 = 1 - 30x2y2Center of the curve is point (0,0) for reference. Example #2 using the actual curve E as defined above: <-------- Actual Ed25519 curve used in Monero/cryptonoteAs you can see above in the blue is the curve of the equation in the image above it. Here is the site where the graph was generated https://www.desmos.com/calculator/ialhd71we3Just paste the following into a new Elliptic curve line on the left: -x^2\ +y^2\ =\ 1\ +\left(\frac{\left(-121665\right)}{121666}\right)x^2\cdot y^2 Question: Why do you only show the graph from -7.25x1075 to 7.25x1075 on the x-axis?Answer: Because l as it is defined 2 252 + 27742317777372353535851937790883648493 =~ 7.25 x 10 75Because we mod the base point G by l in our computations this why the graph essentially "ends" at those points. Example #3Now if you play with some of the values on that site you can get a different modified curve that doesn't just look like two parallel lines just to get a gist of how elliptic curves look like when you slightly modify the values: Example #3 And modifying it one more time you get: Helpful resources:ECCHacks - A gentle introduction to elliptic-curve cryptography [31c3]Online Elliptic Curve Points Graph GeneratorWill be editing OP to add more information as I am able to digest it in my limited capacity brain.
|
|
|
|
Rias
|
|
December 07, 2015, 10:59:29 AM |
|
The real world doesn't work that way. Business collaborate one day and compete the next (or even the very same day). Even when collaborating they don't want to share all information, and certainly not with every member of a group. To control access to information once access to the blockchain has been granted at all, privacy features are needed.
...
There are multiple choices for what level of privacy and sharability a permissioned blockchain may have in an actual company. Not in technology terms, but in business process rationale. Certain blockchains may not be accessible by a competing/cooperating company at all, just like you are not giving away the direct access to your database/CRM. The time will show the corporate blockchain use cases, but I do see your point though. I believe I have to refine what I've been saying. Permissioned blockchains will need the privacy features to define the level of data access for the participants. However, this doesn't have much to do with the zero-trust privacy. This may have more to do with centralized privacy and centrally assigned roles. Honestly, I haven't given much thought to the potential architecture of such a solution. It may well not be existing, or it might have a semi-centralized form (masternodes, anyone?). However, intuitively I'd say that ringsig is a clumsy option in this case. There's a brighter side to my original post if you wish: focus on the bigger commercializable issues. ... Hide Data, Not IP
...
So the government can still identify who is making those transactions and compel you to reveal your private keys or face the gulag, but in the normal use of the public block chain privacy is retained (to the extent it doesn't leak into non-hidden layers but that is the current world situation any way, so no worse).
...
Mix Data, Not Identity
I believe I'd agree with you on the theory. However, I'm still not sure how it may take off in the real world. IMO the discourse is utopian. I'll need some time to think it over. So, are you out of Bytecoin now (i.e. own none), Rias? Just curious. Cheers, Q
I own some BCN. Partly, because I still believe it to have potential (waiting for the roadmap to be executed).
|
|
|
|
dre1982
Sr. Member
Offline
Activity: 770
Merit: 284
★Bitvest.io★ Play Plinko or Invest!
|
|
December 07, 2015, 11:09:27 AM |
|
2 votes Ne7: boolberry, dre1982 1 vote h5: newb4now
|
|
|
|
galdur
|
|
December 07, 2015, 11:12:32 AM |
|
2 votes Ne7: boolberry, dre1982 2 votes h5: newb4now, galdur
|
|
|
|
funnyman21
Member
Offline
Activity: 109
Merit: 10
|
|
December 07, 2015, 11:34:06 AM |
|
Is this something to be worried about? Does it potentially impact other CryptoNote coins or just Boolberry?
|
|
|
|
funnyman21
Member
Offline
Activity: 109
Merit: 10
|
|
December 07, 2015, 11:42:01 AM |
|
2 votes Ne7: boolberry, dre1982 2 votes h5: newb4now, galdur
2 votes Ne7: boolberry, dre1982 3 votes h5: newb4now, galdur, funnyman21
|
|
|
|
TPTB_need_war
|
|
December 07, 2015, 12:15:12 PM Last edit: December 07, 2015, 12:33:26 PM by TPTB_need_war |
|
P.S. my thanks to languagehasmeaning for sharing some insights into how he processes the information in chess. That may help me in the future. I've filed it away in my repository (reservoir) of datums/models that I draw off for epiphanies and insights. I'll give it some more thought when I have the down time and/or inspiration. The real world doesn't work that way. Business collaborate one day and compete the next (or even the very same day). Even when collaborating they don't want to share all information, and certainly not with every member of a group. To control access to information once access to the blockchain has been granted at all, privacy features are needed.
...
There are multiple choices for what level of privacy and sharability a permissioned blockchain may have in an actual company. Not in technology terms, but in business process rationale. Certain blockchains may not be accessible by a competing/cooperating company at all, just like you are not giving away the direct access to your database/CRM. The time will show the corporate blockchain use cases, but I do see your point though. I believe I have to refine what I've been saying. Permissioned blockchains will need the privacy features to define the level of data access for the participants. However, this doesn't have much to do with the zero-trust privacy. This may have more to do with centralized privacy and centrally assigned roles. Honestly, I haven't given much thought to the potential architecture of such a solution. It may well not be existing, or it might have a semi-centralized form (masternodes, anyone?). However, intuitively I'd say that ringsig is a clumsy option in this case. There's a brighter side to my original post if you wish: focus on the bigger commercializable issues. Smooth's post (included what is not quoted above) was astute and resonated with my point that private block chains are like closed source. The end-to-end principle applies again in spades. We all want to leverage the same infrastructure (e.g. TCP/IP) and independently run a myriad of applications on the ends, which is enabled because the intermediary infrastructure is agnostic to our applications. I mentioned this concept in my recent white paper on DDoS and footnote [8] in that paper. In short, there are virtually unlimited (much more than "multiple choices") degrees-of-freedom when the base infrastructure is agnostic to the use built on top of it. This is why I believe privacy that can be done by the end applications will trump permissioned block chains. Sorry to James Dimon, IBM, and Blythe Masters. I will relish the day that James Dimon realizes that his money is a depreciating asset in our Knowledge Age. However the network layers of the internet are not responsible for maintaining a global unified consistency, but a block chain does. Thus the network layers of the internet have no problem trading off consistency and access of the CAP theorm, in exchange for not losing functionality (that is promised by the network transport layer) during partitioning. Whereas, during partitioning a block chain loses the promised functionality of preventing double-spends globally. But in reality the internet doesn't function well when partitioned. This why for example popular services (e.g. Google, Facebook) have server nodes all over the globe (which is very evident to me when our trunk line from Philippines is down yet I can still access Facebook and Google and the local inquirer.net but not most other sites). I think it is likely the world will build the same redundancy for block chains. For example one of the designs I've toyed with is that using efficient hash tables we can communicate between partitions the double-spend conflicts without needing to transfer the entire block chain between partitions. ... Hide Data, Not IP
...
So the government can still identify who is making those transactions and compel you to reveal your private keys or face the gulag, but in the normal use of the public block chain privacy is retained (to the extent it doesn't leak into non-hidden layers but that is the current world situation any way, so no worse).
...
Mix Data, Not Identity
I believe I'd agree with you on the theory. However, I'm still not sure how it may take off in the real world. IMO the discourse is utopian. I'll need some time to think it over. The reason identity anonymity can't be done end-to-end principle (Zerocash almost does it, but as I pointed out there is a DDoS weakness incurred), is because our IP address is an identity that we can't easily detach from ourselves. For all other forms of data privacy, the IP address problem is irrelevant. With homomorphic encryption, we already know how to hide any state changes that rely on addition and multiplication, e.g. Confidential Values hiding the state change of value transfer because the Proof-of-Sum can be proven in Zero Knowledge. Zerocash is built on the SNARKs technology which in its Pinocchio variant can hide the state changes of any program!!! For smart contract data, there need not be a global master key. Each contract type could have a different master setup, but the tradeoff might be that perhaps we couldn't mix data types. I will need to spend more time studying these technologies. So in theory, there is no data we can't hide. It is the meta-data that we can't hide, but that is the same problem corporations face today even with private data stores, so a public block chain with end-to-end data privacy doesn't make it any worse and it enables much greater degrees-of-freedom as compared to permissioned access chains. I think the Zerocash and Pinocchio folks need to get busy being able to adapt their technologies to this frontier. If I get my coin rolling, perhaps I'll be trying to fund them and coax them this direction. Hopefully others will pick up on this idea also. Perhaps some are already working on this direction.
|
|
|
|
TPTB_need_war
|
|
December 07, 2015, 12:57:07 PM Last edit: December 07, 2015, 01:09:03 PM by TPTB_need_war |
|
Is this something to be worried about? Does it potentially impact other CryptoNote coins or just Boolberry? All they are saying there is that if you want to prune the signature data, you need to still keep a hash of the signature data in the chain of hashes (of Merkle trees) for the blocks. In other words, you need to still be able to prove which signature signed which transaction, even if you've actually discarded the signature data. I believe BBR already does the correct thing. And afaik, Monero does not discard signature data, but I could be wrong about that. If they do, I assume they would do the right thing as well. Any way, I as I read into the proposals more, I realized they are adopting some of the ideas I've had privately, but bolting these onto Bitcoin's legacy limits their flexibility in terms of optimum choices and especially speed to market. Bitcoin is looking more and more like design Rigor Mortis (they even need to abandon ECDSA to totally rectify malleability) and needs to be scrapped and start over again. Wuille wrote this technical summary in way that can only really be understood by other core devs or experts who have their head deep in these issues. He sounds rushed.
|
|
|
|
tifozi
|
|
December 07, 2015, 02:30:23 PM |
|
2 votes Ne7: boolberry, dre1982 2 votes h5: newb4now, galdur
2 votes Ne7: boolberry, dre1982 3 votes h5: newb4now, galdur, funnyman21 3rd vote for Ne7 Ne7: boolberry, dre1982, tifozi h5: newb4now, galdur, funnyman21 I just saw the thread Lets play a game of Chess. It's fascinating to see @letsplayagame (who I suspect is GM Aronian) interested in crypto (BTC and allegedly aware of privacy focused technologies). Let's pitch an idea of BTC vs CryptoNote chess match to him
|
|
|
|
TPTB_need_war
|
|
December 07, 2015, 02:34:30 PM Last edit: December 07, 2015, 03:34:32 PM by TPTB_need_war |
|
A ha! End-to-end identity anonymity is possible! The reason identity anonymity can't be done end-to-end principle (Zerocash almost does it, but as I pointed out there is a DDoS weakness incurred), is because our IP address is an identity that we can't easily detach from ourselves. For all other forms of data privacy, the IP address problem is irrelevant. So it would seem that Zerocash is the solution, except read my discussion at the quoted link about anti-DDoS protection. The problem is the huge verification cost for each Zerocash transaction and thus giving the attacker a huge asymmetric advantage when sending invalid transactions, i.e. unprotected Zerocash can be DDoS'ed to death.
And if using my suggested technique to create a hash-based signature as a first line of verification of incoming transactions sent to the block chain, then you've got to incorporate a simultaneity mixnet such as CoinShuffle to detach these hash signatures (and the payee's IP address) from the Zerocash transaction being submitted to the block chain. But then your anonymity is reduced back to the mixnet again so you've lost the benefits Zerocash provides. Perhaps Zerocash could devise a quick check on invalid signatures. I don't enough about the "moon math" in the white paper to deduce whether that is possible, but I 95% doubt it based on my understanding that such NIZKPs are a holistic math affair.
There is a simple solution for DDoS with Zerocash. Use my hash-based signature suggestion on a non-anonymous basecoin, when sending the anonymous zerocash (the Zerocash paper names these zerocoins, not to be confused with Zerocoin) transaction. Since on a spend transaction (aka pour) the anonymous coins are entirely mixed with all anonymous coins, then your IP address and your non-anonymous transactions do nothing to help anyone trace the anonymous coins. And putting the non-anonymous funds at-risk with the fast to verify hash-based signature (3 million verifications per second on an 8 core CPU!), solves the DDoS attack issue. Alternatively it may be possible to mint the hash signatures in such a way that the anonymous coins are forfeited when doing a DDoS attack, but are still not non-anonymously linked to the hash based public key, instead of needing to use a separate non-anonymous basecoin. This would be preferred for permissionless commerce. So thus unlike RingCT, no CoinShuffle (mixnet) would be needed. Unlike Cryptonote (and RingCT), Zerocash hides everything because the inputs to the NIZKP are never revealed! This is the advantage zk-SNARKs because it proves that a program compared the inputs in the desired way, without revealing what the inputs were. Whereas in CN and RingCT, we all see the input public key addresses and the proof of which public address is spending is obscured by the mix, but correlating the IP address across mixes can correlate which of those addresses were in both mixes. For CN and RingCT to be as anonymous as Zerocash would require they mix with all known (and future!) public key addresses. Note that zk-SNARKs are very slow to verify (roughly 300ms for a Zerocash transaction) and consume more bandwidth so this can't be used for all transactions. It would be a mixer that you mint non-anonymous coins into when the slow verification and its higher fees are justified. Even though I haven't thoroughly understood every technical aspect of it, the other problem with Zerocash appears to be that it can't merge the entirely opaque block chains, e.g. if there are two major chains fork due to a network split. Transparent block chains can be re-merged to the extent that double-spends are not intertwined. The major fault for Zerocash (that is not present for transparent block chains) being that I believe it is not possible to prove which coins were double-spent on both of the block chains. Normally this isn't a problem for an orphaned chain because you just throw away the orphans, but this is perhaps a problem in a major network split.
Apparently I am mistaken. Zerocash coins have serial numbers, so it should be possible to know which serial numbers have been double spent on both forks.
|
|
|
|
boolberry (OP)
|
|
December 08, 2015, 12:12:03 AM |
|
3rd vote for Ne7
Ne7: boolberry, dre1982, tifozi h5: newb4now, galdur, funnyman21
We need a tie breaking mechanism. For example one can look at the result before the vote that led to the tie and use that instead.
Current positionBased on the votes in this thread Team Boolberry has chosen to play h5 (by tiebreak rule). Now it is time for Team Monero to respond. I will plan to count votes again tomorrow at approximately 0:00 UTC. Team Monero (white pieces) vs. Team Boolberry (black pieces)white to move Game PGN: 1.e4 c5 2.Nf3 d6 3.d4 cxd4 4.Qxd4 a6 5.c4 Nc6 6.Qe3 g6 7.Nc3 Bg7 8.Be2 Nf6 9.O-O O-O 10.h3 Nd7 11.b3 Nc5 12.Bb2 f5 13.exf5 Bxf5 14.Rad1 Qa5 15.Rd2 Rf6 16.Nd5 Re6 17.Qf4 Ne4 18.Bxg7 Kxg7 19.Rb2 Nc3 20.Nd4 Re5 21.Bf3 Nxd5 22.Bxd5 Qc3 23.Nxf5+ Rxf5 24.Qd2 Qxd2 25.Rxd2 Rb8 26.a3 e5 27.Be6 Rf6 28.Bd5 Nd4 29.b4 b6 30.Rb2 g5 31.a4 Rff8 32.Rfb1 Rfc8 33.f3 Kf6 34.g3 Rc7 35.Rf1 Nf5 36.Kf2 h5
|
|
|
|
boolberry (OP)
|
|
December 08, 2015, 12:44:51 AM |
|
I just saw the thread Lets play a game of Chess. It's fascinating to see @letsplayagame (who I suspect is GM Aronian) interested in crypto (BTC and allegedly aware of privacy focused technologies). Let's pitch an idea of BTC vs CryptoNote chess match to him If you are right he is currently busy with the London Chess Classic: http://www.londonchessclassic.com/His fiancée (Chess WIM) has a background that also may make her interested in bitcoin: https://en.wikipedia.org/wiki/Arianne_Caoili"I’m currently a consultant, mainly with government clients, for a global consultancy firm. My aim is to finish my PhD, but because my work is interesting and great for my career, it is delayed. My doctoral topic is Russian foreign policy, especially its economic and business relations with Armenia on a state and individual level. I am very interested with issues of Armenian economic development." http://sport.news.am/eng/news/9869/i-am-not-so-stupid-to-play-against-levon-aronian---arianne-caoili.htmlQuote about Lev Aronian: I am sure you know a lot of things about Levon. Can you tell for example about traits of character? "I think that the most prominent characteristic of Lev (and probably me too) is that he loves to learn. If he is passionate about something he wants to investigate and know everything about it. He also likes learning new things, even if it is a challenge or outside of his comfort zone (like dancing, for example!)."
|
|
|
|
boolberry (OP)
|
|
December 08, 2015, 01:10:04 AM |
|
Is this something to be worried about? Does it potentially impact other CryptoNote coins or just Boolberry? All they are saying there is that if you want to prune the signature data, you need to still keep a hash of the signature data in the chain of hashes (of Merkle trees) for the blocks. In other words, you need to still be able to prove which signature signed which transaction, even if you've actually discarded the signature data. I believe BBR already does the correct thing. And afaik, Monero does not discard signature data, but I could be wrong about that. If they do, I assume they would do the right thing as well. Any way, I as I read into the proposals more, I realized they are adopting some of the ideas I've had privately, but bolting these onto Bitcoin's legacy limits their flexibility in terms of optimum choices and especially speed to market. Bitcoin is looking more and more like design Rigor Mortis (they even need to abandon ECDSA to totally rectify malleability) and needs to be scrapped and start over again. Wuille wrote this technical summary in way that can only really be understood by other core devs or experts who have their head deep in these issues. He sounds rushed. http://boolberry.com/downloads.htmlBlockchain proof Full blockchain for windows(with all ring signatures): http://boolberry.com/downloads/windows/blockchain_full.bin
|
|
|
|
TPTB_need_war
|
|
December 08, 2015, 01:12:51 AM |
|
I was in Manila (at age 27) when she first took up chess there at age 6. That her heritage originates from a developing world economy such as the Philippines and that she emphasizes Levon's trait to see the good in others seems to indicate an idealistic leaning. I am also amazed that a GM would share his time with us and even share some of his inner thought processes with us relative n00bs. Also I noticed his friendly demeanor both in his communications here (if Levon is languagehasmeaning) and also the handshake he did with Magnus Carlsen in a Youtube that I viewed. Up thread he stated there were still some tricks remaining in this game. And he had advocated moving the rook over to the right side, but the consensus moved the knight instead. I wonder what he foresaw as a possibility? I was observing on that Youtube speed chess match with Carlsen, that Magnus sacrificed a pawn to get move more aggressively with his King and bishop to get behind the front line of pawns of Levon. I wonder if Carlsen could see that a draw was likely and decided to be more creative in hopes of win? I notice that my urge when I dabble in chess if I want to be more aggressive and creative than conservative (but I am not good enough at chess to do it with appropriate consideration). I read that Carlsen doesn't follow any one set of opening strategies and is very creative. Any way, I don't really understand all this. I haven't studied. A lot to think about and I don't have the free time.
|
|
|
|
boolberry (OP)
|
|
December 08, 2015, 01:48:13 AM Last edit: December 08, 2015, 02:14:25 AM by boolberry |
|
I was in Manila (at age 27) when she first took up chess there at age 6. That her heritage originates from a developing world economy such as the Philippines and that she emphasizes Levon's trait to see the good in others seems to indicate an idealistic leaning. I am also amazed that a GM would share his time with us and even share some of his inner thought processes with us relative n00bs. Also I noticed his friendly demeanor both in his communications here (if Levon is languagehasmeaning) and also the handshake he did with Magnus Carlsen in a Youtube that I viewed. Up thread he stated there were still some tricks remaining in this game. And he had advocated moving the rook over to the right side, but the consensus moved the knight instead. I wonder what he foresaw as a possibility? I was observing on that Youtube speed chess match with Carlsen, that Magnus sacrificed a pawn to get move more aggressively with his King and bishop to get behind the front line of pawns of Levon. I wonder if Carlsen could see that a draw was likely and decided to be more creative in hopes of win? I notice that my urge when I dabble in chess if I want to be more aggressive and creative than conservative (but I am not good enough at chess to do it with appropriate consideration). I read that Carlsen doesn't follow any one set of opening strategies and is very creative. Any way, I don't really understand all this. I haven't studied. A lot to think about and I don't have the free time. Tifozi was guessing that letsplayagame ( https://bitcointalk.org/index.php?action=profile;u=543579) might be Aronian not languagehasmeaning. Languagehasmeaning appears to be a good player but nowhere near the caliber of the people discussed as possibly being the OP of that thread. I have never once seen languagehasmeaning claim to be a professional chess player. I just saw the thread Lets play a game of Chess. It's fascinating to see @letsplayagame (who I suspect is GM Aronian) interested in crypto (BTC and allegedly aware of privacy focused technologies). Previous list of possible identities that Taras compiled: https://bitcointalk.org/index.php?topic=1148538.msg12469393#msg12469393I did the queries , here are the candidates: 2816 Veselin Topalov 2814 Hikaru Nakamura 2808 Fabiano Caruana 2793 Anish Giri 2784 Dmitry Jakovenko 2782 Liren Ding 2777 Vladimir Kramnik 2773 Wesley So 2771 Alexander Grischuk 2765 Levon Aronian 2762 Sergey Karjakin 2758 Evgeny Tomashevsky 2744 Maxime Vachier-Lagrave 2742 Michael Adams 2741 Radoslaw Wojtaszek 2738 Teimour Radjabov 2737 Pendyala Harikrishna 2736 Shakhrivar Mamedyarov* 2734 Yi Wei 2732 Leinier Dominguez Perez 2728 David Navara 2727 Peter Svidler 2726 Vassily Ivanchuk 2725 Nikita Vitiugov 2721 Yangyi Yu 2720 Dmitry Andreikin 2717 Pavel Eljanov 2712 Hao Wang 2707 Peter Leko 2705 Ian Nepomniachtchi 2700 Anton Korobov* Maimdiarove's name is butchered horribly all the time and the correct spelling is unknown https://bitcointalk.org/index.php?topic=1148538.msg12469393#msg12469393
|
|
|
|
smooth
Legendary
Offline
Activity: 2968
Merit: 1198
|
|
December 08, 2015, 02:26:59 AM |
|
Is this something to be worried about? Does it potentially impact other CryptoNote coins or just Boolberry? All they are saying there is that if you want to prune the signature data, you need to still keep a hash of the signature data in the chain of hashes (of Merkle trees) for the blocks. In other words, you need to still be able to prove which signature signed which transaction, even if you've actually discarded the signature data. I believe BBR already does the correct thing. And afaik, Monero does not discard signature data, but I could be wrong about that. If they do, I assume they would do the right thing as well. BBR does not include a hash of the signature data in the blockchain. I'm not sure what exactly are the alleged vulnerabilities either, but I've always been uncomfortable with it, as I said way back in the 2014 BCX free-for-all thread. Monero does not have any kind of segregated witness so no issue there.
|
|
|
|
galdur
|
|
December 08, 2015, 03:16:59 AM |
|
Good game by Nakamura today. Anand sacrificed a pawn and got pretty good play but suddenly his queen was under lock and key for 10 moves which gave Nakamura time to consolidate and emerge with an easy win.
|
|
|
|
|