[ANN][BMR] Bitmonero - a new coin based on CryptoNote technology - LAUNCHED

[tacotime]

Since Cryptonote act like a decentralized mixing method, it only make transaction become harder to trace, not completely untraceable as OP claimed.

It's quite similar to Darkcoin which is self claimed to be anonymous currency, but privacy of both is not strong enough for people who crave for a comletely anonymous currency, like myself.

Cryptonote is cool but i think i'll wait till May/June for Zerocash realease.

CryptoNote has relatively good privacy for transmitting values throughout the network (ring signatures, stealth addressing) while not compromising things like being able to detect inflation over the network.  In ZeroCash, you can only prove that coins have been generated, not the amount that was generated, so any bugs within the system will go undetected.  This would have been a huge problem for Bitcoin, as there was a well known bug involving integer overflow that allowed you to generate 2 billion coins.

Note that zero knowledge proofs are used in the ring signature method by ByteCoin/BitMonero, too (see section 4.4 of the whitepaper).  Obfuscation of signature linkability is much more advanced than that used in DarkCoin, and you need to read the whitepaper to truly appreciate it.

CryptoNote also has support for multisig built in, despite the much more limited scripting language as compared to Bitcoin (see Section 6.3 of the CryptoNote 2.0 whitepaper).  This is important for the implementation of decentralized marketplaces like DarkMarket that use multisig to enable the blockchain to be an escrow.

[tacotime]

Well you can also still solo mine too. Got 4 blocks over the night

If the network continues to grow at the current rate, likely we will see an end to solo mining in a week or two.  However, we already have all the RPC functions we need to make pools, which is good news.

A P2Pool implementation for ByteCoin/BitMonero would be something wonderful, but likely very complicated.

[TTM]

Since Cryptonote act like a decentralized mixing method, it only make transaction become harder to trace, not completely untraceable as OP claimed.



It's quite similar to Darkcoin which is self claimed to be anonymous currency, but privacy of both is not strong enough for people who crave for a comletely anonymous currency, like myself.

Cryptonote is cool but i think i'll wait till May/June for Zerocash realease.

You completely left out ring signatures, and the public and private one-use keys in your understanding. Please re-read those sections of the source, and then re-explain yourself.

From Adam Back's twitter, a cryptographer who is closely involved with Bitcoin, he said that privacy of Zerocash is stronger but has downside: https://twitter.com/adam3us/status/453459268881379328

zerocash each payment could be ANY user (full anonymity set); cryptonote it could be from small chosen set

Since Cryptonote act like a decentralized mixing method, it only make transaction become harder to trace, not completely untraceable as OP claimed.

It's quite similar to Darkcoin which is self claimed to be anonymous currency, but privacy of both is not strong enough for people who crave for a comletely anonymous currency, like myself.

Cryptonote is cool but i think i'll wait till May/June for Zerocash realease.

CryptoNote has relatively good privacy for transmitting values throughout the network (ring signatures, stealth addressing) while not compromising things like being able to detect inflation over the network.  In ZeroCash, you can only prove that coins have been generated, not the amount that was generated, so any bugs within the system will go undetected.  This would have been a huge problem for Bitcoin, as there was a well known bug involving integer overflow that allowed you to generate 2 billion coins.

I think you were referring to Zerocoin which is proposed extension of Bitcoin. Zerocash is completely different from technical aspect and will be released as an altcoin, not related to Bitcoin. Still little to no information about Zerocash for now.a

[tacotime]

No, I am referring to ZeroCash.  There's actually a good deal of information out about it.

See these slides: https://www.youtube.com/watch?v=FXU65XsLiFk

[cocoakrispies]

From Adam Back's twitter, a cryptographer who is closely involved with Bitcoin, he said that privacy of Zerocash is stronger but has downside: https://twitter.com/adam3us/status/453459268881379328

zerocash each payment could be ANY user (full anonymity set); cryptonote it could be from small chosen set

If you link me one more link to citation to a single line response, our debate is over. I beg of you to learn how to form your own opinions and share them on facts brought in from linking to actual sources. One liners from twitter just don't do it for convincing people or winning debates.

There is no question as to which system is stronger anonymity-wise and I was not implying this. Our debate, is that of which system can be more successful, as you came here and said you will wait for the other coin. Of course, you are going to get a stronger anonymity set if you use every single person involved. But, there are significant downsides to this. For your reading pleasure:

[TTM]

From Adam Back's twitter, a cryptographer who is closely involved with Bitcoin, he said that privacy of Zerocash is stronger but has downside: https://twitter.com/adam3us/status/453459268881379328

zerocash each payment could be ANY user (full anonymity set); cryptonote it could be from small chosen set

If you link me one more link to citation to a single line response, our debate is over. I beg of you to learn how to form your own opinions and share them on facts brought in from linking to actual sources. One liners from twitter just don't do it for convincing people or winning debates.

There is no question as to which system is stronger anonymity-wise and I was not implying this. Our debate, is that of which system can be more successful, as you came here and said you will wait for the other coin. Of course, you are going to get a stronger anonymity set if you use every single person involved. But, there are significant downsides to this. For your reading pleasure:

Your information from that quote was outdated, Zerocash's proof size was reduced 98% to 288 bytes.

[cocoakrispies]

Your information from that quote was outdated, Zerocash's proof size was reduced 98% to 288 bytes.

Good, thanks for the correction. Can you address the other points?

Specifically:

1. How can ZeroCash scale to a massive user base? Will it be able to address the latency issue in transaction propagation, or will it be severely limited to a userbase that is finite -- or one with no capability to handle microtransactions?

and

2. Please address the last issue in the paragraph, where the entire system may be compromised.

[pandher]

Anyone wants to sell some monero? pm me

[TTM]

cocoakrispies, I did a Google search based on your quote, and found this thread on Cryptonote forum. In which Maurice Planck, a cryptographer of Cryptonote team already admitted that Zerocash is more advanced technology:
https://forum.cryptonote.org/viewtopic.php?f=2&t=18

This is the most advanced technology, I must admit. Yes, the quote above is from the analysis of the previous version of the protocol. To my knowledge, it's not 288, but 384 bytes, but anyway this is good news.

[twospirit]

is there going to be a pool like minergate?

[tacotime]

cocoakrispies, I did a Google search based on your quote, and found this thread on Cryptonote forum. In which Maurice Planck, a cryptographer of Cryptonote team already admitted that Zerocash is more advanced technology:
https://forum.cryptonote.org/viewtopic.php?f=2&t=18

This is the most advanced technology, I must admit. Yes, the quote above is from the analysis of the previous version of the protocol. To my knowledge, it's not 288, but 384 bytes, but anyway this is good news.

...yes, it's using cryptographic techniques whose security is uncertain and whose obscurity is completely intentional.  "Advanced" doesn't necessary mean "secure" or "fool proof" and if you watch the presentation Green gave he instructs the audience now to put too much money or faith into the initial implementation of the system.

I'm excited for ZeroCash, but in my own opinion I believe ByteCoin/forks are better suited for things like decentralized marketplaces and real-world applications.

[tacotime]

is there going to be a pool like minergate?

Eventually, yes.  Soloing still works, so there isn't a huge push yet to implement a pool.

[tacotime]

Anyone wants to sell some monero? pm me

We have an initial trading thread up here:
https://bitcointalk.org/index.php?topic=578192.new

[pozmu]

Since Cryptonote act like a decentralized mixing method, it only make transaction become harder to trace, not completely untraceable as OP claimed.



It's quite similar to Darkcoin which is self claimed to be anonymous currency, but privacy of both is not strong enough for people who crave for a comletely anonymous currency, like myself.

Cryptonote is cool but i think i'll wait till May/June for Zerocash realease.

When sending payment you can choose higher level of privacy if you want - it will result in larger transaction size.

[TTM]

cocoakrispies, I did a Google search based on your quote, and found this thread on Cryptonote forum. In which Maurice Planck, a cryptographer of Cryptonote team already admitted that Zerocash is more advanced technology:
https://forum.cryptonote.org/viewtopic.php?f=2&t=18

This is the most advanced technology, I must admit. Yes, the quote above is from the analysis of the previous version of the protocol. To my knowledge, it's not 288, but 384 bytes, but anyway this is good news.

...yes, it's using cryptographic techniques whose security is uncertain and whose obscurity is completely intentional.  "Advanced" doesn't necessary mean "secure" or "fool proof" and if you watch the presentation Green gave he instructs the audience now to put too much money or faith into the initial implementation of the system.

I'm excited for ZeroCash, but in my own opinion I believe ByteCoin/forks are better suited for things like decentralized marketplaces and real-world applications.

I agree that Zerocash base code is new and untested. But your concern about security can be said to whole cryptocurrency. Bitcoin once has an exploit allowing attacker to create infinite amount of coin.

[eizh]

Since Cryptonote act like a decentralized mixing method, it only make transaction become harder to trace, not completely untraceable as OP claimed.

It's quite similar to Darkcoin which is self claimed to be anonymous currency, but privacy of both is not strong enough for people who crave for a comletely anonymous currency, like myself.

Cryptonote is cool but i think i'll wait till May/June for Zerocash realease.

I never used the word untraceable. That's not what "unlinkable transactions" means -- it's more like automatically generating new public keys for every act of receiving payment. The ring signatures are a different feature.

Yes, zero-knowledge proofs have more anonymity but at the cost of:

• a completely blinded blockchain making it impossible to monitor the economy
• an RSA key to initiate the accumulator that has power over the network and must be trusted to be destroyed
• research-level cryptography that hasn't been subjected to vetting that can only come with usage and time

"It's new and shiny" is not a reason to trust your money with it -- it's a reason not to, in fact. I think decentralized mixing like this or DRK has better prospects than ZeroCash/ZeroCoin. While Green and his team are doing very good work, these are more like academic curiosities right now. Mixing gives robust 99% anonymity (that can be taken to 99.999... with cascaded mixing). By the way, knowing grad students and professors, I'm not holding my breath on a May release.

I agree that Zerocash base code is new and untested. But your concern about security can be said to whole cryptocurrency. Bitcoin once has an exploit allowing attacker to create infinite amount of coin.

Indeed, and with BTC we'd know immediately because we can see generation on the blockchain. A fix would be issued quickly. With Zero, it's game over. As the price decreases with supply flooding the market, maybe someone will eventually guess at it, but it can never actually be known.

[NoodleDoodle]

I can't help with anything else but I can donate 2000 BMR towards various projects relating to the coin. I hope it helps.

[smooth]

cocoakrispies, I did a Google search based on your quote, and found this thread on Cryptonote forum. In which Maurice Planck, a cryptographer of Cryptonote team already admitted that Zerocash is more advanced technology:
https://forum.cryptonote.org/viewtopic.php?f=2&t=18

This is the most advanced technology, I must admit. Yes, the quote above is from the analysis of the previous version of the protocol. To my knowledge, it's not 288, but 384 bytes, but anyway this is good news.

...yes, it's using cryptographic techniques whose security is uncertain and whose obscurity is completely intentional.  "Advanced" doesn't necessary mean "secure" or "fool proof" and if you watch the presentation Green gave he instructs the audience now to put too much money or faith into the initial implementation of the system.

I'm excited for ZeroCash, but in my own opinion I believe ByteCoin/forks are better suited for things like decentralized marketplaces and real-world applications.

There is a widely repeated maxim not to use any cryptography developed in the past 10 years for anything important. That being the case, ZC won't be ready for prime time until 2024.

[Johnny Mnemonic]

Last time I checked (and this may have changed), ZeroCash depends on a trusted party to generate a master key, which is utterly stupid and defeats the entire purpose of an anonymous currency.

[smooth]

Last time I checked (and this may have changed), ZeroCash depends on a trusted party to generate a master key, which is utterly stupid and defeats the entire purpose of an anonymous currency.

They were talking about a method where the secret gets generated in a distributed manner. I don't know if that got implemented.