Bitcoin Forum
October 31, 2024, 12:57:39 PM *
News: Bitcoin Pumpkin Carving Contest
 
   Home   Help Search Login Register More  
Pages: « 1 ... 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 [698] 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 ... 2126 »
  Print  
Author Topic: [XMR] Monero - A secure, private, untraceable cryptocurrency  (Read 4670868 times)
illodin
Hero Member
*****
Offline Offline

Activity: 966
Merit: 1003


View Profile
September 18, 2014, 07:00:27 PM
 #13941

I have been thinking on the coin-killer posts and the more I read it the more I smell BS, there is nothing proving it is more than FUD, if people are dumping because of this they will be sorry soon.

You don't have to fully believe either option, if you think there's 10% chance it is true, the price should take 10% cut, right?
canonsburg
Full Member
***
Offline Offline

Activity: 133
Merit: 100


View Profile
September 18, 2014, 07:01:36 PM
 #13942

Someone needs to check the source code too but I believe the whitepaper's notation is screwed up.

The paper defines private key a and public Key A through the transformation A = a*G, where G is the Hash function.
So in this case, the multiplication step is to denote the hash mapping.

In the paper, it also defined the key image as I = x * Hp(P)

Now this seems like it is the multiplication of private key x with the hash to the public key P.

But I think this is actually I = x * Hp(P) = x*G2, where G2 like above is another hash function so this is just a hash of private key x using some deterministic hash function that is dependent on public key P (Hp(P)).
Odalv
Legendary
*
Offline Offline

Activity: 1414
Merit: 1000



View Profile
September 18, 2014, 07:16:12 PM
 #13943

I have been thinking on the coin-killer posts and the more I read it the more I smell BS, there is nothing proving it is more than FUD, if people are dumping because of this they will be sorry soon.

You don't have to fully believe either option, if you think there's 10% chance it is true, the price should take 10% cut, right?

I do not look at source. I'm only asking and study whitepaper (how it works). Maybe I'm wrong.
smooth
Legendary
*
Offline Offline

Activity: 2968
Merit: 1198



View Profile
September 18, 2014, 07:52:02 PM
 #13944

https://cryptonote.org/whitepaper.pdf
Quote
The signer picks a random secret key and computes the corresponding
public key P=xG. Additionally he computes another public key
I=xHp(P) which we will call the "key image"
...
Nobody can recover the public key from the key image and identify the signer

lol, but everybody can compute "key image" from public key and then identify the signer


Edit
if this mean I = x * Hp(P) then I can compute even x

x = I / Hp(P)
I is known  and I can compute all Hp(Px)

Simple answer. It is elliptic curve multiplication. The hash gives you a point. This isn't invertible, so no, you can't do I/H.



5w00p
Hero Member
*****
Offline Offline

Activity: 644
Merit: 502



View Profile
September 18, 2014, 07:57:49 PM
 #13945

I have been thinking on the coin-killer posts and the more I read it the more I smell BS, there is nothing proving it is more than FUD, if people are dumping because of this they will be sorry soon.

You don't have to fully believe either option, if you think there's 10% chance it is true, the price should take 10% cut, right?

No.

Your statement lacks sound reasoning.

'You' is who? I believe that you mean it in the universal sense, but there is no way to determine the ratio of truthiness vs falseyness that all XMR and cryptocurrency market members ascertain in relation to said 'coin-killer posts.'

Furthermore, price is not necessarily proportional to the 'chance it is true.'
fluffypony
Donator
Legendary
*
Offline Offline

Activity: 1274
Merit: 1060


GetMonero.org / MyMonero.com


View Profile WWW
September 18, 2014, 08:09:54 PM
 #13946

I'll apply Hp on all public keys (P is public key) in signature.
I know I, P, Hp(P) seems I can compute x

x = I / Hp(P)
 

Edit:
P is one of 6 public keys ... I'll try all

lol cryptography, how does it work?

https://www.certicom.com/index.php/52-the-elliptic-curve-discrete-logarithm-problem

Odalv
Legendary
*
Offline Offline

Activity: 1414
Merit: 1000



View Profile
September 18, 2014, 08:13:56 PM
 #13947

Someone needs to check the source code too but I believe the whitepaper's notation is screwed up.

The paper defines private key a and public Key A through the transformation A = a*G, where G is the Hash function.
So in this case, the multiplication step is to denote the hash mapping.

In the paper, it also defined the key image as I = x * Hp(P)

Now this seems like it is the multiplication of private key x with the hash to the public key P.

But I think this is actually I = x * Hp(P) = x*G2, where G2 like above is another hash function so this is just a hash of private key x using some deterministic hash function that is dependent on public key P (Hp(P)).

I think
  a) hash(P) -> I know pseudo-identity (worst case, same as Bitcoin)
  b) x*hash(P) ->  I know identity + x (worst case, ZERO)
  c) hash(x) -> Nobody can verify transaction  and "math" does not work (I can double spend)
  d) P*hash(x) -> I can double spend (I can cheat with hash(x))
  e) I do not know -> we will see
  f) Monero to the Moon

:-)
fluffypony
Donator
Legendary
*
Offline Offline

Activity: 1274
Merit: 1060


GetMonero.org / MyMonero.com


View Profile WWW
September 18, 2014, 08:21:27 PM
 #13948

Someone needs to check the source code too but I believe the whitepaper's notation is screwed up.

The paper defines private key a and public Key A through the transformation A = a*G, where G is the Hash function.
So in this case, the multiplication step is to denote the hash mapping.

In the paper, it also defined the key image as I = x * Hp(P)

Now this seems like it is the multiplication of private key x with the hash to the public key P.

But I think this is actually I = x * Hp(P) = x*G2, where G2 like above is another hash function so this is just a hash of private key x using some deterministic hash function that is dependent on public key P (Hp(P)).

I'll just quote from someone who knows way more math than I do -


sarang: The operation is actually repeated elliptic addition... and that addition is really a curve intersection and some other complicated shit
sarang: Multiplying an integer by an elliptic curve point is well-defined
sarang: the x*H(p) is not another hash
sarang: You convert the hash output H(p) to an elliptic point
sarang: and then do the integer-elliptic multiplication
sarang: so it's super important to identify what is an integer and what is an elliptic curve point
sarang: The notation is identical, as it would be in formal mathematics
sarang: They usually use lowercase for integers and uppercase for points
sarang: and always use the multiplication order integer*point
sarang: just as a matter of convention, that is
sarang: so anyone saying you can divide a point by an integer is wrong
sarang: elliptic curve crypto would be broken wide open if that were the case
sarang: Oh, and G is NOT a hash function. It's the elliptic base point
sarang: so A is also an elliptic point

Odalv
Legendary
*
Offline Offline

Activity: 1414
Merit: 1000



View Profile
September 18, 2014, 08:28:08 PM
 #13949

Someone needs to check the source code too but I believe the whitepaper's notation is screwed up.

The paper defines private key a and public Key A through the transformation A = a*G, where G is the Hash function.
So in this case, the multiplication step is to denote the hash mapping.

In the paper, it also defined the key image as I = x * Hp(P)

Now this seems like it is the multiplication of private key x with the hash to the public key P.

But I think this is actually I = x * Hp(P) = x*G2, where G2 like above is another hash function so this is just a hash of private key x using some deterministic hash function that is dependent on public key P (Hp(P)).

I'll just quote from someone who knows way more math than I do -


sarang: The operation is actually repeated elliptic addition... and that addition is really a curve intersection and some other complicated shit
sarang: Multiplying an integer by an elliptic curve point is well-defined
sarang: the x*H(p) is not another hash
sarang: You convert the hash output H(p) to an elliptic point
sarang: and then do the integer-elliptic multiplication
sarang: so it's super important to identify what is an integer and what is an elliptic curve point
sarang: The notation is identical, as it would be in formal mathematics
sarang: They usually use lowercase for integers and uppercase for points
sarang: and always use the multiplication order integer*point
sarang: just as a matter of convention, that is
sarang: so anyone saying you can divide a point by an integer is wrong
sarang: elliptic curve crypto would be broken wide open if that were the case
sarang: Oh, and G is NOT a hash function. It's the elliptic base point
sarang: so A is also an elliptic point


so what exact "I = x * Hp(P)" means ?
fluffypony
Donator
Legendary
*
Offline Offline

Activity: 1274
Merit: 1060


GetMonero.org / MyMonero.com


View Profile WWW
September 18, 2014, 08:35:35 PM
 #13950

so what exact "I = x * Hp(P)" means ?

https://www.certicom.com/index.php/52-the-elliptic-curve-discrete-logarithm-problem (and https://www.certicom.com/index.php/the-basics-of-ecc)

http://en.wikipedia.org/wiki/Elliptic_curve_point_multiplication

http://homepages.warwick.ac.uk/~masiao/maths/lecturenotes/ellipticnotes.pdf

http://tools.ietf.org/html/rfc6090

http://people.irisa.fr/Arnaud.Tisserand/docs/slides-semcairn09-ecc-4p.pdf

http://crypto.stackexchange.com/questions/653/basic-explanation-of-elliptic-curve-cryptography

http://arstechnica.com/security/2013/10/a-relatively-easy-to-understand-primer-on-elliptic-curve-cryptography/

http://www.ccs.neu.edu/home/riccardo/courses/cs6750-fa09/talks/Ellis-elliptic-curve-crypto.pdf

http://crypto.stackexchange.com/questions/3907/how-does-one-calculate-the-scalar-multiplication-on-elliptic-curves

Please go read up, and then if there are specific questions once you have come to a proper understanding of the notation used when expressing elliptic curve multiplication then feel free to ask.

Odalv
Legendary
*
Offline Offline

Activity: 1414
Merit: 1000



View Profile
September 18, 2014, 08:46:02 PM
 #13951


Thank you for posting. Seems you understand it well. Please use proper notation and tell me  what  "I = xHp(P)" means
smooth
Legendary
*
Offline Offline

Activity: 2968
Merit: 1198



View Profile
September 18, 2014, 08:49:19 PM
 #13952


I explained it earlier. It is elliptic curve multiplication between x (an integer) and Hp which is a point.
akula999
Hero Member
*****
Offline Offline

Activity: 509
Merit: 500


View Profile
September 18, 2014, 09:46:42 PM
 #13953

So much math... need to dummy it down a bit and read a Wolverine comic

Bitcoin: 1FzZehkiwfeeUmfmBrym8VvXX7gUj3miHe
XMR: 4AqrzGPfEKeZrVXyPDNXUrNeKZZGNYiXMDoY49PvdffKNTRg6xp2Qz74SZ72gT5F9HH8Vaic99ndRg6 UBGcVijaNStQjwwf
iCEBREAKER
Legendary
*
Offline Offline

Activity: 2156
Merit: 1072


Crypto is the separation of Power and State.


View Profile WWW
September 18, 2014, 10:00:51 PM
 #13954

Quote
I appreciate Anon136's argument against imposing a "post-mine" which would affect the emissions curve, as he says miners have the choice to stop mining if they dont like the change but investors have already bought in so changing the conditions is unfair. I still like the idea of a post-mine on the principle that the devteam have proved themselves worthy of a pre-mine which never happened, but I don't have a decent idea of how to create it Sad

BBR has a 1% dev tax, and I still consider it free as in FOSS.  VIA had a completely fair, transparent, and very successful presale of Block 1's 10% of total coins.

We should emulate both of these approaches, and combine them to make Monero a staggeringly well funded project with concomitant high resiliency/survivability characteristics...

I'm a Monero investor who has been hloding tight since it was at parity with Primecoin, and only traded on cryptonoteexchange.

Which is more unfair to me?
A) risking the near certainty of devs running out of enthusiasm/money for completion of our very ambitions goals (thus XMR being unable to grow and respond to emergencies), or,
B) changing the emission 'social contract' condition by a slight degree

I think the former is far more unfair, because it puts my entire investment at risk in entirely predictable and probably preventable ways, IE liquidity crises and stagnation.

The emission 'social contract' is not set in stone, EG the final emission rate is still undecided.

As in investor, I don't feel comfortable being a free rider by expecting the devs to work for free/cheap, or jointly subsidizing others' free rides by making piddly one time donations.

Yes, the devteam has proven themselves worth of a pre-mine which never happened.  Here is how to create it:

I call it the 'Two To TacoTime' plan.   Cool



-One-time Bootstrap Block 302612 (celebrating 100k anniversary of historic Battle of Troll Block)

-Bootstrap Block includes 1% of final coin total (184k XMR) moved from end of emission (years away) to SoonTM

-Bootstrap Block coins are bid for and distributed proportionately in the same trustless/transparent way as VIA's Block 1 presale (http://presale.viacoin.org/terms)

-Bootstrap Block is worth at least $300k dollars, enough to refactor codebase, integrate DB, complete I2P, create Official Wallet, and hire pros for meticulous security audits

-After the Bootstrap Block, all subsequent blocks (less transaction fees) pay 1% to dev fund

-Ongoing 1% mining tax provides for continued care and maintenance of the mature platform created by our Bootstrap Block


-New 'set in stone' rules/guarantees/commitments/social contract: no more Bootstrap Blocks ever no matter what, and mining devtax will never go over 1%

-dev fund is kept 50/50 in XMR/BTC multisig escrow.  Rebalancing may be done without notice, prior or otherwise

-dev fund expenditures must be authorized by at least 5 of the 9 (7 core team members + RPietila + Zoidberg)

-dev funds may only be used to pay for writing/auditing critical code, and may not be used to raise more funds or for marketing


██████████
█████████████████
██████████████████████
█████████████████████████
████████████████████████████
████
████████████████████████
█████
███████████████████████████
█████
███████████████████████████
██████
████████████████████████████
██████
████████████████████████████
██████
████████████████████████████
██████
███████████████████████████
██████
██████████████████████████
█████
███████████████████████████
█████████████
██████████████
████████████████████████████
█████████████████████████
██████████████████████
█████████████████
██████████

Monero
"The difference between bad and well-developed digital cash will determine
whether we have a dictatorship or a real democracy." 
David Chaum 1996
"Fungibility provides privacy as a side effect."  Adam Back 2014
Buy and sell XMR near you
P2P Exchange Network
Buy XMR with fiat
Is Dash a scam?
owlcatz
Legendary
*
Offline Offline

Activity: 3808
Merit: 1974


https://talkimg.com - Fck Imgur/BBwhatever


View Profile WWW
September 18, 2014, 10:08:48 PM
 #13955

Quote
I appreciate Anon136's argument against imposing a "post-mine" which would affect the emissions curve, as he says miners have the choice to stop mining if they dont like the change but investors have already bought in so changing the conditions is unfair. I still like the idea of a post-mine on the principle that the devteam have proved themselves worthy of a pre-mine which never happened, but I don't have a decent idea of how to create it Sad

BBR has a 1% dev tax, and I still consider it free as in FOSS.  VIA had a completely fair, transparent, and very successful presale of Block 1's 10% of total coins.

We should emulate both of these approaches, and combine them to make Monero a staggeringly well funded project with concomitant high resiliency/survivability characteristics...

I'm a Monero investor who has been hloding tight since it was at parity with Primecoin, and only traded on cryptonoteexchange.

Which is more unfair to me?
A) risking the near certainty of devs running out of enthusiasm/money for completion of our very ambitions goals (thus XMR being unable to grow and respond to emergencies), or,
B) changing the emission 'social contract' condition by a slight degree

I think the former is far more unfair, because it puts my entire investment at risk in entirely predictable and probably preventable ways, IE liquidity crises and stagnation.

The emission 'social contract' is not set in stone, EG the final emission rate is still undecided.

As in investor, I don't feel comfortable being a free rider by expecting the devs to work for free/cheap, or jointly subsidizing others' free rides by making piddly one time donations.

Yes, the devteam has proven themselves worth of a pre-mine which never happened.  Here is how to create it:

I call it the 'Two To TacoTime' plan.   Cool



-One-time Bootstrap Block 302612 (celebrating 100k anniversary of historic Battle of Troll Block)

-Bootstrap Block includes 1% of final coin total (184k XMR) moved from end of emission (years away) to SoonTM

-Bootstrap Block coins are bid for and distributed proportionately in the same trustless/transparent way as VIA's Block 1 presale (http://presale.viacoin.org/terms)

-Bootstrap Block is worth at least $300k dollars, enough to refactor codebase, integrate DB, complete I2P, create Official Wallet, and hire pros for meticulous security audits

-After the Bootstrap Block, all subsequent blocks (less transaction fees) pay 1% to dev fund

-Ongoing 1% mining tax provides for continued care and maintenance of the mature platform created by our Bootstrap Block


-New 'set in stone' rules/guarantees/commitments/social contract: no more Bootstrap Blocks ever no matter what, and mining devtax will never go over 1%

-dev fund is kept 50/50 in XMR/BTC multisig escrow.  Rebalancing may be done without notice, prior or otherwise

-dev fund expenditures must be authorized by at least 5 of the 9 (7 core team members + RPietila + Zoidberg)

-dev funds may only be used to pay for writing/auditing critical code, and may not be used to raise more funds or for marketing

This sounds pretty fair to me, but then again i'm not all that savvy on premines or how it may or may not affect current prices etc.

Sounds like the general consensus is that either way, something must be done, these guys can't work for free, or this whole project will just never happen... something has to give, somewhere....

Quote
As in investor, I don't feel comfortable being a free rider by expecting the devs to work for free/cheap, or jointly subsidizing others' free rides by making piddly one time donations.

I feel the same way here, thanks for posting your idea, even if it gets shot down by devs or whatever...        

.
I  C  Λ  R  U  S
██████████
██████▀▀▀██
████▀█████▀█
██████████
██████████
█████████████
░▄████
█████████████
███████████████████
███████████████████
████████░░░▀▀▀▀▀▀▀▀
████████▄▄▄████████
███████████████████
█████████████████▀
░░░██
▄▄▄█
█████
░░░██
░░░██
░░░██
░░░██
░░░
░░░
░░░
▄██████
█▌░▐██
███████▀
█████████████████████
██
███████████████████
██
███████████████████
██
████▀▀▀▀████▀▀█████
██
██░░▄▄░░██░░░█████
██
███▄▄██░░███░░█████
██
███▀▀▀▀░░▀██░░█████
██
██░░░░▄▄▄▄█▀░░▀████
██
██░░░░░░░░█░▀▀░████
██
███████████████████
██
███████████████████
██
███████████████████
█████████████████████
████
██
██
██
██

██
██
██
██
██
██
██
████
████
██
██
██
██

██
██
██
██
██
██
██
████
████
██
██
██
██

██
██
██
██
██
██
██
████
████
██









██
████
████
██









██
████
[/ce
rdnkjdi
Legendary
*
Offline Offline

Activity: 1256
Merit: 1009


View Profile
September 18, 2014, 10:19:04 PM
 #13956

Quote

BBR has a 1% dev tax, and I still consider it free as in FOSS.  VIA had a completely fair, transparent, and very successful presale of Block 1's 10% of total coins.

We should emulate both of these approaches, and combine them to make Monero a staggeringly well funded project with concomitant high resiliency/survivability characteristics...

I'm a Monero investor who has been hloding tight since it was at parity with Primecoin, and only traded on cryptonoteexchange.

Which is more unfair to me?
A) risking the near certainty of devs running out of enthusiasm/money for completion of our very ambitions goals (thus XMR being unable to grow and respond to emergencies), or,
B) changing the emission 'social contract' condition by a slight degree

I think the former is far more unfair, because it puts my entire investment at risk in entirely predictable and probably preventable ways, IE liquidity crises and stagnation.

The emission 'social contract' is not set in stone, EG the final emission rate is still undecided.

As in investor, I don't feel comfortable being a free rider by expecting the devs to work for free/cheap, or jointly subsidizing others' free rides by making piddly one time donations.

Yes, the devteam has proven themselves worth of a pre-mine which never happened.  Here is how to create it:

I call it the 'Two To TacoTime' plan.   Cool



-One-time Bootstrap Block 302612 (celebrating 100k anniversary of historic Battle of Troll Block)

-Bootstrap Block includes 1% of final coin total (184k XMR) moved from end of emission (years away) to SoonTM

-Bootstrap Block coins are bid for and distributed proportionately in the same trustless/transparent way as VIA's Block 1 presale (http://presale.viacoin.org/terms)

-Bootstrap Block is worth at least $300k dollars, enough to refactor codebase, integrate DB, complete I2P, create Official Wallet, and hire pros for meticulous security audits

-After the Bootstrap Block, all subsequent blocks (less transaction fees) pay 1% to dev fund

-Ongoing 1% mining tax provides for continued care and maintenance of the mature platform created by our Bootstrap Block


-New 'set in stone' rules/guarantees/commitments/social contract: no more Bootstrap Blocks ever no matter what, and mining devtax will never go over 1%

-dev fund is kept 50/50 in XMR/BTC multisig escrow.  Rebalancing may be done without notice, prior or otherwise

-dev fund expenditures must be authorized by at least 5 of the 9 (7 core team members + RPietila + Zoidberg)

-dev funds may only be used to pay for writing/auditing critical code, and may not be used to raise more funds or for marketing

This sounds pretty fair to me, but then again i'm not all that savvy on premines or how it may or may not affect current prices etc.

Sounds like the general consensus is that either way, something must be done, these guys can't work for free, or this whole project will just never happen... something has to give, somewhere....

Quote
As in investor, I don't feel comfortable being a free rider by expecting the devs to work for free/cheap, or jointly subsidizing others' free rides by making piddly one time donations.


I LOVE this idea.  And it does NOT change the social contract - it helps ensure it actually gets delivered by not allowing the coin to die.

I would spend Moneros voting pro this idea.  Rptellia, smooth, fluffypony, tacotime?  Somebody with clout please ...  Roll Eyes

1 - everyone pays the price (more supply - early inflation = everyone pays the price)
Ultros
Sr. Member
****
Offline Offline

Activity: 471
Merit: 250



View Profile
September 18, 2014, 10:30:15 PM
 #13957

I like the idea, but I'm sure there must be implications I can't encompass. Can't wait to see how the core-team react to it.
mmortal03
Legendary
*
Offline Offline

Activity: 1762
Merit: 1011


View Profile
September 18, 2014, 10:31:38 PM
 #13958

Quote

BBR has a 1% dev tax, and I still consider it free as in FOSS.  VIA had a completely fair, transparent, and very successful presale of Block 1's 10% of total coins.

We should emulate both of these approaches, and combine them to make Monero a staggeringly well funded project with concomitant high resiliency/survivability characteristics...

I'm a Monero investor who has been hloding tight since it was at parity with Primecoin, and only traded on cryptonoteexchange.

Which is more unfair to me?
A) risking the near certainty of devs running out of enthusiasm/money for completion of our very ambitions goals (thus XMR being unable to grow and respond to emergencies), or,
B) changing the emission 'social contract' condition by a slight degree

I think the former is far more unfair, because it puts my entire investment at risk in entirely predictable and probably preventable ways, IE liquidity crises and stagnation.

The emission 'social contract' is not set in stone, EG the final emission rate is still undecided.

As in investor, I don't feel comfortable being a free rider by expecting the devs to work for free/cheap, or jointly subsidizing others' free rides by making piddly one time donations.


I LOVE this idea.  And it does NOT change the social contract - it helps ensure it actually gets delivered by not allowing the coin to die.

I would spend Moneros voting pro this idea.  Rptellia, smooth, fluffypony, tacotime?  Somebody with clout please ...  Roll Eyes

1 - everyone pays the price (more supply - early inflation = everyone pays the price)

I think this is a false dilemma. There are other options that don't fiddle with the fundamentals of the coin that should be tried first.
smooth
Legendary
*
Offline Offline

Activity: 2968
Merit: 1198



View Profile
September 18, 2014, 10:41:56 PM
 #13959

I would spend Moneros voting pro this idea.  Rptellia, smooth, fluffypony, tacotime?  Somebody with clout please ...  Roll Eyes

I certainly think it is premature to make any kind of decision or even consider voting, etc., but the discussion is healthy and interesting. I 100% applaud the willingness to think big and break a few "rules" in crafting a proposal, whether or not it gets adopted. More of this please!

There are some things I really like about the idea. For example, compared to a premine or IPO, I very much like that it is happening after there has been some experience with the coin and team, rather than right at the start when it's all promises, no distribution or established market value, and no track record.

There are some things I think are quite strange and need further explanation and/or revision. I'm not even sure how much of this is sincere. Some of the biggest problems with the emission of the coin is the rewards going away too soon. Pulling from the tail end of the distribution makes that worse. Fund being 50/50 in BTC/XMR might be a bad idea to set in stone for all time, and would almost certainly be a bad idea to enforce quickly, because it would require dumping a ton of XMR (unless that were somehow built into the bidding). And CZ?!

I'm not a fan "everything must be set in stone because that is the social contract" model that comes out of Bitcoin's precedent. I think part of the whole idea of doing something that isn't Bitcoin is to try to improve on it, and especially not feel compelled to follow its precedent when it doesn't work for us (and arguably hasn't even worked for it). That is not just code, and especially not just anonymity, but also culture and process.

How about not quoting the whole thing (especially incorrectly) repeatedly though? It makes the thread very hard to read.
surae.noether
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
September 18, 2014, 11:02:10 PM
 #13960


The notation in the whitepaper and what you've seen here is proper notation. I = x*H_p(P) means x times H_p(P) where H_p is a hash function, H_p(P) is the hash function evaluated at a point, and * denotes elliptic curve multiplication which is NOT normal multiplication. Just like matrix multiplication is not the same as usual multiplication, elliptic curve multiplication takes place in a different manner than what you learned in, say, elementary algebra class. This is an abstract multiplicative notion, it is quite usual and proper to see it used this way.

For further reading, I would not begin necessarily with fluffypony's wall of links, but with Daepp and Gorkin's "Reading, Writing, and Proving" to learn a little bit about formal mathematics, and then maybe move onto Trappe and Washington's "Introduction to Cryptography." In that order. Be sure to try all the exercises in both books before asking any more questions.

Edit: I a word.
Pages: « 1 ... 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 [698] 699 700 701 702 703 704 705 706 707 708 709 710 711 712 713 714 715 716 717 718 719 720 721 722 723 724 725 726 727 728 729 730 731 732 733 734 735 736 737 738 739 740 741 742 743 744 745 746 747 748 ... 2126 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!