Bitcoin Forum
November 04, 2024, 10:29:41 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 [4] 5 6 »  All
  Print  
Author Topic: Anonymity  (Read 68834 times)
em3rgentOrdr
Sr. Member
****
Offline Offline

Activity: 434
Merit: 252


youtube.com/ericfontainejazz now accepts bitcoin


View Profile WWW
September 17, 2010, 05:44:54 AM
 #61

Bitcoin is designed with the ability to forget old transactions as you describe, just it isn't implemented yet. Its only intended to save disk space and maybe some bandwidth though I believe.

aha...ok.  thanks for the info

It could help mask coin tracks from someone new to bitcoin but if they are monitoring the net they are not obligated to erase old transactions. They could build up historical records if they want.

hmm...yeah, I suppose so.  They are probably building up the historical record already. Sad

Added anonymity, but not recommended due to loss of transaction data vulnerability:

- If the Bitcoin block can be fractionalized amongst active nodes (nodes gracefully exiting the network to allow for data passing) with plenty of backup data overlapping amongst the nodes - but no one node knows the full block chain, it will also increase anonymity.  But this may cause vulneribility in the system database in case of node failure - this route is not recommended.  If a majority of nodes in one geographic location holds the only copy of a particular section of the database, and that geographic area suffers a catastrophe, it might wipe out some/all Bitcoin wealth completely.

hmm...good point.

Whatever mechanism is chosen, it had better not significantly slow down the network or client unless strong anonymity is required/requested.

I've tried I2P and Tor, and, for me, super-strong privacy isn't worth the performance cost.

This is such a good point. People want the anonymity to trade files but they don't want to pay the performance costs of anonymous networks. The problem is in implementing a trust system based on anonymous peers, when there is no anonymous way to pay for resources.

This is the main reason why I wrote Open Transactions: because providing an untraceable form of cash makes it possible to solve issues of resource allocation on anonymous networks.  If download requests are accompanied by digital postage, college kids will start leaving their computers on all day to collect that postage while anonymous downloads occur through their computing resources. Then when they get home from class, the digital postage that has accrued covers the cost of their own downloads. Effectively, people won't have to contribute cash at all, as long as they are contributing computing resources.

Then anonymous networks can run fast. As a bonus, people can also send each other anonymous digital cash payments on these networks -- and information markets and prediction markets can start popping up.

Bitcoins are difficult to counterfeit because they require "work" aka "computing resources" in order to produce them. SURELY THESE SORTS OF COMPUTING RESOURCES that I have described above, which provide real value to people in the form of fast, anonymous downloads, have some real and measurable monetary value as well? Not only do they require computers to work, but they also provide real value to people on a market where other things are traded.
 

Are you saying that market will develop with OpenTransactions whereby people use bandwidth/cpu resources as currency?  But basically OpenTransactions isn't backed by anything?  It is just that they will allow people to anonymously trade, and will thus produce a commodity of bandwidth/cpu resources?  (I'm not terribly familiar with OpenTransactions)

"We will not find a solution to political problems in cryptography, but we can win a major battle in the arms race and gain a new territory of freedom for several years.

Governments are good at cutting off the heads of a centrally controlled networks, but pure P2P networks are holding their own."
fellowtraveler
Sr. Member
****
Offline Offline

Activity: 440
Merit: 251


View Profile
December 26, 2010, 11:24:07 PM
 #62

Are you saying that market will develop with OpenTransactions whereby people use bandwidth/cpu resources as currency?But basically OpenTransactions isn't backed by anything?  It is just that they will allow people to anonymously trade, and will thus produce a commodity of bandwidth/cpu resources?  (I'm not terribly familiar with OpenTransactions)

Open Transactions is software that allows anyone to connect and issue currencies (just like Loom, if you're familiar with that) and then transact in them untraceably.  So there could be a bitcoin-backed currency, an e-gold-backed currency, a goldmoney-backed currency, a fiat-backed currency, and a hundred others.

My point above was that using untraceable money, it becomes possible to pay for resources on anonymous networks, which would therefore solve issues of resource allocation on anonymous networks.  And since the digital cash, in that case, is being used to pay for resources on anonymous networks, that means it could also be redeemed for those resources as well. Thus, a digital cash backed in Bitcoin would have value beyond just the "proof of work" that went into creating the Bitcoins, but would also have the value of paying for filesharing resources on anonymous networks.

In fact, the three pieces fix each other's weaknesses...

Bitcoin is fully-distributed but not untraceable.
Open Transactions is untraceable but requires a server.
Anonymous networks allow you to run a server but they run too slowly...
Open Transactions would solve issues of resource allocation on those networks, but requires an issuer somewhere to store the gold...
Unless you back it with Bitcoin, in which case there is no backing storage needed since that becomes fully-distributed.

co-founder, Monetas
creator, Open-Transactions
em3rgentOrdr
Sr. Member
****
Offline Offline

Activity: 434
Merit: 252


youtube.com/ericfontainejazz now accepts bitcoin


View Profile WWW
December 27, 2010, 05:01:36 AM
 #63

Are you saying that market will develop with OpenTransactions whereby people use bandwidth/cpu resources as currency?But basically OpenTransactions isn't backed by anything?  It is just that they will allow people to anonymously trade, and will thus produce a commodity of bandwidth/cpu resources?  (I'm not terribly familiar with OpenTransactions)

Open Transactions is software that allows anyone to connect and issue currencies (just like Loom, if you're familiar with that) and then transact in them untraceably.  So there could be a bitcoin-backed currency, an e-gold-backed currency, a goldmoney-backed currency, a fiat-backed currency, and a hundred others.

My point above was that using untraceable money, it becomes possible to pay for resources on anonymous networks, which would therefore solve issues of resource allocation on anonymous networks.  And since the digital cash, in that case, is being used to pay for resources on anonymous networks, that means it could also be redeemed for those resources as well. Thus, a digital cash backed in Bitcoin would have value beyond just the "proof of work" that went into creating the Bitcoins, but would also have the value of paying for filesharing resources on anonymous networks.

In fact, the three pieces fix each other's weaknesses...

Bitcoin is fully-distributed but not untraceable.
Open Transactions is untraceable but requires a server.
Anonymous networks allow you to run a server but they run too slowly...
Open Transactions would solve issues of resource allocation on those networks, but requires an issuer somewhere to store the gold...
Unless you back it with Bitcoin, in which case there is no backing storage needed since that becomes fully-distributed.


Excellent!  Basically bitcoin and open transactions are complementary means of exchange. 

Do you have any good recommendations about relatively cheap and high-bandwidth VPS or other server that I could purchase anonymously with Loom or Open Transactions?  Unfortunately, I'm not terribly impressed with the price/GB for the VPS servers listed in the bitcoin trade (and again am a wee bit concerned about the potential traceability of bitcoin by a clever adversary), but maybe there are other servers that could be purchased with Loom or Open Transactions instead.

This is sortof like Rock-Paper-Sissors, or one of those RPGs where you have Water weak against Lighting, Fire and Ice weak against eachother, Black Mages with high MP but low HP, Warriors with high HP but no magic, White Mages with poor attack but can restore HP, etc. (you get the picture).  But then you get to put together your team which combines their special powers and is able to defeat any enemy/boss!  Smiley  Sorry for the lame analogy.   Cheesy

"We will not find a solution to political problems in cryptography, but we can win a major battle in the arms race and gain a new territory of freedom for several years.

Governments are good at cutting off the heads of a centrally controlled networks, but pure P2P networks are holding their own."
ben-abuya
Sr. Member
****
Offline Offline

Activity: 323
Merit: 250



View Profile WWW
December 27, 2010, 10:50:05 PM
 #64

My understanding of this stuff is still pretty precursory, but I think adding Ripple to the mix could be a game changer: enabling small, local transactions without the need to exchange fiat currencies. This is huge, because getting bitcoins or digital gold is currently infeasible for small transactions, whereas with Ripple, you're in the game out of the box. All you need is a friend on Facebook. This is exactly the kind of convenience that can kickstart a revolution.

http://lamassubtc.com/
Lamassu Bitcoin Ventures
fellowtraveler
Sr. Member
****
Offline Offline

Activity: 440
Merit: 251


View Profile
December 28, 2010, 07:55:03 AM
 #65

My understanding of this stuff is still pretty precursory, but I think adding Ripple to the mix could be a game changer: enabling small, local transactions without the need to exchange fiat currencies. This is huge, because getting bitcoins or digital gold is currently infeasible for small transactions, whereas with Ripple, you're in the game out of the box. All you need is a friend on Facebook. This is exactly the kind of convenience that can kickstart a revolution.

I'm a big fan of Ripple actually, and I would love to see it built into the first real OT client.

Ripple also eliminates any need for "server-to-server" transfer, since all such transfers would be p2p instead of centralized.

Along the same lines we've been discussing, I would also love to see such software integrated into the next generation of anonymous networks. 

co-founder, Monetas
creator, Open-Transactions
Sr. Member
****
Offline Offline

Activity: 476
Merit: 250


View Profile
January 27, 2011, 12:44:59 AM
 #66

Quote
The second way is for an external service to take the coins of many different people, mix them up, and send similar amounts back to those peoples' addresses. If the mixer keeps no logs of who gets which coins, any investigation must stop here.

I setup bitcoin just yesterday. But had been thinking about it for a while. Particularly I had an issue with each coin containing it's own transaction history.
I was thinking about anonymous payment gateways, and came up with the idea of having external services that can forward payments for you. So, Aleph wants to pay Bravo some coin, but doesn't want Bravo to know where the money is coming from, and doesn't want Gerry (the government) to know where the money is coming from, or going. So, Aleph sends the money to Cent (external server). Cent has received money from various other users in the past, and so has a stack of coins from various people. Cent randomly selects from these coins the appropriate number and forwards these on to Bravo. Cent never keeps logs, and so has no record of who sent money to Cent, or where Cent subsequently sent that money to.

Anonymous payment gateway.

Now, to my thinking, the most trusted of these would be the ones that were run by community groups such as EFF, or on darknets, or similar. But, there is nothing to say that commercial operations could exist that would take a percentage, or a slice of every payment.

My first post, I don't think I repeated what anyone else has said.
FreeMoney
Legendary
*
Offline Offline

Activity: 1246
Merit: 1016


Strength in numbers


View Profile WWW
January 27, 2011, 12:53:39 AM
 #67

Quote
The second way is for an external service to take the coins of many different people, mix them up, and send similar amounts back to those peoples' addresses. If the mixer keeps no logs of who gets which coins, any investigation must stop here.

I setup bitcoin just yesterday. But had been thinking about it for a while. Particularly I had an issue with each coin containing it's own transaction history.
I was thinking about anonymous payment gateways, and came up with the idea of having external services that can forward payments for you. So, Aleph wants to pay Bravo some coin, but doesn't want Bravo to know where the money is coming from, and doesn't want Gerry (the government) to know where the money is coming from, or going. So, Aleph sends the money to Cent (external server). Cent has received money from various other users in the past, and so has a stack of coins from various people. Cent randomly selects from these coins the appropriate number and forwards these on to Bravo. Cent never keeps logs, and so has no record of who sent money to Cent, or where Cent subsequently sent that money to.

Anonymous payment gateway.

Now, to my thinking, the most trusted of these would be the ones that were run by community groups such as EFF, or on darknets, or similar. But, there is nothing to say that commercial operations could exist that would take a percentage, or a slice of every payment.

My first post, I don't think I repeated what anyone else has said.

I think a safe way would be to go through 7 or so sites, there are already gambling accounts in addition to all the exchanges in the future, ATITD, etc. Even if 6 of them kept records and were coerced into telling it would be useless. There could even be a service that did that for you and you could use 2 of them or more. This still doesn't save you from the merchant tattling on you if he needs info about you to serve you.

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
Sr. Member
****
Offline Offline

Activity: 476
Merit: 250


View Profile
January 27, 2011, 01:16:40 AM
 #68

Yes indeed.

Anyway, As I kept browsing the forums, I came across the BitLaundry, which looks like what I described!
* http://bitcointalk.org/index.php?topic=963.0
* https://bitlaundry.appspot.com/
theymos (OP)
Administrator
Legendary
*
Offline Offline

Activity: 5376
Merit: 13368


View Profile
January 27, 2011, 02:37:43 AM
 #69

Anyway, As I kept browsing the forums, I came across the BitLaundry, which looks like what I described!

Since BitLaundry has so few users, you'll probably get your own coins back, which is pointless. You might as well just send the coins to yourself at a new address. Your best bet is to use a large site like MyBitcoin or MtGox.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
Sr. Member
****
Offline Offline

Activity: 476
Merit: 250


View Profile
January 27, 2011, 08:29:15 AM
 #70

At the moment there are few people using the service. But then again, there are so few people using Bitcoin as well. The point is, that as/if bitcoin takes off, there already exists an anonymous payment gateway. And there is nothing stopping more from springing up. The trouble with the two services you mention, is, I believe, that they keep logs, and are not explicitly designed to "launder" bitcoins (as it were).

I love am writing a short SF story which involves digital nomads and digital currency. Considering no one has, so far, come up with anonymous digital cash of the sort that can be transfered between individuals without an intermediary, bitcoins with a decentralised net of anonymous payment gateways is the next best thing that I can find.

Sure there are plenty of anonymous payment systems, but as far as I can tell, they require an intermediary server which is generally controlled by one actor (as, indeed, is the entire payment system).

My reading of Wikipedia suggests that http://en.wikipedia.org/wiki/Blind_signature might be relevant, but I'm not a mathematician (or a doctor).
theymos (OP)
Administrator
Legendary
*
Offline Offline

Activity: 5376
Merit: 13368


View Profile
January 27, 2011, 01:06:13 PM
 #71

The trouble with the two services you mention, is, I believe, that they keep logs, and are not explicitly designed to "launder" bitcoins (as it were).

BitLaundry also keeps logs because Bitcoin permanently saves every transaction you make to wallet.dat. You'd have to modify Bitcoin to truly keep no logs.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
caveden
Legendary
*
Offline Offline

Activity: 1106
Merit: 1004



View Profile
January 27, 2011, 03:03:16 PM
 #72

In what way would the wallet.dat logs be any different from what you find on the public chain already?
I don't think that's the kind of log he worries about... logs linking the input with the output that would be the problem... the wallet.dat wouldn't have such logs since bitcoind itself wouldn't have such info.
theymos (OP)
Administrator
Legendary
*
Offline Offline

Activity: 5376
Merit: 13368


View Profile
January 27, 2011, 07:06:12 PM
 #73

In what way would the wallet.dat logs be any different from what you find on the public chain already?
I don't think that's the kind of log he worries about... logs linking the input with the output that would be the problem... the wallet.dat wouldn't have such logs since bitcoind itself wouldn't have such info.

The attacker would be able to see which transactions went through the mix service. With the dates and amounts of each transaction, an attacker may be able to reconstruct input<->output links (especially with small services like BitLaundry), even though the exact information is not included in wallet.dat. Without the wallet an investigation would not be able to recover this information.

Probably mixing services will not be raided often, so proper mixing is much more important than logging.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
FreeMoney
Legendary
*
Offline Offline

Activity: 1246
Merit: 1016


Strength in numbers


View Profile WWW
January 28, 2011, 12:10:29 AM
 #74

The trouble with the two services you mention, is, I believe, that they keep logs, and are not explicitly designed to "launder" bitcoins (as it were).

BitLaundry also keeps logs because Bitcoin permanently saves every transaction you make to wallet.dat. You'd have to modify Bitcoin to truly keep no logs.

Do you really have to modify Bitcoin? Isn't it enough to send all coins to a separate wallet, delete original wallet, make empty wallet, send all coins back to blank wallet.

Obviously you'll want to automate. Do it every 6 hours or something.

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
Gavin Andresen
Legendary
*
qt
Offline Offline

Activity: 1652
Merit: 2301


Chief Scientist


View Profile WWW
January 28, 2011, 12:36:12 AM
 #75

Do you really have to modify Bitcoin? Isn't it enough to send all coins to a separate wallet, delete original wallet, make empty wallet, send all coins back to blank wallet.

Obviously you'll want to automate. Do it every 6 hours or something.

That would make an odd transaction pattern-- e.g. if you started with 11 bitcoins in your wallet, you'd generate a chain of transactions that was:

A paid B 11 bitcoins
B paid C 11 bitcoins
C paid D 11 bitcoins
 ... etc, every 6 hours.  That makes it obvious what you're doing (a series of exactly-11-bitcoin transactions would be extremely unlikely).

Ideally, you want the graph of transactions involving your coins to be indistinguishable from a random sub-graph of the entire bitcoin transaction graph.  Creating lots of wallets won't help you do that; you need to mix your coins with other people's, so the mixing looks the same as just ordinary "X paid Y" transactions.


How often do you get the chance to work on a potentially world-changing project?
FreeMoney
Legendary
*
Offline Offline

Activity: 1246
Merit: 1016


Strength in numbers


View Profile WWW
January 28, 2011, 12:48:12 AM
 #76

Do you really have to modify Bitcoin? Isn't it enough to send all coins to a separate wallet, delete original wallet, make empty wallet, send all coins back to blank wallet.

Obviously you'll want to automate. Do it every 6 hours or something.

That would make an odd transaction pattern-- e.g. if you started with 11 bitcoins in your wallet, you'd generate a chain of transactions that was:

A paid B 11 bitcoins
B paid C 11 bitcoins
C paid D 11 bitcoins
 ... etc, every 6 hours.  That makes it obvious what you're doing (a series of exactly-11-bitcoin transactions would be extremely unlikely).

Ideally, you want the graph of transactions involving your coins to be indistinguishable from a random sub-graph of the entire bitcoin transaction graph.  Creating lots of wallets won't help you do that; you need to mix your coins with other people's, so the mixing looks the same as just ordinary "X paid Y" transactions.


I only meant that as an additional step to eliminate the log aspect of wallet so that you could be safe even if someone later got a wallet file of your mix service. Would doing this in addition to the mixing already discussed reduce anonymity? You could arrange your mixing to periodically empty a wallet without sending all of the coins to one other wallet and delete the empty wallets. The period doesn't have to be strictly fixed either.

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
theymos (OP)
Administrator
Legendary
*
Offline Offline

Activity: 5376
Merit: 13368


View Profile
January 28, 2011, 02:06:04 AM
 #77

Do you really have to modify Bitcoin? Isn't it enough to send all coins to a separate wallet, delete original wallet, make empty wallet, send all coins back to blank wallet.

That would work, though it does give away more information to an attacker. I actually mentioned that in the original BitLaundry thread:

At the end of that article I described a somewhat easy-to-implement "Bitcoin laundering" service:
Quote
- Set up two Bitcoin installations.
- Put some amount of BTC in installation B. This is the maximum amount of BTC you can deal with at once (for all customers).
- Customers send BTC to installation A. You send them an equal number of coins (or minus a fee) from installation B. Send as 10-50 BTC increments.
- Send all coins from A to B when all orders are satisfied. You can't send coins from A to B if you have any orders that have not been satisfied from B.
- This can be automated, or you can do everything manually.

This still keeps logs (unavoidable without modifying Bitcoin), but it ensures that you never get back your own coins.

The log situation can be helped by periodically moving your bitcoins and deleting the empty wallet.dat file (this deletes all of your receiving addresses, so be careful).

(A self-quote within a self-quote! Cheesy )

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
FreeMoney
Legendary
*
Offline Offline

Activity: 1246
Merit: 1016


Strength in numbers


View Profile WWW
January 28, 2011, 02:09:09 AM
 #78

Ah, sometimes I wonder if every idea I've every had is just me forgetting that I've heard it somewhere before. I'll read a book, learn something, think of it 2 years later not remembering the source, read the source again - DOH there it is.

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
zipslack
Newbie
*
Offline Offline

Activity: 43
Merit: 0


View Profile
January 28, 2011, 10:28:25 PM
 #79

I feel an irresistible need to post a link to this thread which I started last week: http://bitcointalk.org/index.php?topic=2893.0

I'm starting to think about implementation now. Given Bitcoin and anonymizing communications networks I am of the opinion that anonymous transactions are within our grasp.
marcus_of_augustus
Legendary
*
Offline Offline

Activity: 3920
Merit: 2349


Eadem mutata resurgo


View Profile
February 11, 2011, 12:42:02 PM
 #80


So David Chaum's Digicash http://en.wikipedia.org/wiki/DigiCash and blind signature  http://en.wikipedia.org/wiki/Blind_signature techniques have been mentioned further back in the thread already.

I don't think it has been made clear why you could not (or would not) incorporate the blind signature technology into Bitcoin.

Did I miss something here?

Pages: « 1 2 3 [4] 5 6 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!