[ANN][DASH] Dash (dash.org) | First Self-Funding Self-Governing Crypto Currency

[AnonyMint]

But aren't you also in your current design trusting the master node not to steal the collateral inputs?

The whitepaper has my proposed solution to that in the "Defending Against Attack" section: http://www.darkcoin.io/downloads/DarkcoinWhitepaper.pdf

Things have changed since then, so we'll have to come up with something else.

I don't see how that could have worked. The master node can simply lie about which collateral payments didn't fulfill all the stages. There is no way to know if the master node lied to other signatories. Did I misunderstand?

If collateral payments can be stolen, then this needs to be abandoned.

I am so sorry, but CoinJoin is a can of worms. I tried to tell you that weeks or months ago back on page 3xx of this thread.

Probably the only thing you can do is move master nodes to a reputation system. But this means you give your coin to the government. Reputation always ends up just like the power vacuum of democracy.

The entire point of Satoshi's brilliant PoW invention, is you don't have to trust any node. He solved the Byzantine General's problem.

[AnonyMint]

But aren't you also in your current design trusting the master node not to steal the collateral inputs?

The whitepaper has my proposed solution to that in the "Defending Against Attack" section: http://www.darkcoin.io/downloads/DarkcoinWhitepaper.pdf

Things have changed since then, so we'll have to come up with something else.

I don't see how that could have worked. The master node can simply lie about which collateral payments didn't fulfill all the stages. There is no way to know if the master node lied to other signatories. Did I misunderstand?

If collateral payments can be stolen, then this needs to be abandoned.

I am so sorry, but CoinJoin is a can of worms. I tried to tell you that weeks or months ago back on page 3xx of this thread.

Probably the only thing you can do is move master nodes to a reputation system. But this means you give your coin to the government. Reputation always ends up just like the power vacuum of democracy.

The entire point of Satoshi's brilliant PoW invention, is you don't have to trust any node. He solved the Byzantine General's problem.

I thought of another solution which I am sure you also thought of?

Charge a transaction fee to all inputs of the Darksend.

That may be the only possible solution that works. Anonymity won't be broken. And collateral can't be stolen.

Then Sybil attacking the master nodes won't have any effect because you no longer correlate collateral to the triple of IP, input and output. The collateral is removed from the design. You instead charge a tx fee to every input. Master node can't correlate to blind signed outputs.

And Sybil attacking the inputs will be very very costly.

The downside is of course Darksends are not free. Nothing in life is free.

Yeah I think this is your only realistic option.

Edit: but the master node can steal the tx fees. And then not include the input in the output signing. So scratch this idea.

See CoinJoin just doesn't work. I tried to tell everyone that, but they get all angry at me. Sorry.

[eduffield]

But aren't you also in your current design trusting the master node not to steal the collateral inputs?

The whitepaper has my proposed solution to that in the "Defending Against Attack" section: http://www.darkcoin.io/downloads/DarkcoinWhitepaper.pdf

Things have changed since then, so we'll have to come up with something else.

I don't see how that could have worked. The master node can simply lie about which collateral payments didn't fulfill all the stages. There is no way to know if the master node lied to other signatories. Did I misunderstand?

If collateral payments can be stolen, then this needs to be abandoned.

I am so sorry, but CoinJoin is a can of worms. I tried to tell you that weeks or months ago back on page 3xx of this thread.

Probably the only thing you can do is move master nodes to a reputation system. But this means you give your coin to the government. Reputation always ends up just like the power vacuum of democracy.

The entire point of Satoshi's brilliant PoW invention, is you don't have to trust any node. He solved the Byzantine General's problem.

You're misunderstanding the solution, cashing collateral payments is a multi-sig transaction. Imagine it's made out to the master node and the master-node before that one. What are the chances that you control both? Nearly zero.

[eduffield]

But aren't you also in your current design trusting the master node not to steal the collateral inputs?

The whitepaper has my proposed solution to that in the "Defending Against Attack" section: http://www.darkcoin.io/downloads/DarkcoinWhitepaper.pdf

Things have changed since then, so we'll have to come up with something else.

I don't see how that could have worked. The master node can simply lie about which collateral payments didn't fulfill all the stages. There is no way to know if the master node lied to other signatories. Did I misunderstand?

If collateral payments can be stolen, then this needs to be abandoned.

I am so sorry, but CoinJoin is a can of worms. I tried to tell you that weeks or months ago back on page 3xx of this thread.

Probably the only thing you can do is move master nodes to a reputation system. But this means you give your coin to the government. Reputation always ends up just like the power vacuum of democracy.

The entire point of Satoshi's brilliant PoW invention, is you don't have to trust any node. He solved the Byzantine General's problem.

I thought of another solution which I am sure you also thought of?

Charge a transaction fee to all inputs of the Darksend.

That may be the only possible solution that works. Anonymity won't be broken. And collateral can't be stolen.

Then Sybil attacking the master nodes won't have any effect because you no longer correlate collateral to the triple of IP, input and output. The collateral is removed from the design. You instead charge a tx fee to every input. Master node can't correlate to blind signed outputs.

And Sybil attacking the inputs will be very very costly.

The downside is of course Darksends are not free. Nothing in life is free.

Yeah I think this is your only realistic option.

Edit: but the master node can steal the tx fees. And then not include the input in the output signing. So scratch this idea.

See CoinJoin just doesn't work. I tried to tell everyone that, but they get all angry at me. Sorry.

DarkSend does charge a very small fee to use, which is fine. The fee goes to the miners.

"but the master node can steal the tx fees." That's impossible. Fees always go to miners.

[AnonyMint]

In case readers don't understand why the collateral payments can't be associated only with the inputs and not the outputs, it is because the outputs are blind signed. So if output signing fails, then there is no way for inputs to prove they signed the outputs in order to isolate the adversary(ies) who didn't.

So this is why output signing has to be correlated to inputs. This is what breaks the anonymity in terms of allowing Sybil attacks on master nodes (see my calculation example upthread).

Then apparently we also have the problem that collateral payments can be stolen by Sybil attacking master nodes (and miners/pools if the payments go to them), but still waiting to finish that discussion.

[AnonyMint]

But aren't you also in your current design trusting the master node not to steal the collateral inputs?

The whitepaper has my proposed solution to that in the "Defending Against Attack" section: http://www.darkcoin.io/downloads/DarkcoinWhitepaper.pdf

Things have changed since then, so we'll have to come up with something else.

I don't see how that could have worked. The master node can simply lie about which collateral payments didn't fulfill all the stages. There is no way to know if the master node lied to other signatories. Did I misunderstand?

If collateral payments can be stolen, then this needs to be abandoned.

I am so sorry, but CoinJoin is a can of worms. I tried to tell you that weeks or months ago back on page 3xx of this thread.

Probably the only thing you can do is move master nodes to a reputation system. But this means you give your coin to the government. Reputation always ends up just like the power vacuum of democracy.

The entire point of Satoshi's brilliant PoW invention, is you don't have to trust any node. He solved the Byzantine General's problem.

I thought of another solution which I am sure you also thought of?

Charge a transaction fee to all inputs of the Darksend.

That may be the only possible solution that works. Anonymity won't be broken. And collateral can't be stolen.

Then Sybil attacking the master nodes won't have any effect because you no longer correlate collateral to the triple of IP, input and output. The collateral is removed from the design. You instead charge a tx fee to every input. Master node can't correlate to blind signed outputs.

And Sybil attacking the inputs will be very very costly.

The downside is of course Darksends are not free. Nothing in life is free.

Yeah I think this is your only realistic option.

Edit: but the master node can steal the tx fees. And then not include the input in the output signing. So scratch this idea.

See CoinJoin just doesn't work. I tried to tell everyone that, but they get all angry at me. Sorry.

DarkSend does charge a very small fee to use, which is fine. The fee goes to the miners.

"but the master node can steal the tx fees." That's impossible. Fees always go to miners.

No I meant the collateral payments can be stolen, not the tx fees. Are you meaning to write that collateral payments always go to the miners, thus master nodes have no incentive to lie?

In either case, master nodes can lie and steal, they just make sure they also control miner(s) (or pools).

No one can prove the master node isn't being malicious to hurt the reputation of an innocent pool or miner. Thus you can't blame the pool or miner, so you won't know if the pool or miner is complicit.

Thus you can't stop theft.

[CHAOSiTEC]

[eltito]

WTF is going on here I go to Mexico for a week and...AnonyMint is helping.  

Shit let's just solve the Israel/Palestine problem, we seem to be on a roll here.

[eduffield]

No I meant the collateral payments can be stolen, not the tx fees. Are you meaning to write that collateral payments always go to the miners, thus master nodes have no incentive to lie?

No that's what you said earlier "Edit: but the master node can steal the tx fees. And then not include the input in the output signing. So scratch this idea."

We need to use specific terminology here. Tx fees are from the transaction and they go to the miners. Collateral payments are made out to the master nodes.

In either case, master nodes can lie and steal, they just make sure they also control miner(s) (or pools).

No one can prove the master node isn't being malicious to hurt the reputation of an innocent pool or miner.

Thus you can't stop theft.

You completely missed what I was saying. Collateral is multi-sig, requiring more than 1 party to lie. 99.999999999% they won't be the same party.

I'm getting tired, lets continue this another day.

[CHAOSiTEC]

But aren't you also in your current design trusting the master node not to steal the collateral inputs?

The whitepaper has my proposed solution to that in the "Defending Against Attack" section: http://www.darkcoin.io/downloads/DarkcoinWhitepaper.pdf

Things have changed since then, so we'll have to come up with something else.

I don't see how that could have worked. The master node can simply lie about which collateral payments didn't fulfill all the stages. There is no way to know if the master node lied to other signatories. Did I misunderstand?

If collateral payments can be stolen, then this needs to be abandoned.

I am so sorry, but CoinJoin is a can of worms. I tried to tell you that weeks or months ago back on page 3xx of this thread.

Probably the only thing you can do is move master nodes to a reputation system. But this means you give your coin to the government. Reputation always ends up just like the power vacuum of democracy.

The entire point of Satoshi's brilliant PoW invention, is you don't have to trust any node. He solved the Byzantine General's problem.

I thought of another solution which I am sure you also thought of?

Charge a transaction fee to all inputs of the Darksend.

That may be the only possible solution that works. Anonymity won't be broken. And collateral can't be stolen.

Then Sybil attacking the master nodes won't have any effect because you no longer correlate collateral to the triple of IP, input and output. The collateral is removed from the design. You instead charge a tx fee to every input. Master node can't correlate to blind signed outputs.

And Sybil attacking the inputs will be very very costly.

The downside is of course Darksends are not free. Nothing in life is free.

Yeah I think this is your only realistic option.

Edit: but the master node can steal the tx fees. And then not include the input in the output signing. So scratch this idea.

See CoinJoin just doesn't work. I tried to tell everyone that, but they get all angry at me. Sorry.

DarkSend does charge a very small fee to use, which is fine. The fee goes to the miners.

"but the master node can steal the tx fees." That's impossible. Fees always go to miners.

No I meant the collateral payments can be stolen, not the tx fees. Are you meaning to write that collateral payments always go to the miners, thus master nodes have no incentive to lie?

In either case, master nodes can lie and steal, they just make sure they also control miner(s) (or pools).

No one can prove the master node isn't being malicious to hurt the reputation of an innocent pool or miner.

Thus you can't stop theft.

ive been following this discussion , and i most say, the level of control you need to have over the network to use it for a practical sybil attack is unfeasable, my worst case scenario tells me max 10% could be controlled, now if you do run it through say 10 times, the chance of being unmasked is 10% and we are talking about several factors that have to happen..

you need the 10% to be on EVERY mixing stage - Very unlikely im not even going to try and calculate the chance

[peteycamey]

difficulty is too high.

even when it is absolutely not profitable for miners why so many people mine it?

[AnonyMint]

No I meant the collateral payments can be stolen, not the tx fees. Are you meaning to write that collateral payments always go to the miners, thus master nodes have no incentive to lie?

No that's what you said earlier "Edit: but the master node can steal the tx fees. And then not include the input in the output signing. So scratch this idea."

We need to use specific terminology here. Tx fees are from the transaction and they go to the miners. Collateral payments are made out to the master nodes.

In either case, master nodes can lie and steal, they just make sure they also control miner(s) (or pools).

No one can prove the master node isn't being malicious to hurt the reputation of an innocent pool or miner.

Thus you can't stop theft.

You completely missed what I was saying. Collateral is multi-sig, requiring more than 1 party to lie. 99.999999999% they won't be the same party.

I'm getting tired, lets continue this another day.

As far as I can fathom, multisig doesn't protect you because master node can just lie and say none signed. How will the other signatories know if the master node is telling truth or not?

However, I have a partial solution for this. Send the collateral payment to the ether. Then master node loses some incentive. But still the master node might lie just to harm the coin and the owners of those collateral.

I guess the inputs can forward their communications to other signatories too?

In that case, your anonymity is more broken because more nodes would see the triplet of IP, input, and output on each Darksend. Thus the percent of master nodes needed to lower anonymity would be proportionally less (e.g. if 5 signatories, then need only 1/5 as many master nodes to be adversaries).

[AnonyMint]

ive been following this discussion , and i most say, the level of control you need to have over the network to use it for a practical sybil attack is unfeasable, my worst case scenario tells me max 10% could be controlled, now if you do run it through say 10 times, the chance of being unmasked is 10% and we are talking about several factors that have to happen..

you need the 10% to be on EVERY mixing stage - Very unlikely im not even going to try and calculate the chance

Your calculation is inaccurate. See my calculation example upthread. There are many factors in play.

Also I can't see any way to have multisignatories without worsening the anonymity proportionally per my immediately prior post.

We need to wait until the developer hashes out more of the details so we can get the entire picture and calculation.

It is not as simplistic as you are thinking.

[CHAOSiTEC]

ive been following this discussion , and i most say, the level of control you need to have over the network to use it for a practical sybil attack is unfeasable, my worst case scenario tells me max 10% could be controlled, now if you do run it through say 10 times, the chance of being unmasked is 10% and we are talking about several factors that have to happen..

you need the 10% to be on EVERY mixing stage - Very unlikely im not even going to try and calculate the chance

Your calculation is inaccurate. See my calculation example upthread. There are many factors in play.

Also I can't see any way to have multisignatories without worsening the anonymity proportionally per my immediately prior post.

We need to wait until the developer hashes out more of the details so we can get the entire picture and calculation.

It is not as simplistic as you are thinking.

actually, my calculations are correct,

and if your doing a 10 stage mixing, the possibilty of being unmasked is going to be small at best, because for your scenario you need to have all the 10% of bad node on every mixing stage, that is not possible, when you take into account that no master is fixed, but selected more or less randomly

[eltito]

ive been following this discussion , and i most say, the level of control you need to have over the network to use it for a practical sybil attack is unfeasable, my worst case scenario tells me max 10% could be controlled, now if you do run it through say 10 times, the chance of being unmasked is 10% and we are talking about several factors that have to happen..

you need the 10% to be on EVERY mixing stage - Very unlikely im not even going to try and calculate the chance

Just trying to keep up with the concepts here...

If a tx is compromised on stage 1, for example, is it compromised through all of the following stages as well (assuming it doesn't pass through any more sybil nodes)?

Can the final input, output and IP be compromised at each mixing stage?  If so, how do multiple stages help at all?

Once a sender is compromised, how are they tracked in the future?  IP?  Wallet address?  Some other way?

[child_harold]

ive been following this discussion , and i most say, the level of control you need to have over the network to use it for a practical sybil attack is unfeasable, my worst case scenario tells me max 10% could be controlled, now if you do run it through say 10 times, the chance of being unmasked is 10% and we are talking about several factors that have to happen..

you need the 10% to be on EVERY mixing stage - Very unlikely im not even going to try and calculate the chance

Your calculation is inaccurate. See my calculation example upthread. There are many factors in play.

Also I can't see any way to have multisignatories without worsening the anonymity proportionally per my immediately prior post.

We need to wait until the developer hashes out more of the details so we can get the entire picture and calculation.

It is not as simplistic as you are thinking.

@ AnonyMint - will u invest in DRK?

[eduffield]

No I meant the collateral payments can be stolen, not the tx fees. Are you meaning to write that collateral payments always go to the miners, thus master nodes have no incentive to lie?

No that's what you said earlier "Edit: but the master node can steal the tx fees. And then not include the input in the output signing. So scratch this idea."

We need to use specific terminology here. Tx fees are from the transaction and they go to the miners. Collateral payments are made out to the master nodes.

In either case, master nodes can lie and steal, they just make sure they also control miner(s) (or pools).

No one can prove the master node isn't being malicious to hurt the reputation of an innocent pool or miner.

Thus you can't stop theft.

You completely missed what I was saying. Collateral is multi-sig, requiring more than 1 party to lie. 99.999999999% they won't be the same party.

I'm getting tired, lets continue this another day.

As far as I can fathom, multisig doesn't protect you because master node can just lie and say none signed. How will the other signatories know if the master node is telling truth or not?

However, I have a partial solution for this. Send the collateral payment to the ether. Then master node loses some incentive. But still the master node might lie just to harm the coin and the owners of those collateral.

I guess the inputs can forward their communications to other signatories too?

In that case, your anonymity is more broken because more nodes would see the triplet of IP, input, and output on each Darksend. Thus the percent of master nodes needed to lower anonymity would be proportionally less (e.g. if 5 signatories, then need only 1/5 as many master nodes to be adversaries).

There's an even simpler solution.

User A: You
MasterNode A: The previous master node
MasterNode B: This rounds master node

User A makes the collater payment out to the Master A but sends it to Master B along with the input/out1/out2.

Master B can cash it, but it doesn't benefit him at all.

That solution doesn't decrease the anonymity, but complete destroys the incentives to cheat.

[smns]

1.04K diff

[coins101]

OK. My breakaway faction of 1 is not technically a faction. It's more like a lone loon. 

With great regret, I have decided to cancel the DarkDogeCoin.  Much sad. No $$. Fall from the moon.

https://bitcointalk.org/index.php?topic=553006.msg6018117#msg6018117

[CryptoGretzky]

"Fix" ? I've been mining with my R9 290s for months without issue. What exactly is it fixing?

We were about 20 to have problem with R9 290: the cards launch and mine at é.5Mh rate, but after 10 minutes a drop happened and the cards keep on mining at 2.3M.
A 0.2Mh/s drop happened on all cards from various brands and bios, all kind of OS and .conf file, all models are 290.
Srtrangely few people did not experiment this bug. May be you're one of them.

It's not a bug.
What you do

Code:

export DISPLAY=:0
xset s off
xset -dpms
xset s noblank

is dmps off and screensaver off.

I guess if you would have came up with the solution to this non-bug (issue), you could have claimed the bounty....  

Ya, hindsight is always 20/20 and easy....

ps.  It's dpms, not dmps