[XMR] Monero - A secure, private, untraceable cryptocurrency

[Anon136]

At the same time, higher mixins, despite the increased privacy, look suspicious on their own. If everyone is using a mixin of 4, and someone decides to use a mixin of 200, they're kind of painting a target on their back.

You can avoid that by chaining multiple transactions (each with a "normal" mix factor such as 4) with appropriately selected time delays. After doing this you can even destroy the private keys for the intermediate outputs, a form of perfect forward secrecy.  Obviously this adds time, so may not be suitable for all use cases, but is another option, and is probably the most secure method overall.

Its even cheaper that way right? Because, say you are using mixin 3 and you do it 6 times, than you get 6^3 partners (216) but only 6*3 (18) in signature size rather than a signature size of 218 that you would get if you just used 1 transaction with a mixin of 218 instead. Am i thinking about this right?

*edit* if this is right than maybe the implication is that, when we need super security, we should be having our clients "tumble" coins in the background like darkcoin with low mixin on each transaction rather than using high mixin when we need to make the transaction. wouldnt that be funny.

[1715586215]

1715586215

[1715586215]

1715586215

[smooth]

At the same time, higher mixins, despite the increased privacy, look suspicious on their own. If everyone is using a mixin of 4, and someone decides to use a mixin of 200, they're kind of painting a target on their back.

You can avoid that by chaining multiple transactions (each with a "normal" mix factor such as 4) with appropriately selected time delays. After doing this you can even destroy the private keys for the intermediate outputs, a form of perfect forward secrecy.  Obviously this adds time, so may not be suitable for all use cases, but is another option, and is probably the most secure method overall.

Its even cheaper that way right? Because, say you are using mixin 3 and you do it 6 times, than you get 6^3 partners (216) but only 6*3 (18) in signature size rather than a signature size of 218 that you would get if you just used 1 transaction with a mixin of 218 instead. Am i thinking about this right?

Arguably. It depends how you characterize the anonymity set. You are paying an added cost for your own output-input pairs on each step relative to the number of truly foreign signers included, but from a third party tracing perspective it is similar to 3^6. However, this method is weak against someone who can spy on your network traffic and identify your transactions. Always tradeoffs...

*edit* if this is right than maybe the implication is that, when we need super security, we should be having our clients "tumble" coins in the background like darkcoin with low mixin on each transaction rather than using high mixin when we need to make the transaction. wouldnt that be funny.

A function like that is reasonable. One interpretation of ring signatures is to be able to mix your own coins without relying on a third party mixer or mixing coordinator, so various different ways of doing that mixing in a wallet (= client in monero-speak) are possible.

[Anon136]

At the same time, higher mixins, despite the increased privacy, look suspicious on their own. If everyone is using a mixin of 4, and someone decides to use a mixin of 200, they're kind of painting a target on their back.

You can avoid that by chaining multiple transactions (each with a "normal" mix factor such as 4) with appropriately selected time delays. After doing this you can even destroy the private keys for the intermediate outputs, a form of perfect forward secrecy.  Obviously this adds time, so may not be suitable for all use cases, but is another option, and is probably the most secure method overall.

Its even cheaper that way right? Because, say you are using mixin 3 and you do it 6 times, than you get 6^3 partners (216) but only 6*3 (18) in signature size rather than a signature size of 218 that you would get if you just used 1 transaction with a mixin of 218 instead. Am i thinking about this right?

Arguably. It depends how you characterize the anonymity set. You are paying an added cost for your own output-input pairs on each step relative to the number of truly foreign signers included, but from a third party tracing perspective it is similar to 3^6.

*edit* if this is right than maybe the implication is that, when we need super security, we should be having our clients "tumble" coins in the background like darkcoin with low mixin on each transaction rather than using high mixin when we need to make the transaction. wouldnt that be funny.

A function like that is reasonable. One interpretation of ring signatures is to be able to mix your own coins without relying on a third party mixer or mixing coordinator, so various different ways of doing that mixing in a wallet (= client in monero-speak) are possible.

ok so than another question. why do we technically need to wait for 6 blocks to do this process 6 times? cant you in theory set up the protocol in such a way for outputs from other transactions in the same block to be valid inputs to a transaction in that same block? of course if you were the only person who did this than it would give you away right away, but if everyone was doing it all the time, well maybe it could work. If it did work it would be effectively non linear signatures.

honestly i suspect it doesn't, it would limit the total number of available participants to the other people in that block rather than all participants in the networks history. less than ideal. additionally you would need to coordinate off blockchain with other people. but hey maybe its an interesting conversation. ive always been firmly of the opinion that bad ideas are still worth talking about so long as they are sufficiently interesting.

[smooth]

At the same time, higher mixins, despite the increased privacy, look suspicious on their own. If everyone is using a mixin of 4, and someone decides to use a mixin of 200, they're kind of painting a target on their back.

You can avoid that by chaining multiple transactions (each with a "normal" mix factor such as 4) with appropriately selected time delays. After doing this you can even destroy the private keys for the intermediate outputs, a form of perfect forward secrecy.  Obviously this adds time, so may not be suitable for all use cases, but is another option, and is probably the most secure method overall.

Its even cheaper that way right? Because, say you are using mixin 3 and you do it 6 times, than you get 6^3 partners (216) but only 6*3 (18) in signature size rather than a signature size of 218 that you would get if you just used 1 transaction with a mixin of 218 instead. Am i thinking about this right?

Arguably. It depends how you characterize the anonymity set. You are paying an added cost for your own output-input pairs on each step relative to the number of truly foreign signers included, but from a third party tracing perspective it is similar to 3^6.

*edit* if this is right than maybe the implication is that, when we need super security, we should be having our clients "tumble" coins in the background like darkcoin with low mixin on each transaction rather than using high mixin when we need to make the transaction. wouldnt that be funny.

A function like that is reasonable. One interpretation of ring signatures is to be able to mix your own coins without relying on a third party mixer or mixing coordinator, so various different ways of doing that mixing in a wallet (= client in monero-speak) are possible.

ok so than another question. why do we technically need to wait for 6 blocks to do this process 6 times? cant you in theory set up the protocol in such a way for outputs from other transactions in the same block to be valid inputs to a transaction in that same block? of course if you were the only person who did this than it would give you away right away, but if everyone was doing it all the time, well maybe it could work. If it did work it would be effectively non linear signatures.

honestly i suspect it doesn't, it would limit the total number of available participants to the other people in that block rather than all participants in the networks history. less than ideal. additionally you would need to coordinate off blockchain with other people. but hey maybe its an interesting conversion. ive always been firmly of the opinion that bad ideas are still worth talking about so long as they are sufficiently interesting.

You don't really have to wait six blocks. That is just a wallet function for your own convenience (especially because the wallet doesn't deal especially well with reorgs). It is perfectly legal in the protocol to spend an output that is newer, although there isn't really a way to spend outputs from the same block currently (you could spend outputs one block old though). That may change, in some upcoming hard fork, because dealing with spending of reorged outputs is quite ugly currently.

The main reason to wait is as you suggested you want your transactions to look like any other transactions, not a chain.

Also, see my edit about about chained transactions not being safe against a network-level observer. Should be fairly obvious why. In that case it reverts to being only as safe as the first transaction in the chain, with wasted overhead.

[GingerAle]

oda.krell is right about the "don't fight FUD with FUD because you shoot yourself in the foot" thing. This approach is counterproductive because it makes people turn against you and what you say, instinctively.

The FUD on this thread is irrelevant anyway, we'll keep copy-pasting standard courteous responses and calling out provable shills. The most important thing we as community can do in crises like this is help information flow INSIDE the community as friction-less as possible. For example, answering noob or "just woke up, what's up" questions with pertinent explanations, or spending some time on IRC explaining things as far as we know and always linking to the most recent official information.

What we do here is, like aminorex keeps hinting, not a zero-sum game. That's the stuff of pumps and dumps. We win if we manage to COOPERATE efficiently (even if we don't trust each other - that's the whole point of the Byzantine Generals problem).

wow. i was just reading the august/september attack thread era and came across this post. beautiful.

[aminorex]

oda.krell is right about the "don't fight FUD with FUD because you shoot yourself in the foot" thing. This approach is counterproductive because it makes people turn against you and what you say, instinctively.

The FUD on this thread is irrelevant anyway, we'll keep copy-pasting standard courteous responses and calling out provable shills. The most important thing we as community can do in crises like this is help information flow INSIDE the community as friction-less as possible. For example, answering noob or "just woke up, what's up" questions with pertinent explanations, or spending some time on IRC explaining things as far as we know and always linking to the most recent official information.

What we do here is, like aminorex keeps hinting, not a zero-sum game. That's the stuff of pumps and dumps. We win if we manage to COOPERATE efficiently (even if we don't trust each other - that's the whole point of the Byzantine Generals problem).

wow. i was just reading the august/september attack thread era and came across this post. beautiful.

xulescu is a shrewd person of good intentions.  I hope he's prospering in all dimensions.  He would have the skills to contribute strongly to the community in many respects, but as far as I can tell has found some more fit purpose for his time since December, at least.

[primer-]

Monero core dev pitching a shitcoin ? Interesting..

https://bitcointalk.org/index.php?topic=1005152.0

[papa_lazzarou]

Monero core dev pitching a shitcoin ? Interesting..

https://bitcointalk.org/index.php?topic=1005152.0

You might be needing one of these



For context:

I have received a suggestion from a community member to do a rebrand on AEON. Accordingly I have opened a new thread here: https://bitcointalk.org/index.php?topic=1005152.0

If you are interested in discussing the possible rebrand, including ideas for naming, fundraising, etc., please join the new thread.

I'm coordinating, but for this to move forward community members will need to take some initiative and contribute resources (could be time, money, etc.).

Please discuss

https://bitcointalk.org/index.php?topic=1005152.0

hey, Smooth,

Kind of curious about the implications of your commitment to this coin for the future development of XMR.

None directly. I just saw a nice simple coin with some people supporting it that wasn't even being updated for critical security flaws, and felt I could help out with that.

[papa_lazzarou]

Oh well, on to something truly interesting....

There's a new iteration of !

Nothing fancy really, as you have come to expect. The changes are mainly internal in preparation for the cooler stuff.

I was relying on Astrides' public node, if you remember. Not anymore. I have got my own node running and the block explorer is running from a database. You know what this means, right? Number crunching! Soon^tm.

Meanwhile there are a few things you might notice:
  - API examples have the right URL now (I guess nobody was using that because I got no complaints)
  - results are faster
  - mixin count was changed from chainradar to simplewallet like (meaning 0 mixing = 1 signer)
  - block and transaction sizes display correctly
  - and you can search by payment id:



I would be happy to get your feedback and suggestions!

[primer-]

None directly. I just saw a nice simple coin with some people supporting it that wasn't even being updated for critical security flaws, and felt I could help out with that.

None directly yet he hosts the 'most up to date' source code on his personal github account...

[smooth]

Monero core dev pitching a shitcoin ? Interesting..

https://bitcointalk.org/index.php?topic=1005152.0

I'm not pitching, I'm looking after (in the sense of some minimal coordination and patching the code with critical bug fixes) a community that was shit on by a scumbag developer who wanted a payoff when he abandoned the coin. Much like the scumbag developer who took a payoff from darkcoin/dash to abandon dashcoin. Not something that I like to see.

[primer-]

Monero core dev pitching a shitcoin ? Interesting..

https://bitcointalk.org/index.php?topic=1005152.0

I'm not pitching, I'm looking after (in the sense of some minimal coordination and patching the code with critical bug fixes) a community that was shit on by a scumbag developer who wanted a payoff when he abandoned the coin. Much like the scumbag developer who took a payoff from darkcoin/dash to abandon dash. Not something that I like to see.

Don't you have  your hands full developing the GUI/testing the DB / doing other monero stuff ?

[smooth]

Monero core dev pitching a shitcoin ? Interesting..

https://bitcointalk.org/index.php?topic=1005152.0

I'm not pitching, I'm looking after (in the sense of some minimal coordination and patching the code with critical bug fixes) a community that was shit on by a scumbag developer who wanted a payoff when he abandoned the coin. Much like the scumbag developer who took a payoff from darkcoin/dash to abandon dash. Not something that I like to see.

Don't you have  your hands full developing the GUI/testing the DB / doing other monero stuff ?

Well, maybe I would have more time for that if I weren't be harassed by obnoxious trolls.

[GTO911]

I'm not pitching, I'm looking after (in the sense of some minimal coordination and patching the code with critical bug fixes) a community that was shit on by a scumbag developer who wanted a payoff when he abandoned the coin. Much like the scumbag developer who took a payoff from darkcoin/dash to abandon dash. Not something that I like to see.

Shouldnt we just let it die?   Its better there community sells their coins and buy Moneroj

[smooth]

I'm not pitching, I'm looking after (in the sense of some minimal coordination and patching the code with critical bug fixes) a community that was shit on by a scumbag developer who wanted a payoff when he abandoned the coin. Much like the scumbag developer who took a payoff from darkcoin/dash to abandon dashcoin. Not something that I like to see.

Shouldnt we just let it die?  Its better there community sells their coins and buy Moneroj

I think it is better to give a positive impression and attract people that way (same with dashcoin by the way).

But as I said I'm coordinating, not doing a lot of work on it. If people from the community don't come forward and contribute, nothing will happen and it will die out.

[primer-]

I'm not pitching, I'm looking after (in the sense of some minimal coordination and patching the code with critical bug fixes) a community that was shit on by a scumbag developer who wanted a payoff when he abandoned the coin. Much like the scumbag developer who took a payoff from darkcoin/dash to abandon dash. Not something that I like to see.

Shouldnt we just let it die?   Its better there community sells their coins and buy Moneroj

No, that wont work, smooth holds a bag and needs to dump.

Let me tell you more, smooth actually holds very little monero, he sold most if not all when the coins got on mintpal.
Source : irc channel

"12:52 AM <smooth> Alit: i'll only say that 1. I sold a lot during the mintpal pump, and 2. I bought some at around 0.002 during the bcx scare"

"Some" vs "A lot" ...

[smooth]

I'm not pitching, I'm looking after (in the sense of some minimal coordination and patching the code with critical bug fixes) a community that was shit on by a scumbag developer who wanted a payoff when he abandoned the coin. Much like the scumbag developer who took a payoff from darkcoin/dash to abandon dash. Not something that I like to see.

Shouldnt we just let it die?   Its better there community sells their coins and buy Moneroj

No, that wont work, smooth holds a bag and needs to dump.

Let me tell you more, smooth actually holds very little monero, he sold most if not all when the coins got on mintpal.
Source : irc channel

"12:52 AM <smooth> Alit: i'll only say that 1. I sold a lot during the mintpal pump, and 2. I bought some at around 0.002 during the bcx scare"

"Some" vs "A lot" ...

1. Did not sell all.

2. "Some" = significant amount imo. Probably one of the biggest holders, though certainly not the biggest.

Nevertheless I have a lot more BTC than XMR and I'm not ashamed to say so. Holdings of other alts insignificant to both.

Keep on trollin' -- the thread wouldn't get bumped nearly as much without you primer-!

[fluffypony]

None directly. I just saw a nice simple coin with some people supporting it that wasn't even being updated for critical security flaws, and felt I could help out with that.

None directly yet he hosts the 'most up to date' source code on his personal github account...

I'm working on the Namecoin DNS seeder: https://github.com/fluffypony/namecoin-seeder

I've also forked Neocities and even submitted a PR: https://github.com/fluffypony/neocities

Our main focus is on Monero, but that often gives rise to peripheral and even unrelated projects, and that's ok.

[primer-]

None directly. I just saw a nice simple coin with some people supporting it that wasn't even being updated for critical security flaws, and felt I could help out with that.

None directly yet he hosts the 'most up to date' source code on his personal github account...

I'm working on the Namecoin DNS seeder: https://github.com/fluffypony/namecoin-seeder

I've also forked Neocities and even submitted a PR: https://github.com/fluffypony/neocities

Our main focus is on Monero, but that often gives rise to peripheral and even unrelated projects, and that's ok.

Enough said.  That explains why monero projects never get done.

[DaveyJones]

None directly. I just saw a nice simple coin with some people supporting it that wasn't even being updated for critical security flaws, and felt I could help out with that.

None directly yet he hosts the 'most up to date' source code on his personal github account...

I'm working on the Namecoin DNS seeder: https://github.com/fluffypony/namecoin-seeder

I've also forked Neocities and even submitted a PR: https://github.com/fluffypony/neocities

Our main focus is on Monero, but that often gives rise to peripheral and even unrelated projects, and that's ok.

Enough said.  That explains why monero projects never get done.

I´ve asked you before, and i will ask again... have you donated a very big amount of monero or are you willing to pay the devs a whole-year salary so they can work on monero? Otherwise i guess what they are doing in their free time is none of your business...