[XMR] Monero - A secure, private, untraceable cryptocurrency

[smooth]

(github question still unanswered...)

Let's represent the full picture   .

https://github.com/monero-project/bitmonero/graphs/contributors

5 commits ..

As I said there are some missing. I don't know why.

smooth What's your current role then ?

First of all, let's understand the role of the core team. This is not our own pet coin. We didn't create it and don't misrepresent is as such. We are the essentially the board of directors of the project, supervising the ongoing development and maintenance as a community-focused open source project. Our primary role is to set the direction for the project, decide on priorities, etc.

We do some of the coding work ourselves, but much of that is done by community contributors (you are welcome to contribute for example) and occasionally paid freelancers under our direction. We also all provide direct financial support to the project to pay for cryptographers/academics professional fees, hosting, said freelancers, etc.

Personally, in addition to the my role on the core team as described above, I do a lot of testing and debugging (not only core code but I've also helped debug some pool issues and close some exploits), design and analysis, and a huge amount of community support (answering questions, such as yours, etc.).

[Joshuar]

Can someone explain whether Peter Todd's concerns from the Reddit post a few days ago are valid? What is the plan as far as mixins go?

I saw this thread before

https://bitcointalk.org/index.php?topic=768499.0

Hints there that the issue may be solvable/ed.

So if we had 1,000,000 people apart of this signature, you could never find out who voted or released/leaked info unless the other 999,999 admitted it wasn't them?

If you used the blinding scheme gmaxwell described above, all 1,000,000 could "admit" it wasn't them and nobody would be able to prove otherwise.

It's even stronger than that, isn't it? If the signer used gmaxwell's blinding scheme, than none of the 1,000,000 (including the actual signer) are capable of proving that they either did or didn't sign it (even if any of them wanted to), correct?

[smooth]

Can someone explain whether Peter Todd's concerns from the Reddit post a few days ago are valid? What is the plan as far as mixins go?

You have to first understand his concerns correctly. He said that you can decode mixes with the cooperation of the other mix members. How are you going to do that in practice? It an important concept to understanding in analyzing how mixes work, but it doesn't get you to anything like an exploit, deanonymizing, tracing, etc.

As far as our own analysis of mixing and plans for improvements you should review MRL-0001 and MRL-0004 at lab.getmonero.org.

[smooth]

Ironically he actually is trolling Drk/Dash right now lol https://bitcointalk.org/index.php?topic=421615.msg10866180#msg10866180

just nuts....

Irony dude.

Is there some Monaro-related topic you'd like to discuss here, or are you here just to post off-topic about who is or isn't posting on the darkcoin/dash thread?

[Brilliantrocket]

Can someone explain whether Peter Todd's concerns from the Reddit post a few days ago are valid? What is the plan as far as mixins go?

You have to first understand his concerns correctly. He said that you can decode mixes with the cooperation of the other mix members. How are you going to do that in practice? It an important concept to understanding in analyzing how mixes work, but it doesn't get you to anything like an exploit, deanonymizing, tracing, etc.

As far as our own analysis of mixing and plans for improvements you should review MRL-0001 and MRL-0004 at lab.getmonero.org.

Thanks

[aerbax]

Aren't most of Darkcoin's MasterNodes running on Amazon servers?

http://www.zdnet.com/article/amazon-dot-com-the-tech-master-of-secrecy/

[kazuki49]

Aren't most of Darkcoin's MasterNodes running on Amazon servers?

http://www.zdnet.com/article/amazon-dot-com-the-tech-master-of-secrecy/

nothing with 2nd-tier or 3rd-party can be trusted over the Internet, thats what Bitcoin & Monero is all about.

[dewdeded]

Can someone explain whether Peter Todd's concerns from the Reddit post a few days ago are valid? What is the plan as far as mixins go?

https://twitter.com/petertoddbtc/status/579092073875308545

[opennux]

I seriously doubt that he is really concerned, but if so then those papers are no good because they aren't independent.

If I was interested in some kind of attack like your puppets I would do it ..

Your puppets? Sorry I didn't follow that.

You probably not aware but I was mined your coin during the summer of 2014 with my farm and already hold some coins ..
I'll look over the documentation to see what are you already improved.

Ok then. We're certainly interested in your feedback on the reports. If you also are looking for code improvements and work in progress as opposed to review and analysis you should also check the extended github (the monero-project master and also the various developer and contributor forks).

The year-in-review thing might be helpful, though of course that only covers 2014

Smooth, are these all your Monero commits or are there more? https://github.com/iamsmooth/bitmonero/commits/master?author=iamsmooth

this guy really loves you smooth: https://twitter.com/BlockaFett/status/580102058365362177

Well, that's what he gets paid for.

[HinnomTX]

I really don't get this argument. 2300 * 5k = $11.5 million. Woopity friggin doo.

That's a naive calculation. If you want to enter the market now to run 2300 masternodes, you simply cannot obtain 2.3 million coins on the open market. The money required to obtain a sizable fraction of the masternode network is exponentially higher than $11.5 million.

And don't bring the black helicopters into this. By your same 'drop in the bucket' argument, unlimited hashing power can be bought and manufactured. Therefore, Bitcoin mining (or the mining of any other crypto) can be owned by a sufficiently determined nation state. Once they control what's written into the blockchain, it's curtains.

It's patently obvious from history that governments are not keen on relinquishing the power of the purse. I doubt they will build the hashes to pwn Bitcoin, so TPTB will just keep changing the laws to tame the public's interest.

[nzminer]

The only thing that DRK has that no other coin currently has is a cult following...
Nuff said.

[ArticMine]

Can someone explain whether Peter Todd's concerns from the Reddit post a few days ago are valid? What is the plan as far as mixins go?

The plan for mixins was discussed here: https://getmonero.org/2015/02/23/monero-missive-for-the-week-of-2015-02-23.html Could you provide a link to the Reddit post?

[Brilliantrocket]

Can someone explain whether Peter Todd's concerns from the Reddit post a few days ago are valid? What is the plan as far as mixins go?

The plan for mixins was discussed here: https://getmonero.org/2015/02/23/monero-missive-for-the-week-of-2015-02-23.html Could you provide a link to the Reddit post?

This is the one I was referring to http://www.reddit.com/r/Bitcoin/comments/2zrdxz/withdrawals_halted_as_stolen_evolution_coins_make/cplofn1

[generalizethis]

I really don't get this argument. 2300 * 5k = $11.5 million. Woopity friggin doo.

That's a naive calculation. If you want to enter the market now to run 2300 masternodes, you simply cannot obtain 2.3 million coins on the open market. The money required to obtain a sizable fraction of the masternode network is exponentially higher than $11.5 million.

And don't bring the black helicopters into this. By your same 'drop in the bucket' argument, unlimited hashing power can be bought and manufactured. Therefore, Bitcoin mining (or the mining of any other crypto) can be owned by a sufficiently determined nation state. Once they control what's written into the blockchain, it's curtains.

It's patently obvious from history that governments are not keen on relinquishing the power of the purse. I doubt they will build the hashes to pwn Bitcoin, so TPTB will just keep changing the laws to tame the public's interest.

LOL, why would you want to attack a public blockchain with permanent links? Bitcoin is good for surveillance.

*Also, pretty naive to think that governments would just buy nodes--intimidation, threats, ect, are all part of the bureaucratic arsenal. They got to Microsoft and other companies with billions in resources and you don't think they can get a node operator? The problem is having a system that has a human element, like masternode operators, that can leak information in the first place.

[ArticMine]

I really don't get this argument. 2300 * 5k = $11.5 million. Woopity friggin doo.

That's a naive calculation. If you want to enter the market now to run 2300 masternodes, you simply cannot obtain 2.3 million coins on the open market. The money required to obtain a sizable fraction of the masternode network is exponentially higher than $11.5 million.

And don't bring the black helicopters into this. By your same 'drop in the bucket' argument, unlimited hashing power can be bought and manufactured. Therefore, Bitcoin mining (or the mining of any other crypto) can be owned by a sufficiently determined nation state. Once they control what's written into the blockchain, it's curtains.

It's patently obvious from history that governments are not keen on relinquishing the power of the purse. I doubt they will build the hashes to pwn Bitcoin, so TPTB will just keep changing the laws to tame the public's interest.

You don't buy the Darkcoins you borrow them.

Edit: Hint: The Dashing pirateat40.

[smooth]

Reddit post about Adam Back's recent work to cut the (asymptotic) size of ring signatures in half:

http://www.reddit.com/r/Bitcoin/comments/301r4e/crypto_primitive_shorter_than_current_monero_ring/

[fluffypony]

Resources as in deep pockets. You have to buy a lot of DASH/DRK to secure a good percentage of the 2300 masternodes in operation (it's about $5k per masternode today), and you'll drive up the price almost surely. Then, while you attack the network as a nefarious masternode (presumably by analyzing traffic and exposing Dashsend mixes or perhaps trying to DDoS other masternodes to get more than your fair share of payments, etc.) you'll sacrifice your investment, if only for a while. To what end? Most likely, just to demonstrate a vulnerability. Since it's software that runs on a 2-tiered network, you'll just cripple the features provided by the second tier (Dashsend and Instant-X) while the Bitcoin-based blockchain keeps humming along. Meanwhile the developers fix the software and roll it out to the network, which typically reaches supermajority with the latest version within about 6 hours. Note that this has already happened a few times when masternode authentication and payment enforcement had some vulnerabilities that were corrected.  

So please, I relish the thought of someone doing this, because in the long run it will serve to harden the DASH network.  

The trick is not to sacrifice your investment.



So obviously you want to double your ROI, which means you have to take half of the MasterNodes out of commission. You don't want to take down all or even most of them, you just want the total number of MasterNodes reduces to 1000. So you do this through a variety of tactics:

1. Report US-based and/or US-owned MasterNodes to FinCEN, the FBI, and the SEC, assist them in shutting them down and seizing the coins held by their operators.

2. Repeatedly DDoS MasterNodes at a particular ISP / datacenter until they change their ToS to not allow MasterNodes.

3. Hack into a portion of the remaining MasterNodes and install a rootkit that watches for Darkcoin source code and modifies it when compiled (or just randomly crashes the daemon if they aren't compiling it themselves). This ensures that these daemons appear to be working to the operator, but they receive so few payments they may as well be offline.

This is all very surreptitious, because 1. looks like The Man has got it in for Darkcoin, 2. looks like the ISP is just being problematic, and 3. is mostly undetectable. You can keep doing this ad infinitum to keep half the MasterNodes offline, and nobody will realise what you're doing. It'll look like the sort of attacks the community expects to come, and they'll rationalise it for you by loudly claiming that 1000 MasterNodes is good enough.

At that stage, since you're earning so much you can begin to collude with a handful of other MasterNode holders to start attacking small blocks of the remaining 1000 MasterNodes, replacing them with nodes you control, so the number of MasterNodes doesn't drop below 1000. You can even setup sockpuppet accounts right now in preparation for this, so that there appears to be legitimacy to the ownership. Within a few years the entire MasterNode network can be controlled by a handful of operators who are profiteering from it. You can then relax on the beach whilst your paid staff reinforce propaganda that running a MasterNode is difficult and expensive, discouraging and attacking any new MN operators.

[smooth]

Within a few years the entire MasterNode network can be controlled by a handful of operators

How many operators are there now?

[fluffypony]

Within a few years the entire MasterNode network can be controlled by a handful of operators

How many operators are there now?

Unknown, this lists 2119 MasterNodes but there's no way to tell if someone owns multiple MNs.

[Its About Sharing]

And so (once again) centralization breeds corruption.
Very intersting Fluffpony, thx for sharing.

Better to lay all the possibilities out there and they are many...