[neㄘcash, ᨇcash, net⚷eys, or viᖚes?] Name AnonyMint's vapor coin?

[TPTB_need_war]

The official definition of spyware is any software that exposes your data out on the wire. It doesn't have to actually be intended to do that. Just opening the security hole is sufficient to meet the definition.

It's your table / your labels / your definitions so I don't mind really. I just needed some clarification because it was stated as fact that dash is ...spyware.

I already updated the table to link to our discussion and added "potentially improving". So hopefully it is clear to readers that the characterization is contested to some degree.

I somewhat agree with you that "spyware" is a bit harsh and doesn't imply that the mixing might work in some scenarios, except in another sense I think it is unfair if I don't draw attention to the fact that it can be the opposite of anonymity and actually increase the odds of intercepting user data in clear text in certain attack scenarios. For example, it provides prefiltered list of those who are attempting to be anonymous— which is one example of why multiple rounds won't help in some scenarios of "privacy".

[TPTB_need_war]

There was discussion in this thread relevant to legal issues of IPO or mining distribution and also w.r.t. to harvesting developer funding from mining. I have moved that discussion to a pre-existing thread on such legal topics.

I have deleted the posts from my thread because they now are quoted in the other thread. No posts have been lost. Let's continue the legal discussion at the other thread.

[TPTB_need_war]

2) Monero does support mass TXs and has a market based solution in place to allow the main chain blocksize to grow to accommodate them.

Are you referring to block chain compression or some variant of pruning?

Afaik, Monero can't handle very high TX/sec for the reasons which are same propagation versus orphan rates issues that plague Bitcoin if the block size is increased too much.

4) Lumping "IPO or mineable by speculators" into one makes no sense from a US or global regulatory point of view.

My point was the two have the same target market demographics of speculators.

I will link from that point in the comparison table to this post so readers can find your elaboration, and the extended discussion.

I do not know what issuance model is being proposed by the OP.

Giving away coins for free, thus not a MSB. Not a centralized virtual currency, because the protocol is decentralized PoW (with a twist). Also not an unregistered investment security, because not being sold to nor significantly obtained by investors.

Note it has been brought to my attention that most of the Auroracoins were dumped to speculators. Obviously I don't plan to repeat the mistakes in their marketing. Remember marketing is very nuanced. You have to get the details right. Just one detail can totally change the outcome.

[toknormal]

You simply can't get anonymity without cryptography.

I think you're mixing up anonymity, privacy, fungibility and encryption.

Four very different things which have potentially nothing to do with each other and which are optimally deployed in very different use cases.

Anonymity basically alludes to anything that doesn't have a name attached to it. Where the medium is perfectly visible but where any association with individuals has to be gleaned from outside of that medium. For example, if I receive an anonymous message from some woman telling me that she loves me then the message is perfectly visible, it just doesn't have her name on it. I have to start doing research outside of the realm of valentine cards to find out who sent it. I can show the card to all and sundry and it's still anonymous.

Privacy, on the other hand alludes to a restricted audience. For example if someone goes to the crapper and locks the door, they'll be the only individual partaking of the experience. If you make a bank transaction, only you and the bank staff will be privy to it. In neither of these cases, though are you "anonymous".

Encryption is one method of enforcing a restricted audience - i.e. privacy. It does not, however, make you anonymous.

Fungibility is a property of a (monetary) medium which makes 1 unit of that medium indistinguishable from another unit. Fungibility does not necessarily enforce privacy because it doesn't "hide" anything. But it does mitigate the propensity to discover the historical movements of a unit of that medium. Fungibility therefore DOES boost anonymity in a way that encryption doesn't.

If my anonymous admirer sent me a totally fungible valentines card that was printed with nothing but I LOVE YOU on white card, and all other valentines cards in the world were exactly the same, I'd have a damn site harder time tracing her than if it was handwritten fluorescent pen that was only available in one shop in my local town. Either way, no recourse to encryption is needed. Nor is it with regular cash, precious metals or any other monetary media that have been floating around for centuries, serving as the reference standard for monetary anonymity.

[TPTB_need_war]

You simply can't get anonymity without cryptography.

I think your mixing anonymity, privacy, fungibility and encryption.

No but you are conflating them...

Four very different things which have potentially nothing to do with each other and which are optimally deployed in very different use cases.

Anonymity basically alludes to anything that doesn't have a name attached to it.

Correct. Well summarized.

Where the medium is perfectly visible but where any association with individuals has to be gleaned from outside of that medium. For example, if I receive an anonymous message from some woman telling me that she loves me then the message is perfectly visible, it just doesn't have her name on it. I have to start doing research outside of the realm of valentine cards to find out who sent it. I can show the card to all and sundry and it's still anonymous.

Conflation. It may very well be that to protect her anonymity it is also necessary to encrypt the message for one reason or another, e.g. writing style correlation or other meta-data correlation. Anonymity always requires at least some privacy, e.g. her name was also elided or encrypted, else she'd not be anonymous.

Privacy, on the other hand alludes to a restricted audience. For example if someone goes to the crapper and locks the door, they'll be the only individual partaking of the experience. If you make a bank transaction, only you and the bank staff will be privy to it.

Correct. Well summarized.

In neither of these cases, though are you "anonymous".

Slight implied conflation. Privacy doesn't require being non-anonymous to those who you don't grant access to your data. But you are correct that privacy is orthogonal to anonymity. A good example is encrypted email could be private but from the IP address and meta-data, it isn't very anonymous.

Encryption is one method of enforcing a restricted audience - i.e. privacy. It does not, however, make you anonymous.

Encryption can indeed make you anonymous, but it doesn't have to. What do you think Cryptonote is? It is encrypting the UTXO payer (but not the IP address or other meta-data correlations).

Fungibility is a property of a (monetary) medium which makes 1 unit of that medium indistinguishable from another unit. Fungibility does not necessarily enforce privacy because it doesn't "hide" anything. But it does mitigate the propensity to discover the historical movements of a unit of that medium. Fungibility therefore DOES boost anonymity in a way that encryption doesn't.

If my anonymous admirer sent me a totally fungible valentines card that was printed with nothing but I LOVE YOU on white card, and all other valentines cards in the world were exactly the same, I'd have a damn site harder time tracing her than if it was handwritten fluorescent pen that was only available in one shop in my local town. Either way, no recourse to encryption is needed. Nor is it with regular cash, precious metals or any other monetary media that have been floating around for centuries, serving as the reference standard for monetary anonymity.

Seems you are conflating fungibility with the state of being elided. Fungibility has to do with being substitutable. If elided information is what makes fungibility, then vacuous would be the ultimate fungibility which makes no sense because fungible items have to existential.

Hey i am getting sleepy. Too many hours of discussions again. I really need to stop this. But even sleepy, you are not going to get away with lapses in logic in spite of being very articulate. You are smart, but I am not stupid.

[ArticMine]

2) Monero does support mass TXs and has a market based solution in place to allow the main chain blocksize to grow to accommodate them.

Are you referring to block chain compression or some variant of pruning?

Afaik, Monero can't handle very high TX/sec for the reasons which are same propagation versus orphan rates issues that plague Bitcoin if the block size is increased too much.

4) Lumping "IPO or mineable by speculators" into one makes no sense from a US or global regulatory point of view.

My point was the two have the same target market demographics of speculators.

I will link from that point in the comparison table to this post so readers can find your elaboration, and the extended discussion.

I do not know what issuance model is being proposed by the OP.

Giving away coins for free, thus not a MSB. Not a centralized virtual currency, because the protocol is decentralized PoW (with a twist). Also not an unregistered investment security, because not being sold to nor significantly obtained by investors.

Note it has been brought to my attention that most of the Auroracoins were dumped to speculators. Obviously I don't plan to repeat the mistakes in their marketing. Remember marketing is very nuanced. You have to get the details right. Just one detail can totally change the outcome.

No I am referring to adaptive blocksize limits and a tail emission that allow for Monero to scale with technological change. This scaling is driven by a proper fee market that allows for the blocksize to grow provided that the proper price is paid. It is a close to unique and critical feature of Monero that has had very little attention even within the Monero community. To a large extent I am a lone wolf on this. Bitcoin does not have adaptive blocksize limits nor does have a tail emission, and will have serious issue when the emission is close to running out.

I will respond to the rest in the legal thread.

[TPTB_need_war]

2) Monero does support mass TXs and has a market based solution in place to allow the main chain blocksize to grow to accommodate them.

Are you referring to block chain compression or some variant of pruning?

Afaik, Monero can't handle very high TX/sec for the reasons which are same propagation versus orphan rates issues that plague Bitcoin if the block size is increased too much.

No I am referring to adaptive blocksize limits and a tail emission that allow for Monero to scale with technological change. This scaling is driven by a proper fee market that allows for the blocksize to grow provided that the proper price is paid. It is a close to unique and critical feature of Monero that has had very little attention even within the Monero community. To a large extent I am a lone wolf on this. Bitcoin does not have adaptive blocksize limits nor does have a tail emission, and will have serious issue when the emission is close to running out.

Ah yes again those are features I am aware of. I am getting sleepy.

That is an improvement over Bitcoin's fee structure.

But those features don't address the centralization of mining that is required to handle the propagation without causing issues with the orphan rate that make mining more profitable for well connected miners.

The hindrance with Bitcoin scaling is not just the fees to pay for larger blocks.

Also scaling block size doesn't do anything for achieving instant transactions (and I know you weren't claiming it does but I view scaling and instant transactions as related from a design perspective).

[toknormal]

Conflation. It may very well be that to protect her anonymity it is also necessary to encrypt the message for one reason or another, e.g.....her name was also elided or encrypted, else she'd not be anonymous.

I really think this is semantic nonsense - at least with regards to money. I can't think of a single case in history of cash media where eliding had anything to do with anonymity. Things are either synonymous with an identity or they aren't. Have a look at the coins in your pocket and see if you can see any "eliding" there. Everything's present and crystal clear - otherwise it'd simply be a corruption.

Her name isn't on the card, only the words I LOVE YOU are. You elide any of that and you make the message ambiguous. You encrypt it and it's unreadable. The only thing that protects her anonymity is the fact that I can't tell it apart from any other card.

Seems you are conflating fungibility with the state of being elided. Fungibility has to do with being substitutable. If elided information is what makes fungibility, then vacuous would be the ultimate fungibility which makes no sense because fungible items have to existential.

LoL ! I thought you were doing that. I don't have any disagreement there - I've been arguing exactly this for the best part of a year. I don't know how you arrive at the conclusion that I'm conflating those two.

Encryption can indeed make you anonymous, but it doesn't have to. What do you think Cryptonote is? It is encrypting the UTXO payer (but not the IP address or other meta-data correlations).

If I send a message to a friend and encrypt it, I may be anonymous but the message isn't because nobody can read it, so as far as the message goes your "vacious" state above applies - i.e. no third party can see the message to read it. For the message to be anonymous (as distinct from private) it has to be:

[1] - totally readable by any third party
[2] - not be associated with an identifiable sender

Those two requirements are independent properties of the message which should not impact adversely on each other. Your cryptonote example does exactly that - encrypts the UTXO address.

I also notice that you use a personal pronoun instead of the word "address" in encrypting the UTXO payer. We're not talking about credit systems here, we're talking about cash ones, so no personal pronouns apply. The blockchain address (UTXO sender) is already anonymous and needs to be shown. This brings us right back to my original argument that fungibility - not obfuscation (using encryption or any other means) of blockchain transactions is what optimises anonymity.

[TPTB_need_war]

Conflation. It may very well be that to protect her anonymity it is also necessary to encrypt the message for one reason or another, e.g.....her name was also elided or encrypted, else she'd not be anonymous.

I really think this is semantic nonsense - at least with regards to money. I can't think of a single case in history of cash media where eliding had anything to do with anonymity. Things are either synonymous with an identity or they aren't. Have a look at the coins in your pocket and see if you can see any "eliding" there. Everything's present and crystal clear - otherwise it'd simply be a corruption.

Her name isn't on the card, only the words I LOVE YOU are. You elide any of that and you make the message ambiguous. You encrypt it and it's unreadable. The only thing that protects her anonymity is the fact that I can't tell it apart from any other card.

You consider one case and conclude that is the general category. My IQ is more generalized when building a model (actually I am a reductionist who seeks the generative essence because I prefer to remember a concept than memorize cases). The model includes eliding the markers of identity when achieving anonymity on the internet, e.g. eliding (via mixnet obfuscation or Zerocash encryption) the IP address.

You are repeating again your incorrect model that conflates fungibility with eliding. The cash isn't anonymous. The user who transfers the cash is anonymous if the user elides his/her identity in the process of that transfer. That the cash has the property of not automatically carrying the user's identity is incidental, because for example the cash can't turn off the surveillance cameras. You've conflated where the anonymous originates from, i.e. not from the cash.

Seems you are conflating fungibility with the state of being elided. Fungibility has to do with being substitutable. If elided information is what makes fungibility, then vacuous would be the ultimate fungibility which makes no sense because fungible items have to existential.

LoL ! I thought you were doing that. I don't have any disagreement there - I've been arguing exactly this for the best part of a year. I don't know how you arrive at the conclusion that I'm conflating those two.

Encryption can indeed make you anonymous, but it doesn't have to. What do you think Cryptonote is? It is encrypting the UTXO payer (but not the IP address or other meta-data correlations).

If I send a message to a friend and encrypt it, I may be anonymous but the message isn't because nobody can read it, so as far as the message goes your "vacious" state above applies - i.e. no third party can see the message to read it. For the message to be anonymous (as distinct from private) it has to be:

[1] - totally readable by any third party
[2] - not be associated with an identifiable sender

Those two requirements are independent properties of the message which should not impact adversely on each other. Your cryptonote example does exactly that - encrypts the UTXO address.

I can't comprehend your point. Seems discombobulated. Maybe because I am sleepy, or more likely because you haven't communicated clearly.

I also notice that you use a personal pronoun instead of the word "address" in encrypting the UTXO payer. We're not talking about credit systems here, we're talking about cash ones, so no personal pronouns apply.

Firstly I am incredibly sleepy so my prose will lose attention to detail. Secondly "payer" in that context is intended to mean the sending address as opposed to payee which is the receiving address. The use of those terms doesn't have to imply persons.

The blockchain address (UTXO sender) is already anonymous and needs to be shown.

Non-sequitur because if the blockchain was anonymous, we wouldn't need Cryptonote.

This brings us right back to my original argument that fungibility - not obfuscation (using encryption or any other means) of blockchain transactions is what optimises anonymity.

Poor logic. Fungibility might be aided by anonymity but it doesn't guarantee/provide anonymity any more than cash can turn off surveillance cameras.

In other words, anonymity -> fungibility not the other direction on the arrow.

[toknormal]

The user who transfers the cash is anonymous if the user elides his/her identity in the process of that transfer. That the cash has the property of not automatically carrying the user's identity is incidental, because for example the cash can't turn off the surveillance cameras. You've conflated where the anonymous originates from, i.e. not from the cash.

In other words, anonymity -> fungibility not the other direction on the arrow.

Ah. Now I see where you're coming from.

If I may say so, that is the most ludicrous definition of "fungibility" that I've every heard. Turn out the lights and your money's more fungible ? LoL !

All I can say is - don't give up the day job. If Evan had lost any credibility in this thread I think he just got it all back 

[TPTB_need_war]

The user who transfers the cash is anonymous if the user elides his/her identity in the process of that transfer. That the cash has the property of not automatically carrying the user's identity is incidental, because for example the cash can't turn off the surveillance cameras. You've conflated where the anonymous originates from, i.e. not from the cash.

In other words, anonymity -> fungibility not the other direction on the arrow.

Ah. Now I see where you're coming from.

If I may say so, that is the most ludicrous definition of "fungibility" that I've every heard. Turn out the lights and your money's more fungible ? LoL !

All I can say is - don't give up the day job. If Evan had lost any credibility in this thread I think he just got it all back  

If you believe you won that debate, then you've lost credibility.

Fungibility is substitutability. It has nothing to do with anonymity directly and only is impacted when identity can be used to impact acceptability. Anonymity might aid the ability to be substitutable, but substitability doesn't do anything for anonymity.

Money is subsitutable because it all copies are the same w.r.t. to acceptability (e.g. serial numbers don't impact acceptability). That doesn't stop your fingerprints from being on the money. That doesn't stop the counter party to the transaction seeing your face.

Cash is substitutable for one reason because users accept it regardless of whose fingerprints are on it.

It is the inability of the government to go monitor fingerprints on each transaction that makes anonymity orthogonal to cash.

You are highly confused.

[TPTB_need_war]

I hope we are all done. I really, really want to stop all extended discussion.

I think all major points have been covered.

So I can go silent now. I hope!

Try to not write anything to draw me back into discussion. Please.

[arielbit]

I think these dash shills out here especially toknormal are trying to make OP tell or share his ideas of his coin so Evan and co. can copy it and claim it as their own. Evan is notorious for being a copycat. careful OP 

[toknormal]

You constantly contradict yourself.

First you say:

Fungibility is substitutability. It has nothing to do with anonymity

Then you say:

...That doesn't stop your fingerprints from being on the money.

It's not the fact that the fingerprints compromise anonymity that makes it traceable. It's the fact that they compromise fungibility. If the same fingerprints were on every banknote, you'd no longer be traceable against that particular note since it would be indistinguishable from any other.

Do you not notice the flawed subtext of your own reasoning ? It's that it's based in a credit-transport mindset where privacy, not anonymity is the priority. You're equating a blockchain address with a person or identity. Satoshi invents almost perfect money and you've fallen into the same old trap of dragging us back to a bank-based paradigm where a blockchain address is a person.

It isn't, and by obscuring (or encrypting) the mechanics of the blockchain you're not protecting anybody's identity in particular - you're just making crap money out of good money and mitigating its ability to garner and consolidate public endorsement of its value.

You'd have more of a case if we were talking about a backed currency than an unbacked one. Then there's a whole re-shuffling of priorities where encryption and privacy suddenly become a higher priority than fungibility and anonymity. You can also afford to compromise public transparency because only the trusted party needs to endorse your balance and if they generally do so then the monetary medium (blockchain balances) will have value. But that's a credit system, not a cash one. Notably, the principles under which Cryptonote operates were indeed originally designed for a credit network and not a cash one.

You do have a valid general point regarding "fingerprinting" of money, but that needs to be dealt with without recourse to encryption (read "obfuscation") because otherwise you're just corrupting the base monetary medium.

[TPTB_need_war]

You constantly contradict yourself.

Sorry no. You appear to lack the logic skills for comprehension of this subject matter.

This is my last attempt to explain logic of inclusionary and exclusionary rule of set membership to you.

I don't intend to be mean-spirited, but I can't go on and on. Open your mind and realize you might be wrong and try to think about what is being explained to you.

It's not the fact that the fingerprints compromise anonymity that makes it traceable. It's the fact that they compromise fungibility.

If your logic was correct, then we don't need two words. Just discard one of them.

Fungibility is not anonymity otherwise why have two words.

Separation-of-concerns is a very important technique for correct logic.

Take any object you want and start to describe attributes of that object. For example, an egg is yellow-orange, it is slippery, it is protein, etc.. If it so happens that one of those attributes depends on some other attribute some of the time, that doesn't mean that former attribute is the other latter attribute.

Substitutability doesn't always depend on anonymity.

Thus clearly substitutability is an orthogonal attribute from anonymity.

It does happen that sometimes anonymity impacts on substitutability, but not always.

There are many cases where substitutability does not impact on anonymity.

Please do not waste my time (and clutter my thread) with another reply on this silly and easy to grasp topic. Learn.

[TPTB_need_war]

monsterer, are you aware of the potential for entirely decentralized cross-chain exchanges?

https://bitcointalk.org/index.php?topic=193281.msg6487835#msg6487835

https://bitcointalk.org/index.php?topic=515370.0

Note however there are unresolved technical issues, thus I think your exchange is not threatened immediately, if ever.

I am a bit too sleepy to elaborate on the technical at the moment.

Yeah, I initially looked into developing something with this scheme in mind, but decided that it wouldn't suit because it was too clunky (with all the refund transactions, and DOS angles) and only supported bitcoin derivatives, whereas I wanted to offer a lot of '2.0' currencies.

TierNolan's (et al) proposal isn't tenable (especially not for trades where the game theory of profit tied to market bid/ask order book is in seconds or microseconds) until at least we can guarantee that block chains don't orphan and become probabilistically final on the order of seconds or less.

Btw, I think these requirements are only required on the altcoin chain in order to interopt with Bitcoin. Thus afaics the reason you can't implement the proposal is because the altcoins don't meet the requirements.

I offered my summary and ideas for improving the decentralized P2P atomic exchange protocol.

[coins101]

....
Fungibility is.....
....

There has to be universal trust that electronic coins are not being duplicated at will.

There has to be a way to hide personal identity. The coins themselves don't have to be hidden.

It's not rocket science.

[TPTB_need_war]

....
Fungibility is.....
....

There has to be universal trust that electronic coins are not being duplicated at will.

There has to be a way to hide personal identity. The coins themselves don't have to be hidden.

It's not rocket science.

Sorry you are conflating separate concerns. Even duplication-at-will doesn't impact fungibility.

Eliding personal identity isn't always necessary for fungibility and it doesn't by itself make fungibility.

I am sorry but you guys are not expert in logic. Smooth is. I am. That is what makes me an excellent programmer.

[TPTB_need_war]

I am writing always to the end of files. On daemon I compact and backup files. This radically speeds up block chain performance (especially on SSDs due their degradation from random writes) which is needed to reach a million transactions per second or more. I am designing for extreme scalability.

of course append only is the only way to get good performance. I am processing the incoming data a about 500mbits/sec. it took hundreds of tests to find a method that achieves this

I've read fstat is really slow and fappend is not guaranteed to be atomic, so the only way to know the offset where you inserted (which is crucial if pointing to the file record from a RAM summary as I do) and get maximum speed is to use asynchronous writes with a computed offset instead of multithreading. This is one example of why I chose the Node.js event loop model with simulated threads via callbacks (which I obscure in a clever async/await paradigm which I rolled myself from ES6 generators).

[coins101]

....
Fungibility is.....
....

There has to be universal trust that electronic coins are not being duplicated at will.

There has to be a way to hide personal identity. The coins themselves don't have to be hidden.

It's not rocket science.

Sorry you are conflating separate concerns. Even duplication-at-will doesn't impact fungibility.

Eliding personal identity isn't always necessary for fungibility and it doesn't by itself make fungibility.

I am sorry but you guys are not expert in logic. Smooth is. I am. That is what makes me an excellent programmer.

Avoiding duplication at will is necessary for a currency to be, err, a currency.  Logical? Yes; check.
Passing currency from one person to the next without labels to past misdeeds making the currency worthless. Logical? Yes; check.
Cash has no memory of ownership. Logical? Yes; check.

Yeah. I'm right.