Bitcoin Forum
November 15, 2024, 04:55:23 AM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 4 »  All
  Print  
Author Topic: Unencrypted blockchain leads to snooping  (Read 3082 times)
sigma02 (OP)
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
March 26, 2013, 05:01:43 AM
Last edit: March 26, 2013, 05:49:24 AM by sigma02
 #1

I am concerned that the blockchain is in plaintext.  Before responding quickly, please read what I have to say.

An unencrypted blockchain invites snooping by governments and other suspicious types.  

Each transaction COULD be encrypted in the block, with keys provided by the parties involved.  All transactions with the sender's address are opened to the recipient for verification using a key of course.  I understand that the miner requires access as well; that can be granted once (the miner re-encrypts with a key provided in the transaction itself).  As far as I can tell, this satisfies the requirements of the transaction system and keeps the blockchain completely opaque to snooping.  The miner is the weak link, but I think there is a way to deal with that as well by distributing the verification or having the recipient do it and having the miner include the encrypted transaction without checking.

While transactions are anonymous, a determined adversary (NSA, or FinCEN or google, for instance) can easily correlate web access logs to the exposed transaction logs.  Since most transactions start by copying an address from the web, each transaction can be uniquely pinned to an individual.

If I were to put on my paranoid hat, I would say that the network was specifically designed to track individuals.  While everyone is concentrating on the double-spend issues and integrity of the network, the entire transaction log is sitting there with more information than your bank account provides.  The reason for carrying the entire blockchain around (especially unencrypted) escapes me

Please elucidate me.
saddambitcoin
Legendary
*
Offline Offline

Activity: 1610
Merit: 1004



View Profile
March 26, 2013, 05:03:02 AM
 #2

the IP address is just the node that relayed your transaction, not necessarily YOU.  is my first thought

odolvlobo
Legendary
*
Offline Offline

Activity: 4508
Merit: 3417



View Profile
March 26, 2013, 05:03:21 AM
 #3

The blockchain is a public ledger. That is a crucial part of the design. If the transactions were encrypted, then there would be no way to validate them and prevent double-spending.

Join an anti-signature campaign: Click ignore on the members of signature campaigns.
PGP Fingerprint: 6B6BC26599EC24EF7E29A405EAF050539D0B2925 Signing address: 13GAVJo8YaAuenj6keiEykwxWUZ7jMoSLt
sigma02 (OP)
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
March 26, 2013, 05:06:10 AM
 #4

Not so. As I stated, the recipient has access to all transactions involving the sending address, preventing any possible double-spend issues.  So does the miner.  I asked you to read my question before answering.

If you think that the public ledger is a crucial part of the design, please explain.  I see no reason why transactions should not be encrypted and visible only to the parties involved.
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1079


Gerald Davis


View Profile
March 26, 2013, 05:06:34 AM
 #5

Your "system" is nothing more than feel good security.  If miners can decrypt the tx for verification then so can someone acting as a miner ... say the NSA and create an identical bit for bit decrypted copy of the blockchain.

Of course if only miners and keyholder could decrypt a tx it would mean that "normal" nodes couldn't perform any verification.  This would leave the network very vulnerable to collusion by miners or any attack node attempting to recreate an alternate history of coins.  

The reason for making the blockchain accessible to all nodes is that Bitcoin works on a "trustless" model.  Your node doesn't trust any other node.  Actually by default it assumes every other node is trying to feed it nonsense garbage.  Your node will validate every block and every tx back to the genesis block so that once it is synced it has an identical independently verified copied.  This makes attacks which attempt to feed nodes "false history" all but impossible to pull off.

My guess is you are part of the DRM generation.   You can use cryptography to keep secrets from the entity which needs to know the secret.  It wasn't designed for that and it NEVER works.  

Still if you feel an "encrypted" blockchain is desirable or superior well the project is open source make a fork of it and may the best chain win. 
MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
March 26, 2013, 05:11:02 AM
 #6

No. 

There is no encryption method that would work that wouldn't simply be a waste of resources, since the key would have to be widely known anyway.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
sigma02 (OP)
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
March 26, 2013, 05:14:05 AM
 #7

No need to get testy, I am definitely not of the DRM generation.

My concern is valid.  There is a way to accomplish everything you suggest, such as authenticating the veracity of each transaction without seeing the actual contents, addresses and amounts.  The miner problem can be solved with a key exchange.  I don't even see why the miners have anything to do with the transaction to be honest other than including it into the block; the recipient should be the one verifying everything.

When I ask this question, everyone seems to get upset very quickly and yell at me.  But really, think about this for a minute.

Who benefits from knowing every transaction that ever happened if there is a pretty easy way to encrypt them away?

You can still assume a completely hostile environment.  And no, the network would not be any weaker for it.  In case you missed my point, a transaction can be encrypted and hashed to make sure it's real without anyone knowing the contents.  The only reason to know the contents is for the parties involved to provide verification.
DeathAndTaxes
Donator
Legendary
*
Offline Offline

Activity: 1218
Merit: 1079


Gerald Davis


View Profile
March 26, 2013, 05:14:12 AM
 #8

If you think that the public ledger is a crucial part of the design, please explain.  I see no reason why transactions should not be encrypted and visible only to the parties involved.

To prevent a double spend when your node receives a tx it traces the lineage of the tx back to the block where it was minted (coinbase tx).  If the tx history was encrypted you would be unable to do so.  Essentially the security model becomes "well this one miner said it is good so trust me it is good".  It would be trivial to attack the network under such a limited security model.  Still like I said if you feel encrypted blockchain makes sense write some code (or pay someone to write some code) or at the very least write a white paper.

My guess is you have no understanding of how Bitcoin tracks "coins", prevents double spends, or ensures a tx is authentic.  You can't make a replacement until you understand the current version.  

Hint: there is no such thing as coins, or address "value".  There are only outputs.  Nothing but outputs.  Outputs are either spent or unspent.  The input of a tx is always the unspent output of a prior tx.  You can't authenticate a tx without being able to authenticate the unspent output being used as an input.

BTW: there are methods to make a digital currency more anonymous.  Double blind signature are one example.  It would require some novel design to combine double blind signatures into a robust secure decentralized network which is secured by proof of work.  Still this would be real security not some DRM the blockchain for the winz!
sigma02 (OP)
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
March 26, 2013, 05:14:50 AM
 #9

No. 

There is no encryption method that would work that wouldn't simply be a waste of resources, since the key would have to be widely known anyway.
Care to elaborate?
MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
March 26, 2013, 05:16:56 AM
 #10

No. 

There is no encryption method that would work that wouldn't simply be a waste of resources, since the key would have to be widely known anyway.
Care to elaborate?

Not really worth my time.  Prove that you understand how the system actually works, and then I might consider hearing out your theories.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
sigma02 (OP)
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
March 26, 2013, 05:23:05 AM
Last edit: March 26, 2013, 05:37:03 AM by sigma02
 #11

I am not talking about DRM, for god's sake.  I am talking about public key cryptography. 

My main message is still the same - no one needs to see the contents of the transactions other then the parties involved.

This is a newbie area.  Why such hostility?
sigma02 (OP)
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
March 26, 2013, 05:29:04 AM
 #12

No. 

There is no encryption method that would work that wouldn't simply be a waste of resources, since the key would have to be widely known anyway.
Care to elaborate?

Not really worth my time.  Prove that you understand how the system actually works, and then I might consider hearing out your theories.
I understand enough to know that when I make a transaction, there is enough information between the blockchain and google's records of me visiting the recipient's website to copy the address, to completely and uniquely tie me to that transactions.

That is enough for me to be concerned about the security of the system.  I am not a moron, and I am not of the "DRM generation".  I am an opensource developer with projects on github.

The fact that no one will even admit that this is an issue and instead chooses to butt heads with me is alarming.
odolvlobo
Legendary
*
Offline Offline

Activity: 4508
Merit: 3417



View Profile
March 26, 2013, 05:30:13 AM
 #13

I did read your post. When a miner validates a transaction, he must verify that the input hasn't been spent in a previous transaction. If the miner can't see all the previous transactions, he can't verify it.

It is well-known (by the people that know the details) that the anonymity of bitcoin is limited. I would agree that people should stop saying that bitcoin is anonymous because it mostly isn't.

Join an anti-signature campaign: Click ignore on the members of signature campaigns.
PGP Fingerprint: 6B6BC26599EC24EF7E29A405EAF050539D0B2925 Signing address: 13GAVJo8YaAuenj6keiEykwxWUZ7jMoSLt
sigma02 (OP)
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
March 26, 2013, 05:38:03 AM
 #14

I did read your post. When a miner validates a transaction, he must verify that the input hasn't been spent in a previous transaction. If the miner can't see all the previous transactions, he can't verify it.

It is well-known (by the people that know the details) that the anonymity of bitcoin is limited. I would agree that people should stop saying that bitcoin is anonymous because it mostly isn't.


My concern is that it's beyond not anonymous, but designed to finger the exact parties of all transactions.  A honeypot of sorts.
shockvibee
Newbie
*
Offline Offline

Activity: 34
Merit: 0


View Profile
March 26, 2013, 05:46:40 AM
 #15

Part of the idea is, you don't just give out your wallets so people know who's wallet it is.

I'm not too technical on this type of thing.
DannyHamilton
Legendary
*
Offline Offline

Activity: 3486
Merit: 4851



View Profile
March 26, 2013, 06:05:05 AM
 #16

Re-using an address is a bad practice for anonymity.  You are welcome to do so if you wish, but if you care about anonymity you should use a brand new address for EVERY TRANSACTION.  That address should only be shared between the sender and the receiver.  In that way, only the sender and receiver have any idea who the parties to the transaction are.  This satisfies your concerns about only the involved parties knowing who participated, while maintaining a public ledger that provides every participant to verify the validity of the bitcoins that they receive without needing to trust any other peer.
sigma02 (OP)
Newbie
*
Offline Offline

Activity: 14
Merit: 0


View Profile
March 26, 2013, 06:10:48 AM
 #17

Re-using an address is a bad practice for anonymity.  You are welcome to do so if you wish, but if you care about anonymity you should use a brand new address for EVERY TRANSACTION.  That address should only be shared between the sender and the receiver.  In that way, only the sender and receiver have any idea who the parties to the transaction are.  This satisfies your concerns about only the involved parties knowing who participated, while maintaining a public ledger that provides every participant to verify the validity of the bitcoins that they receive without needing to trust any other peer.

How often do you verify random transactions of others?
CIYAM
Legendary
*
Offline Offline

Activity: 1890
Merit: 1086


Ian Knowles - CIYAM Lead Developer


View Profile WWW
March 26, 2013, 06:23:08 AM
 #18

How often do you verify random transactions of others?

If you are not using Bitcoin technology then the answer would be *never* but as this is a fundamental part of what Bitcoin IS the answer with Bitcoin is *always*.

With CIYAM anyone can create 100% generated C++ web applications in literally minutes.

GPG Public Key | 1ciyam3htJit1feGa26p2wQ4aw6KFTejU
Dabs
Legendary
*
Offline Offline

Activity: 3416
Merit: 1912


The Concierge of Crypto


View Profile
March 26, 2013, 06:30:33 AM
 #19

I sweep all my 10,000,000 coins into one giant address, then send them back to random addresses. Not all at once, and not in any particular order. I mean, I could just play Satoshi Dice to launder my coins (play the 97% game so you only have a 3% chance of losing). That would be a pain to track.

DannyHamilton
Legendary
*
Offline Offline

Activity: 3486
Merit: 4851



View Profile
March 26, 2013, 06:30:42 AM
 #20

Re-using an address is a bad practice for anonymity.  You are welcome to do so if you wish, but if you care about anonymity you should use a brand new address for EVERY TRANSACTION.  That address should only be shared between the sender and the receiver.  In that way, only the sender and receiver have any idea who the parties to the transaction are.  This satisfies your concerns about only the involved parties knowing who participated, while maintaining a public ledger that provides every participant to verify the validity of the bitcoins that they receive without needing to trust any other peer.
How often do you verify random transactions of others?

The wallet that I run (Bitcoin-Qt) verifies EVERY transaction that it relays to any peers.  It also verifies EVERY transaction in every block that it receives to be added to the blockchain.  As has been said already:

- snip -
Prove that you understand how the system actually works, and then I might consider hearing out your theories.

So far you are only proving that you don't understand what bitcoin is, how it works, and what longstanding crypto-currency issues it solves.
Pages: [1] 2 3 4 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!