[ANN] DERO: DAG + Cryptonote + Bulletproofs + SSL + POW + Smart Contracts

[0x000090]

Dero is still an unsfinished project in alpha stage and you want use it like a bank system ? Come back in some years when everything will be stable with 0 risks and truly Open Source.

You are missing the point yet again, while simultaneously demonstrating that you have about zero understanding of blockchain.

Do you need the source code of your bank before you can have expectations of how it works?  Much more important than the source is the protocol, and CryptoNote is widely documented.  The DAG structure and P2P interface will soon be public.  Then you can implement your own daemon that doesn't use the DERO canonical source code, and run it on the network.  It is decentralized, and every coin is verifiable back to the genesis block.  You don't need the source, or its history, to understand or participate in the network, if you have protocol documentation and an understanding of the crypto.

Your bank is a highly-regulated business, with clear and public identity, and fiduciary responsibility fully subject to law; its ledgers, irrespective of the software used to create and maintain them, are fully auditable going back as far as the law may require. Cryptonote, on the other hand, contrary to what captain is fond of suggesting, and contrary to what you blindly repeat above, was expressly designed to be opaque; you can know only the inputs and outputs for wallets to which you hold the keys. All transactions, and even their amounts in the case of RingCT, are opaque when viewing the public blockchain. It is only with full historical sources, therefore, that one can prove coins have not been minted out of thin air at any given point.

[b9ron]

You are missing the point yet again, while simultaneously demonstrating that you have about zero understanding of blockchain.

The point is let the Dero Core devs works in peace, if you don't want support them because you don't trust them, fine go away.

Zero understanding of blockchain: Are you talking about the community full of technical illiterate paranoid that gambling or the technical stuff ?

Coding and cracking code since 15 years old and have worked 20 years in IT, sure I probably don't understand blockchain or anything related to software engineering or networking.

Well maybe you should explain, genius.

[0x000090]

You are missing the point yet again, while simultaneously demonstrating that you have about zero understanding of blockchain.

The point is let the Dero Core devs works in peace, if you don't want support them because you don't trust them, fine go away.

Zero understanding of blockchain: Are you talking about the community full of technical illiterate paranoid that gambling or the technical stuff ?

Coding and cracking code since 15 years old and have worked 20 years in IT, sure I probably don't understand blockchain or anything related to software engineering or networking.

Well maybe you should explain, genius.

Your words speak for themselves; your cognitive dissonance is too strong for me to believe I could break through, but others can read what you have written and see.

[b9ron]

Banks doesn't care about Blockchain technology unless they can build one themselves from scratch and even if they were being interested by the Dero-DAG they should contact directly the Dero Foundation to obtain a meeting.

[MagicSmoker]

Your words speak for themselves; your cognitive dissonance is too strong for me to believe I could break through, but others can read what you have written and see.

Is this your github?

https://github.com/0x000090

[0x000090]

Your words speak for themselves; your cognitive dissonance is too strong for me to believe I could break through, but others can read what you have written and see.

Is this your github?

https://github.com/0x000090

Yes.

(going to be afk for a few hours btw)

[b9ron]

At least your commits speak for themselves. 

Mr Expert Blockchain

[CaptDero]

Any blockchain/crypto expert/dev interested in DERO source audit/review is welcome for ongoing review.

Pls visit #ext-developers channel on discord https://discord.gg/GmDgjkD

For full details pls see: https://forum.dero.io/t/dero-source-and-compilation-details/760


Pls see first how to Install GO https://golang.org/doc/install

DERO Introduction
DERO is decentralized DAG(Directed Acyclic Graph) based blockchain with enhanced reliability, privacy, security, and usability. Consensus algorithm is PoW based on original cryptonight. DERO is industry leading and the first blockchain to have bulletproofs, TLS encrypted Network.
DERO blockchain has the following salient features
DAG Based : No orphan blocks, No soft-forks
12 Second Block time: Extremely fast transactions and 2 minutes confirmation time
SSL/TLS P2P Network
CryptoNote : Fully Encrypted Blockchain
BulletProofs: Zero Knowledge range-proofs.
Fully Auditable Supply: Supply is fully auditable.
Ring signatures
Written from scratch: Almost everything has been implemented from scratch.

DAG
DERO DAG implementation builds outs a main chain from the DAG network of blocks which refers to main blocks (100% reward) and side blocks (67% rewards). Side blocks contribute to chain PoW security and traditional 51% attacks are not possible on DERO network. If DERO network finds another block at the same height, instead of choosing one, DERO include both blocks. Thus, rendering the 51% attack futile.
Traditional Blockchains process blocks as single unit of computation(if a double-spend tx occurs within the block, entire block is rejected). However DERO network accepts such blocks since DERO blockchain considers transaction as a single unit of computation.DERO blocks may contain duplicate or double-spend transactions which are filtered by client protocol and ignored by the network.
DERO DAG processes transactions atomically one transaction at a time.

Crypto
Secure and fast crypto is the basic necessity of this project and adequate amount of time has been devoted to develop/study/implement/audit it. Most of the crypto such as ring signatures have been studied by various researchers and are in production by number of projects. As far as the Bulletproofs are considered, since DERO is the first one to implement/deploy, they have been given a more detailed look. First, a bare bones bulletproofs was implemented, then implementations in development were studied (Benedict Bunz,XMR, Dalek Bulletproofs) and thus improving our own implementation.Some new improvements were discovered and implemented (There are number of other improvements which are not explained here). Major improvements are in the Double-Base Double-Scalar Multiplication while validating bulletproofs. A typical bulletproof takes ~15-17 ms to verify. Optimized bulletproofs takes ~1 to ~2 ms(simple bulletproof, no aggregate/batching). Since, in the case of bulletproofs the bases are fixed, we can use precompute table to convert 64*2 Base Scalar multiplication into doublings and additions (NOTE: We do not use Bos-Coster/Pippienger methods). This time can be again easily decreased to .5 ms with some more optimizations.With batching and aggregation, 5000 range-proofs (~2500 TX) can be easily verified on even a laptop. The implementation for bulletproofs is in github.com/deroproject/derosuite/crypto/ringct/bulletproof.go 1 , optimized version is in github.com/deroproject/derosuite/crypto/ringct/bulletproof_ultrafast.go

There are other optimizations such as base-scalar multiplication could be done in less than a microsecond.Some of these optimizations are not yet deployed and may be deployed at a later stage.
Further research/studies/optimizations are in-progress to further improve DERO network.

Instructions
Install GO https://golang.org/doc/install
mkdir dero
cd dero
export GOPATH=pwd
git clone https://git.dero.io/DeroProject/src.git
cd src
go install github.com/deroproject/derosuite/cmd/

Pls see DERO explorer, DERO daemon and DERO wallet-cli binaries in $GOPATH/bin.
This source code release is for selected devs only for personal use and feedback only. No distribution in any case/form.

Contact us:
DERO Developers are not perfect and there may be bugs in the code.
Please report any bugs, flaws found during the audit/go through to further improve the project at: https://forum.dero.io/

Thanks for your patience and support.

[0x000090]

At least your commits speak for themselves. 

Mr Expert Blockchain

That's just a cute way of yet again avoiding the point; can it be long now before your argument becomes accusing me of being mojo and/or serena? If you didn't mean to refute me, you should not have responded. But you did, and through your responses we have so far learned:

a) You have indicated that it is fine for the community to only have the ability to make pull requests, but not have any actual control over the project.
b) You have characterized dero as unfinished alpha stage software, and intimated that people should not use it like a bank, until "some years when everything will be stable with 0 risks and truly Open Source."
c) You demonstrate by point (b) that you do not understand that the blockchain is an immutable record, and that what happens with it now bears on whether people should trust it years from now.
d) You demonstrate by point (c) that you do not understand my initial point, which regarded the importance of being able to verify the code that was running on the network between the time the source was closed, and now.

This is what is meant when I say you have no understanding of blockchain; this, though it obviously escapes you, is what others can see by your words. And that rather than either agree or refute, you should instead point to a repo where I have forked a few projects, as though it says anything, rather than address the points themselves, says volumes.

The irony is that where I have not actually argued here against using or getting involved with dero, you yourself have inadvertently and voluntarily provided a few decent reasons why a person might do well to avoid it.

[--Serena--]

Hello @Serena,
My first reply to you since you left.
I believe you have contributed lots of efforts and time for the DERO Community. Thanks for that.
For me you are still the same kind and sweet person. Pls don't allow this incident to affect you any way.
Let the good and positive in you be more powerful. I have seen and handle lots of such in life, thanks to the teacher called Experience.
You will always have my good wishes. Feel free for anything else.

Thanks.

Regards.

I hope you change your mind about the community. My experience here taught me many lessons, and some particularly harsh ones about trust.

a few things I've noticed

Topoheight DIFFERENCE - Sample #1 additional data Height: 249380 -VS- Topoheight: 322904 ----- with the original blocks removed we get --- Height: 153,830 -VS- Topoheight: 227,354 for a block emission rate of 147.79561854% topoheight -VS- blockheight. This means DERO is generating 47.79561854% side blocks but Capt stated they expect 10% to 15% side blocks.

(1) A cursory glance suggests that Dero is putting out around 32% - 37% -or- 3.186x to 4.779x more side blocks than expected while simultaneously maintaining a lower emission rate than Monero had at this time (18,620.62 Monero mined on day 225). Math - 47% actual vs 10% - 15% as Capt stated (47.79561854 / 15 = 3.18637456933) and 47% actual vs 10% (47.79561854 / 10 = 4.779561854)

(2) If we were to remove the side blocks we would have (using current numbers that do smoothly lower) 1.532 DERO every 12 seconds for
1.532 (Dero per block) x 5 (blocks per minute) x 60 (minutes per hour) x 24 (hours per day) = 11030.4 DERO per day (7200 blocks per day) without the side blocks on day 225.

(3) If we add the side blocks back in with an emission rate of 1 DERO per block (1.02 actual ATM) at a rate of 47.79561854% additional blocks on top of the 7200 per day for 3441.2843088 extra DERO per day bringing us to a total of (approximately) ~14471.6843088 DERO on day 225 (18,620.62 Monero mined on day 225)

These appear to be the same minus the language differences
DERO emission: https://github.com/deroproject/derosuite/blob/master/emission/emission.go

Code:

target := config.COIN_DIFFICULTY_TARGET
	target_minutes := target / 60
	emission_speed_factor := config.COIN_EMISSION_SPEED_FACTOR - (target_minutes - 1)

Monero emission: https://github.com/monero-project/monero/blob/3ad4ecd4ff52f011ee94e0e80754b965b82f072b/src/cryptonote_basic/cryptonote_basic_impl.cpp

Code:

const int target = version < 2 ? DIFFICULTY_TARGET_V1 : DIFFICULTY_TARGET_V2;
    const int target_minutes = target / 60;
    const int emission_speed_factor = EMISSION_SPEED_FACTOR_PER_MINUTE - (target_minutes-1);

Dero config: https://github.com/deroproject/derosuite/blob/9687ad9cb479bf564c7900b948150200fdd5a301/config/config.go

Code:

var COIN_EMISSION_SPEED_FACTOR = uint64(20)
var COIN_DIFFICULTY_TARGET = uint64(120) 

Monero config: https://github.com/monero-project/monero/blob/3ad4ecd4ff52f011ee94e0e80754b965b82f072b/src/cryptonote_config.h

Code:

EMISSION_SPEED_FACTOR_PER_MINUTE                (20)
DIFFICULTY_TARGET_V2                            120  // seconds
DIFFICULTY_TARGET_V1                            60  // seconds

-

So can you at least tell me where the 3.07 blocks came from if the configs were the same and the port appears to be successful with the most basic parameters in place?

Edit: I made a new account to post this btw since I'm not around my bitcointalk passphrase for --Serena--

Edit 2: I'm aware the parameters etc will be different for Atlantis, but I guess I'm wondering why it's still not close to the proper emission curve? I'd dig for what was causing the 3.07 blocks since it's not the basic config, but there's of course no point now. So I'll just leave it at - why is the emission curve still broken?

edit 3: still waiting on an answer (and for Kryptoid - "DERO DAG implementation builds outs a main chain from the DAG network of blocks which refers to main blocks (100% reward) and side blocks (67% rewards)." if you don't believe me, and can't do super easy math, maybe you'll believe Capt) :face_palm:

[Oranium80]

to everyone that was trash talking and couldnt wait before throwing words in the air, i hope you see that there are no scams here and there is no reason for any to exist at least not how i see things (just my opinion), now as far as the future i can only see good things and being a long time hodler and planing to keep hodling for a long time i think everyone should think about what would they do when you have so many ppl to prove your not playing games and what you are trying to achieve is not just words in some post, every project has its ups and downs and EOS is a perfect example as Dero is not even close to have a 4 billion dollar fund supporting them and EOS still have a lot of issues comparing to dero has been doing great with all the drama and that is something you have to take in consideration. remember time is the key for all crypto's and not some.  

[CFAB]

hey Serena 
its very obvious , oh wait guess youll tell us its not .

SURE 

At least your commits speak for themselves. 

Mr Expert Blockchain

That's just a cute way of yet again avoiding the point; can it be long now before your argument becomes accusing me of being mojo and/or serena? If you didn't mean to refute me, you should not have responded. But you did, and through your responses we have so far learned:

a) You have indicated that it is fine for the community to only have the ability to make pull requests, but not have any actual control over the project.
b) You have characterized dero as unfinished alpha stage software, and intimated that people should not use it like a bank, until "some years when everything will be stable with 0 risks and truly Open Source."
c) You demonstrate by point (b) that you do not understand that the blockchain is an immutable record, and that what happens with it now bears on whether people should trust it years from now.
d) You demonstrate by point (c) that you do not understand my initial point, which regarded the importance of being able to verify the code that was running on the network between the time the source was closed, and now.

This is what is meant when I say you have no understanding of blockchain; this, though it obviously escapes you, is what others can see by your words. And that rather than either agree or refute, you should instead point to a repo where I have forked a few projects, as though it says anything, rather than address the points themselves, says volumes.

The irony is that where I have not actually argued here against using or getting involved with dero, you yourself have inadvertently and voluntarily provided a few decent reasons why a person might do well to avoid it.

[b9ron]

At least your commits speak for themselves.  

Mr Expert Blockchain

That's just a cute way of yet again avoiding the point; can it be long now before your argument becomes accusing me of being mojo and/or serena? If you didn't mean to refute me, you should not have responded. But you did, and through your responses we have so far learned:

a) You have indicated that it is fine for the community to only have the ability to make pull requests, but not have any actual control over the project.
b) You have characterized dero as unfinished alpha stage software, and intimated that people should not use it like a bank, until "some years when everything will be stable with 0 risks and truly Open Source."
c) You demonstrate by point (b) that you do not understand that the blockchain is an immutable record, and that what happens with it now bears on whether people should trust it years from now.
d) You demonstrate by point (c) that you do not understand my initial point, which regarded the importance of being able to verify the code that was running on the network between the time the source was closed, and now.

This is what is meant when I say you have no understanding of blockchain; this, though it obviously escapes you, is what others can see by your words. And that rather than either agree or refute, you should instead point to a repo where I have forked a few projects, as though it says anything, rather than address the points themselves, says volumes.

The irony is that where I have not actually argued here against using or getting involved with dero, you yourself have inadvertently and voluntarily provided a few decent reasons why a person might do well to avoid it.

What are you talking about apple and orange once again ?

Yeah thanks, I know what's a Blockchain, is just a Data Structure a f*cking hashed linked list using hash instead of pointer... oh by the way, Dero isn't anymore a Blockchain but a DAG of hashed blocks.
My point was the code will be completely accessible in the future when the product will be ready not now in the early stage and if you can't deal with it, come back further.

The complete history of commit won't be publicly available until Dero Core Devs reveals their identity, that means it could probably never happen.

Once again bank doesn't trust any Blockchain Tech until they can control it or rewrite it from scratch.

[CFAB]

what a pathertic little person ,
no one is fooled by ALL your alias,



KARMA 

[--Serena--]

what a pathertic little person ,
no one is fooled by ALL your alias,



KARMA  

Your fallacy can be reasonably disproven by pointing out my complete disregard for the semicolon to date.

[0x000090]

hey Serena 
its very obvious , oh wait guess youll tell us its not .

SURE 

I think your tinfoil hat needs adjustment.

At least your commits speak for themselves. 

Mr Expert Blockchain

That's just a cute way of yet again avoiding the point; can it be long now before your argument becomes accusing me of being mojo and/or serena? If you didn't mean to refute me, you should not have responded. But you did, and through your responses we have so far learned:

a) You have indicated that it is fine for the community to only have the ability to make pull requests, but not have any actual control over the project.
b) You have characterized dero as unfinished alpha stage software, and intimated that people should not use it like a bank, until "some years when everything will be stable with 0 risks and truly Open Source."
c) You demonstrate by point (b) that you do not understand that the blockchain is an immutable record, and that what happens with it now bears on whether people should trust it years from now.
d) You demonstrate by point (c) that you do not understand my initial point, which regarded the importance of being able to verify the code that was running on the network between the time the source was closed, and now.

This is what is meant when I say you have no understanding of blockchain; this, though it obviously escapes you, is what others can see by your words. And that rather than either agree or refute, you should instead point to a repo where I have forked a few projects, as though it says anything, rather than address the points themselves, says volumes.

The irony is that where I have not actually argued here against using or getting involved with dero, you yourself have inadvertently and voluntarily provided a few decent reasons why a person might do well to avoid it.

What are you talking about apple and orange once again ?

Yeah thanks, I know what's a Blockchain, is just a Data Structure a f*cking hashed linked list using hash instead of pointer... oh by the way, Dero isn't anymore a Blockchain but a DAG of hashed blocks.
My point was the code will be completely accessible in the future when the product will be ready not now in the early stage and if you can't deal with it, come back further.

The complete history of commit won't be publicly available until Dero Core Devs reveals their identity, that means it could probably never happen.

Once again bank doesn't trust any Blockchain Tech until they can control it or rewrite it from scratch.

Let's try this another way. Imagine that everyone who ran a monero node downloaded it in binary form from a specific server, and that you woke up tomorrow to news reports that this server had been found to have been compromised for the past two months -- the binaries had been replaced, and had been built by an unknown entity, using unknown code. The monero devs then recompiled from the current public sources, and all nodes updated to new binaries.

Should this affect people's trust in monero? Or should they say, oh well see the blockchain is a hashed linked list, and the source is public for the version now running, so everything is just fine, like you are doing for dero? Because the only functional difference between dero and this hypothetical is that the unknown entity is captain, so it comes down 100% to your trust in him, not in the code, not in the blockchain, not in anything else.

And the only way to change that, is to verify all the code (which as I have also pointed out, does not even suffice entirely, as you are still trusting that the code you see is what was actually running).

[b9ron]

No even if you have all the code with all history of commits, if Monero servers are compromised with binary with a tiny backdoor or an tiny exploit hidden in it, it will be hard to find out unless devs reveal their binary were compromised.

Because even you'll have a fork of project even with the same arch, you could compile and still get a binary code different from official binary.

The only way to check if your binary isn't compromised is to review the code and compile yourself. Until this time you have to trust official binary with the official checksum provided.

Once again you don't trust the binary provided fine, come back further.

[MagicSmoker]

...Because the only functional difference between dero and this hypothetical is that the unknown entity is captain, so it comes down 100% to your trust in him, not in the code, not in the blockchain, not in anything else.

And the only way to change that, is to verify all the code (which as I have also pointed out, does not even suffice entirely, as you are still trusting that the code you see is what was actually running).

The way I read this is that even given the source code you still wouldn't trust that the binaries it produced are the same as the existing compiled binaries* so I am forced to conclude that nothing will satisfy you.


* - because apparently the golang compiler does not create bit-identical output when run on different machines despite bit-identical sources.

[0x000090]

...Because the only functional difference between dero and this hypothetical is that the unknown entity is captain, so it comes down 100% to your trust in him, not in the code, not in the blockchain, not in anything else.

And the only way to change that, is to verify all the code (which as I have also pointed out, does not even suffice entirely, as you are still trusting that the code you see is what was actually running).

The way I read this is that even given the source code you still wouldn't trust that the binaries it produced are the same as the existing compiled binaries* so I am forced to conclude that nothing will satisfy you.


* - because apparently the golang compiler does not create bit-identical output when run on different machines despite bit-identical sources.

That would be about the size of it, though I already wrote as much in my initial reply to you on this topic. It should be a fairly uncontroversial concept (not sure why b9ron felt the need to push back), though not perhaps an obvious one, so I mentioned it in order to help readers better understand exactly where they are putting their trust.

[datguyian]

Scam devs are sometimes even too dumb to pull off a scam. And believe it or not but some of them would even scam for a couple of dollars.

In this regard, of course everyone has a different appetite. Ranging from a couple of dollars to several million are now trading scammers. But many people do not want to learn to recognize scams, all want to just have a lot of money without doing anything.

Scamming several millions is risky as you need to do a lot of things that might leave a trail. Scamming for a few thousand dollars and do that again and again probably is "safe".