Kai Proctor
|
|
May 04, 2014, 02:10:35 AM |
|
@Simcom Every time you believe that you may have find a flaw with DarkSend but yet you don't seem to totally understand or know about the way it works. Take your time to read the thread, some of your questions and concerns have already been answered long ago.
|
|
|
|
Simcom
|
|
May 04, 2014, 02:18:21 AM |
|
...
I suspect you have deeper concerns for DarkSend than that and it's good you keep poking the thread so that we can get the best product available. Technological criticism is good. We've had discussions in the past where someone could say "oh DarkSend is broken" (that's when it had quite different specs) and the price would tank (ok it would drop, not tank), but we are somewhat past that point now due to more people understanding that something in development can actually "shapeshift" into new forms that deal with prior problems, before it solidifies as a final product. And even then it can (and will) be improved.
....
Well, I agree with your analysis. These are problems that Evan can and will solve it will just take time. I just need to relax and have faith that in the end we will think of all of the possible issues and that all will have viable solutions. Sometimes when I discover an issue with the logic and I can't immediately think of a solution I assume there is no solution - but after some time someone thinks of a solution. This happened in an earlier post, Evan thought of an ingenious solution (denominating change, sending to multiple addresses), which solved the problem that I presented. Requiring 1000 coins for a darksend of 101 had me in a similar panic. I actually think this issue will be easier to solve than the last issue, but it will require quite a lot of coding on evan's part (ie the masternodes will need to determine when the amount of complexity in the pool is sufficient to ensure anonymity is maintained, just starting the mixing after a certain # of inputs will not be sufficient). Combined with chaeplins idea I think we have something viable, still not perfect but viable. Oh that was not my idea. It's written on White paper. http://www.darkcoin.io/downloads/DarkcoinWhitepaper.pdfImproved Anonymity An anonymity enhancement to the generic CoinJoin implementation is added by only allowing inputs of the same size into the DarkSend pools. These sizes are referred to as “denominations” and are in powers of ten (for example, 1DRK, 10DRK, 100DRK, 1000DRK). This allows the inputs from all users to be virtually the same. Outputs per user must add up to the denomination size.
Users that send less money than the denomination size will use a second “change” output. These outputs are new addresses not connected to their identity. This implementation allows for amounts of any precision to be sent without a negative impact in the quality of anonymity. All users entering a DarkSend transaction pool have an equal chance of becoming the master node. All participant nodes know which node is the current master by way of an election algorithm. Master nodes also have a collateral transaction that is made out to the payment node, which can be cashed if they misbehave in any way.
In the case where a master node loses internet connection or is a bad actor, the collateral transaction of that node will be cashed and a slave node will be elected in it’s place. Due to the trustless nature of DarkSend, there is no risk of lost money from the master node being a bad actor as a slave node would be elected to replace the master node and the collateral would be forfeited to the network.
Actually it was your idea - Evan had intended a darksend of 101 coins to be combined with 899 coins from the sending wallet and submitted to the 1000 coin pool. The 899 coins would come back as change.
|
|
|
|
darkproton
|
|
May 04, 2014, 02:18:41 AM |
|
If you want to darksend 1.1 coins you need to have 10 coins in your wallet.
So back to my confession - when I discovered this issue I panicked a bit and sold 7,000 coins and tanked the market Sad.
Now for the good news, if anyone can come up with an ingenious solution to this problem I'll buy back all of these coins in an instant. Put your thinking caps on
As far as I know, the plan has been to populate the denomination pools with various sizes. It wasn't about just one pool - that's now, not the final. In any case, even if there is a practical limitation at some size, it could be solved with two deposits, no? I suspect you have deeper concerns for DarkSend than that and it's good you keep poking the thread so that we can get the best product available. Technological criticism is good. We've had discussions in the past where someone could say "oh DarkSend is broken" (that's when it had quite different specs) and the price would tank (ok it would drop, not tank), but we are somewhat past that point now due to more people understanding that something in development can actually "shapeshift" into new forms that deal with prior problems, before it solidifies as a final product. And even then it can (and will) be improved. I know you lack intelligent counter-arguments for some of the issues presented but this is not a cryptographic mailing list and the level of discussion is consequently not up to standard. The people that can intelligently and factually discuss these issues, in this thread, are perhaps numbered in the fingers of one hand. If there is one weakness I can say that it can present problems is that Evan is just one man. Given that the day has only 24 hours and he must do all the work alone, plus run a pool, answer pms, follow discussions or chats, or I don't know what else his tasklist entails, it will be that either the work will be delayed, or the work will go on schedule but not be top-notch in terms of quality refinement (=appearing "sloppy"), or a mix of these two depending the situation. I've heard/read some criticism (perceived as sloppiness or "not being a serious" coin), like the broken libs in the wallets, the versioning numbers on the beta/rc clients, the dgw requiring multiple versions to be ok, the tray icon of the xcoin, a complain about something that was unchanged from litecoin and worldcoin and that does some network fuckup between lite/world and dark networks and which needs a hard fork to fix, the issue of the problematic network sync for some wallets, the diff issue when the coin started etc etc. DarkSend operation has also been criticized until proposed solutions were discussed. One can stretch this line of reasoning and say "if there are so many problems with simple stuff, what guarantees that DarkSend will work 100% from the start?" and the answer will most probably be something like "it won't - it'll have to be patched/hardened/have some elements rewritten as it goes along". For a programmer the "ok this broke, we'll fix it with a patch" may be the most natural response, but when millions of USD are engaged then things start to get "bumpy" in the charts. Satoshi and others had the relative comfort of time to develop stuff because there was not so much economic pressure: The market wasn't mature and nobody cared. Here people have already put money and thus can panic or lose confidence or not engage due to some things appearing sketchy / problematic / sloppy, etc. Of course the speculative nature of the investment also determines the (low) price, for if we had an ironed out and 100% working / hardened tech, right now, the price wouldn't be low - so, in a sense, it balances out because it's already factored into the price. My personal stance on the issue is that I understand the limitations of having just one man to do the job but backing the coin is a given because it offers something significant in terms of technology which aims at an even more significant market segment that can be in the billions. I am a computer guy so I can understand the issues of coding but I can also understand the end-user or investor perspective of those who are less tolerant when a string of perceived glitches / failures can seem sketchy for the overall project, or when some questions or info presented cast shadows over the project. I am prepared for bumps (ups and downs) that may come up as a result of the situation but I am in for the long term, so these won't really affect me. For the shorter term, the bumps of ups and downs can be desirable because the volatility can present great trading opportunities but in the mid-term they must be reduced significantly so as to have a stable currency. In any case, it's always better to be actually backing something up that has some technology in it, rather than backing a shitcoin that offers nothing. I love this analysis. Couldn't say it any better myself. I don't really care if someone wants to unload their stash of dark. None of my business. However, if you are prone to panic twitchy squirrel like sells, then re-read this before you do something rash. More for your sake than that of the coin. All these panic dumps and what-not will barely be remembered.
|
|
|
|
Brilliantrocket
|
|
May 04, 2014, 02:21:27 AM |
|
I don't plan on liquidating my holdings over this, but I am certainly concerned.
|
|
|
|
Simcom
|
|
May 04, 2014, 02:22:37 AM |
|
@Simcom Every time you believe that you may have find a flaw with DarkSend but yet you don't seem to totally understand or know about the way it works. Take your time to read the thread, some of your questions and concerns have already been answered long ago.
LOL seriously? The last issue I raised ( https://bitcointalk.org/index.php?topic=421615.msg6459044#msg6459044) was so serious that Evan decided to devote an entire release (RC3) to fix it. I am just trying to help. :/
|
|
|
|
darkproton
|
|
May 04, 2014, 02:33:31 AM |
|
@Simcom Every time you believe that you may have find a flaw with DarkSend but yet you don't seem to totally understand or know about the way it works. Take your time to read the thread, some of your questions and concerns have already been answered long ago.
LOL seriously? The last issue I raised ( https://bitcointalk.org/index.php?topic=421615.msg6459044#msg6459044) was so serious that Evan decided to devote an entire release (RC3) to fix it. I am just trying to help. :/ I hope you do continue to help. I think your postings can be very constructive.
|
|
|
|
sharkbyte093
|
|
May 04, 2014, 03:07:10 AM |
|
OK, let me first state that technically some of this is over my head. I am not a cryptographer or even a programmer.
That being said, I was wondering about something. If it has been discussed previously please forgive me.
What if instead of darksend sending coins to the pool and then on to a singular final address, it sends coins to multiple addresses that are in the same wallet. What if these multiple addresses were contained within a master address, that had anywhere from 3-5 addresses contained within. Master addresses could be generated much like you would generate an address in most crypto wallets, except it would have multiple sub-addresses. So each time you generate a new master address, you get 3-5 new sub-addresses. The change from darksend transactions could then be sent back to the sender at multiple sub-addresses.
Now obviously the owner of the master address and subsequently the sub-addresses would have to be masked somehow. Could it then be encrypted?
Is this even possible? Just an idea. If it has been discussed before or is totally asinine I apologize.
|
|
|
|
reflexmk
|
|
May 04, 2014, 03:13:27 AM |
|
what do I have to change in my miner settings for p2p pool mining? 4x 280x dual-x 1070/1500/1.125v getting 2135 Kh/s each @550w total with -w 256 -I 13 -g 2 --lookup-gap 2 --thread-concurrency 8193 --gpu-fan 50 --shaders 2048 --gpu-powertune 20. Thanks
|
|
|
|
Kai Proctor
|
|
May 04, 2014, 03:20:02 AM |
|
@Simcom Every time you believe that you may have find a flaw with DarkSend but yet you don't seem to totally understand or know about the way it works. Take your time to read the thread, some of your questions and concerns have already been answered long ago.
LOL seriously? The last issue I raised ( https://bitcointalk.org/index.php?topic=421615.msg6459044#msg6459044) was so serious that Evan decided to devote an entire release (RC3) to fix it. I am just trying to help. :/ And you have a very alarmist way of presenting things. Just saying.
|
|
|
|
peteycamey
Legendary
Offline
Activity: 1185
Merit: 1021
|
|
May 04, 2014, 03:42:43 AM |
|
why the price went down so hard?
|
|
|
|
sharkbyte093
|
|
May 04, 2014, 03:49:28 AM |
|
why the price went down so hard?
Because it went up so hard. Gravity.
|
|
|
|
jakecrow
|
|
May 04, 2014, 03:49:57 AM |
|
why the price went down so hard?
Because it went up so hard. Gravity. Can't argue with that!
|
|
|
|
goodluck0319
|
|
May 04, 2014, 04:41:35 AM |
|
what is the best setting for 290 non x gpu?
I have xfx 290 non ref and 290 ref? xfx 290 non ref kept give me sick msg when I mine?
|
|
|
|
darkproton
|
|
May 04, 2014, 04:58:47 AM |
|
why the price went down so hard?
That's what she said. Or he. He said.
|
|
|
|
DieCommieScum
|
|
May 04, 2014, 05:06:07 AM |
|
what's the TL;DR for the issues being discussed?
|
|
|
|
Simcom
|
|
May 04, 2014, 05:20:18 AM Last edit: May 04, 2014, 05:57:50 AM by Simcom |
|
what's the TL;DR for the issues being discussed?
Darksend pools coins, but it requires more coins than you are sending to enter a pool. (eg want to darksend 121 coins, you need 1000 coins in your wallet so your coins can enter the 1000 coin pool, you get 879 coins back as change) Several good solutions have been proposed, but no perfect solution. I like chaeplin's idea: to send 121 coins, you need 130 in your wallet (not 1000). This breaks down into: 1 entry into the 100 coin pool, 3 entries into the 10 coin pool. sender receives 9 change coins. If routed through several cycles of darksend it would be hard to de-anonymize the transaction.
|
|
|
|
DieCommieScum
|
|
May 04, 2014, 05:30:56 AM |
|
what's the TL;DR for the issues being discussed?
Darksend pools coins, but it requires more coins than you are sending to enter a pool. (eg want to darksend 121 coins, you 1000 coins in your wallet so your coins can enter the 1000 coin pool, you get 879 coins back as change) Several good solutions have been proposed, but no perfect solution. I like chaeplin's idea: to send 121 coins, you need 130 in your wallet (not 1000). This breaks down into: 1 entry into the 100 coin pool, 3 entries into the 10 coin pool. sender receives 9 change coins. If routed through several cycles of darksend it would be hard to de-anonymize the transaction. Ah, yes. A 1000 to send 101 is kind of silly.... even if it was treated as a send of 100 and another of 10 with 9 change that'd be better. And maybe 100+3x10 for 121 with 9 change.
|
|
|
|
TanteStefana
Full Member
Offline
Activity: 280
Merit: 100
The Future Of Work
|
|
May 04, 2014, 05:32:26 AM |
|
I spent a fair amount of time thinking about the discussion with dime, humanitee, luigi1111, camosoul and others yesterday about the anonymity of Darksend. I suspected that the logic behind darksend as currently implemented was not sound, and I thought it would be best to determine how exactly darksend was working, and do an in-depth analysis of a mixing cycle and the transactions that follow mixing.
...
Best, Sim
Wow! This is great. About 400+ pages ago I talked about having a different kind of pool for change outputs only. Put in all of your change outputs and you'll get new fresh clean inputs of 10DRK. The client could automatically do this after each darksend, which would also get you new inputs for the next round. I'm currently embedded in patching stratum and p2pool to support the masternode payments, which is why I haven't been around. It takes a lot of work to make something so different from anything else out there, dare I say, revolutionary? I like the idea of an automatic restructuring of the change eduffield suggests here. I think it would be a nice easy simple clean way of dealing with change addresses. When mixed with other change addresses, to rebuild 10 coin blocks, nobody'd know where the change came from or went to. I'm sorry, Simcom, but I don't see where Evan cancelled or re-scheduled or did anything to the plans of RC3 from this? Anyway, I also wanted to say I think adding a blockchain node is an amazing idea! People could run them right from their wallet, and it'd be a way for everyone to participate in "Proof of Service" without feeling the need to hold large amounts of coin. I would guess that because more people would be able to provide this service, the payments wouldn't be that great, but it may well be worth it just to provide some storage space. We still have to be sure it's worth while for people to mine though! Mining makes the world go around (or in this case, makes the coin function!) There is only so much coin produced. The price of coin will really have to increase to make all this functional.... Not easy!
|
|
|
|
eizh
|
|
May 04, 2014, 05:34:37 AM |
|
what's the TL;DR for the issues being discussed?
To have good anonymity, the amount disappearing from the sender's address must have a low probability of being close to the intended payment. This is accomplished by low granularity. E.g. to spend anywhere from 100 to 1000 DRK, you must input 1000 DRK. This is obviously inconvenient because what if I want to send 115 DRK but only own 180 DRK? Providing more granularity either in the protocol itself or by manually doing multiple Darksends (e.g. 100 + 10 + 10) causes plausible deniability to plummet. Sure it may still be hard for a human to piece together a set of possible histories, but a computer could analyze millions of permutations per second and possibly give confident inferences of the sender-receiver mappings. I agree that this is a valid concern. Don't overestimate the degree of anonymity just because it quickly gets messy in your human head -- blockchain analysis by computers have produced impressive results for connecting BTC holdings to identities despite the complexity provided by a large user base. Temporal spreading of sends is a possible solution, though very inconvenient for users.
|
|
|
|
TanteStefana
Full Member
Offline
Activity: 280
Merit: 100
The Future Of Work
|
|
May 04, 2014, 05:37:35 AM |
|
what's the TL;DR for the issues being discussed?
Darksend pools coins, but it requires more coins than you are sending to enter a pool. (eg want to darksend 121 coins, you 1000 coins in your wallet so your coins can enter the 1000 coin pool, you get 879 coins back as change) Several good solutions have been proposed, but no perfect solution. I like chaeplin's idea: to send 121 coins, you need 130 in your wallet (not 1000). This breaks down into: 1 entry into the 100 coin pool, 3 entries into the 10 coin pool. sender receives 9 change coins. If routed through several cycles of darksend it would be hard to de-anonymize the transaction. Ah, yes. A 1000 to send 101 is kind of silly.... even if it was treated as a send of 100 and another of 10 with 9 change that'd be better. And maybe 100+3x10 for 121 with 9 change. I don't understand why all transactions can't be multiples of 10, except when 10 coins become worth so much money, that not many people would have so many coins. But even so, it doesn't matter as far as speed, however it'd make the blockchain a bit heavier-solved by blockchain proof of service. You can see Darkcoin is paving such new ground, it's light years ahead and won't be finished overnight.
|
|
|
|
|