rpietila Altcoin Observer

[lebing]

Thanks Celestio and Sharing, both good posts. 

I am a complete noob when it comes to alt coins.

Does anyone have a link to a thread which discusses the difference in hashing types - their advantages and disadvantages? I cant seem to get my head around which are better and why.

Also, where is everyone holding their alt coins? Do you just trust them on the exchanges you buy them on? Or if mining does one typically leave it all on a computer? I am guessing its not so easy to make paper wallets for alt coins...

[Its About Sharing]

I wasn't implying (or even thinking) of XMR or the like overtaking BTC. I think that is near impossible barring a catastrophic failure.

But catastrophe is not intrinsically unlikely.  A fungibility catastrophe seems almost inevitable, although, it does depend on the political decisions of prosecutors.

Will this fungibility issue be world wide or rather US Based?
Will they be able to get at the code?

There are a lot of things to consider here.

For sure Wall St. wants them some Bitcoin. Perhaps as a hedge against the dollar, to hide money and not to mention just for all round profit.
If fungibility issues arise, I imagine it will be from regulators but I think we are years from that right now.
A lot can happen between now and then, and as I've said elsewhere, the event horizon of this technology is VERY short.
What is to come is probably going to knock our socks off. There is a cumulative affect of disruption that is upon us, though just starting, and
it is going to shock the system. It will be difficult when it really gets going for governments to do a whole lot, but
it depends on if they get their one world government in time and barring a huge event (another 911) I don't see it happening.
Plan on governments losing much more power and corporations gaining more (heck, I think that is actually their plan, sure looks like it.)
But greater hearts and more intelligent minds will probably prevail.

Spreading the peace,
IAS

[drawingthesun]

This post of Alex's ended up here so I am replying here, not in the dark thread...

a) Who made Monero and why? What was their vision?

The vision was to bring CryptoNote to the masses without the two year ninja mine.

b) What had the Monero team done for privacy, before copying the Bytecoin code?

The main focus at the moment is to make the software usable. At the moment the memory usage, transaction dust and blockchain size must be focused on. At the moment CryptoNote is private enough. They will work on adding I2P at some point, but core usability is the focus right now.

Alex, they are not going to add fluff to pump and dump, this isn't dark. The anonymity in CryptoNote is working as it should, it doesn't need more features for features sake.

c) Are they really interested in anonymity, or did they try to cash out in the wake of DRK? Why did they make an anonymous coin in May - when DRK was already making a splash? If they were really interested in anonymity, why not earlier?

Actually the timing is a reaction to the public release of Bytecoin, not Dark.

d) Can Monero scale?

At the moment the aim is to get the Monero blockchain scaling at a linear function to Bitcoin. I personally think that an anonymous chain can be about five times larger. The extra size is worth the anonymity, just like Bitcoin requires several million times the space on your PC as mastercard requires, the extra function of bitcoin makes it worth it. The same goes for monero. If the monero chain can scale in a linear fashion albertly being larger we'll be fine.

We're talking about real anonymity here, the chain is going to be larger.

e) Is Monero's PoW futureproof, for providing almost 90% of its coins in just 4 years? Why would someone invest in such a curve?

Actually it's not 90% Monero will have an immortal coin release, coins will never stop being minted.

I argue we need a release of about 1% a year, some others think a lower amount. This discussion is ongoing and not set in stone.

f) Why would I put my money on something with 2% daily inflation? As a currency, does it fulfill one of the basic criteria - that being an adequate store of value?

No currency in it's first few years will be a good store of value, so many uncertainties. Even Bitcoin is not a good store of value at the moment. There has been no evidence of a nation state trying to attack Bitcoin, so we are in the dark as to how secure crypto currencies really are.

Alex, if you're truly looking for store of value, diversify into bonds, property and gold.

Cryptocurrencies will one day be a good store of value, but it's too early days to call it case closed. You make it sound like one crypto offers store of value whilst another doesn't.

g) What is the cost to render the blockchain DOA for someone who wants to kill Monero, in terms of Bitcoins? Can a kid, a hacker, a government spend 10 BTCs and make the blockchain so bloated that it doesn't even load the wallet - killing my multi-million investment?

Monero is still very experimental, so don't buy if you're afraid to lose it. I haven't seen 10 bitcoins destroy monero yet, let someone try, 10 bitcoin isn't a lot.

At the moment many Governments could easily take down bitcoin, let alone monero or darkcoin.

Also by the time it's commonplace to have a multi million dollar investment in Monero, many bugs and attack vectors will be ironed out.

h) Is Monero anonymous in itself, or does it also need IP obfuscation to achieve anonymity? If it is the later, how exactly is it so anonymous, and how can you vouch for the IP obfuscation network that it will be using? Is there an IP obfuscation network that is 100% reliable for anonymity purposes? As far as I am aware, there is none.

Monero makes the transactions from the perspective of a third party doing blockchain analysis anonymous.

However at the moment IP sniffing could render some information leakage for analysis of real time transactions. That is why using TOR like with Dark and Bitcoin is advised for now.

i) Why should I pick Monero instead of Boolberry? The specs of Boolberry are superior and the dev is seemingly doing more work on his own than the Monero devs. Remember I am a buyer and I don't care about who mines what so I don't care about CPU and GPU miners.

The specifications are superior? How so?

k) What happens if the Bytecoin guys (who made the code) discover a flaw, patch it in their own coin and then kill the clones by exploiting the flaw? If they are really underground hackers that hate the Monero copycats, isn't that a real possibility?

It might be, who knows. I heard the team split up, who knows how good the leftovers are?

l) What is the advancement potential given that Monero is a clone and Bytecoin is the original?

The monero team have identified many areas that need improvement and are working on them, as the monero project goes forward, one can hope more people will join the core team as more people get skin in the game.

As far as I can tell the team are working on many issues and I have confidence in what they are doing. I don't have confidence in the Bytecoin team due to their deceptive past.

m) What assurances do I have that the codebase is solid? For all I know it's totally untested in public use, being public for 2 or 3 months. Even the boolberry dev openly declares it to be untested.

Normally with white papers and code, you look into it yourself, if you can't then perhaps leave of investing for a few years.

Did you invest in Dark just because of "assurances"?

n) Is it usable by average joe?
o) Is it usable by companies and businesses?

Right now no, no and no. Although please don't forget that even Bitcoin is a pain to use by average people. In fact average people can barely get a printer to work.

[rpietila]

[XMR usable by an average person] Right now no, no and no. Although please don't forget that even Bitcoin is a pain to use by average people. In fact average people can barely get a printer to work.

It required over an hour by my skilled friend to get the printer to work. I can use BTC quite fine. XMR not so.

The printer has not become any easier over the years. Hopefully crypto will...

[JorgeStolfi]

Will this fungibility issue be world wide or rather US Based?
Will they be able to get at the code?

If bitcoin use becomes more widespread (and is not banned outright), I imagine that the police authorities (FBI, CIA, and their brethren in other countries, Interpol, etc.) will create public databases of "bad" coins, which in their view are associated with tax evasion, crime, terrorism, unfriendly governments, etc.  Citizens of a country would be required to look up any bitcoins they receive in their government's database, and immediately transfer any "bad" coins to a government account, under pain of being suspected accessories to those crimes.  All outputs of any transaction with any "bad" input will presumably be "bad" by definition. 

Such a database, even if it worked only imperfectly, would pretty much end fungibility.  There will be "clean bitcoins", "child porn bitcoins", "drug bitcoins", "Iran Guard bitcoins", "Israeli bitcoins", "Ross Ullbricht's bitcoins", "Wikileaks supporters' bitcoins", and so on.  In particular, that database would allow governments to block bitcoin funds, for practical purposes, and virtually seize them, even if they don't have access to the keys.  If certain bitcoins are officially declared government property, moving them or knowingly accepting them without their permission would be theft of government property.

Note that this schema is viable with bitcoin, which assumes online internet access at every transaction; but not with cash, since it would be impractical to require the database check for every cash transaction.  Note also that the schema does not require control of the bitcoin network or changes to the protocol, and transactions with "bad" coins can be monitored by any government no matter where the parties are located in the world.
[/quote]

[statdude]

Trollbox Polo:

"TrueCryptonaire: But also btc can go to up to 7k by the end of this year if I have read rpietila correct.
TrueCryptonaire: I wonder if rpietila is reading as we are talking about him here.
rpietila: TrueCryptonaire, Nobody can escape me.
TrueCryptonaire: rpietila, lol"

[Quanttek]

The vision was to bring CryptoNote to the masses without the two year ninja mine.

Also I'd like to add, that monero was originally made by tft, who has some relationshop with the BCN devs (they probably wanted to control the market of forks), who then stopped working with the community

Alex, they are not going to add fluff to pump and dump, this isn't dark. The anonymity in CryptoNote is working as it should, it doesn't need more features for features sake.

And the anonymity isn't flawed like CoinJoin's one (which is essentially the tech of drk, even if eddufield don't want to credit gmaxwell)

At the moment the aim is to get the Monero blockchain scaling at a linear function to Bitcoin. I personally think that an anonymous chain can be about five times larger. The extra size is worth the anonymity, just like Bitcoin requires several million times the space on your PC as mastercard requires, the extra function of bitcoin makes it worth it. The same goes for monero. If the monero chain can scale in a linear fashion albertly being larger we'll be fine.

We're talking about real anonymity here, the chain is going to be larger.

And we shouldn't forget, that through CoinJoin the blockchain of drk and co will also meet the same problem, though not as big. following moore's law, disc space is the least of our problems, only internet speed could potentially be a problem, but that's increasing too

Actually it's not 90% Monero will have an immortal coin release, coins will never stop being minted.

I argue we need a release of about 1% a year, some others think a lower amount. This discussion is ongoing and not set in stone.

First off, it won't be 90%, but 80% with a long-term inflation not being implemented, but, as drawing the sun said, this is planned

No currency in it's first few years will be a good store of value, so many uncertainties. Even Bitcoin is not a good store of value at the moment. There has been no evidence of a nation state trying to attack Bitcoin, so we are in the dark as to how secure crypto currencies really are.

Alex, if you're truly looking for store of value, diversify into bonds, property and gold.

Cryptocurrencies will one day be a good store of value, but it's too early days to call it case closed. You make it sound like one crypto offers store of value whilst another doesn't.

Just to remind you Alex, Bitcoin is still mined and has an inflation much higher than 2%, als, as stated, nobody wants a inflation of 2%, but one of 1%. Even then, a currency can still be a store of value

h) Is Monero anonymous in itself, or does it also need IP obfuscation to achieve anonymity? If it is the later, how exactly is it so anonymous, and how can you vouch for the IP obfuscation network that it will be using? Is there an IP obfuscation network that is 100% reliable for anonymity purposes? As far as I am aware, there is none.

Not trying to be unfriendly, but you should really read first the either the whitepaper or atleast get some basic understanding from the cryptonote website
The problems drawingthesun has described also occur also with the centralized mixing drk is using, while still having a flawed anonymity

i) Why should I pick Monero instead of Boolberry? The specs of Boolberry are superior and the dev is seemingly doing more work on his own than the Monero devs. Remember I am a buyer and I don't care about who mines what so I don't care about CPU and GPU miners.

The specifications are superior? How so?

And how are they seemingly more active? As far as I can tell, they are far more commits on Monero's repos

k) What happens if the Bytecoin guys (who made the code) discover a flaw, patch it in their own coin and then kill the clones by exploiting the flaw? If they are really underground hackers that hate the Monero copycats, isn't that a real possibility?

It might be, who knows. I heard the team split up, who knows how good the leftovers are?

You could argue the same with Litecoin/Bitcoin. Of course, neither dev teams, would try to destroy drk, but maybe there is a bug in the wallet, which then get's fixed, but a user is then exploiting it in drk's codebase

l) What is the advancement potential given that Monero is a clone and Bytecoin is the original?

The monero team have identified many areas that need improvement and are working on them, as the monero project goes forward, one can hope more people will join the core team as more people get skin in the game.

As far as I can tell the team are working on many issues and I have confidence in what they are doing. I don't have confidence in the Bytecoin team due to their deceptive past.

The BCN code was widely obfuscated and the miner deliberately slow and the only mining pool closed source. This clean start is offeringa way better "floor" for investors and coders. Since then the Monero team has developed open-source pools, tx-auto-split, determistic wallets, 50x times faster miner, and many, many bugs

[rpietila]

Is that the real Risto chatting under the name rpietila on Poloniex?

Yes.

[digicoin]

Personally I was hoping there would be no more cannibalization between CN coins and or a co-ordinated FUD against XMR from some disgruntled BCN followers. I respect BBR dev, but I can't understand the thought of breaking the market when a majority accepted XMR as the go to CN coin. With the private miner in BBR only a select few are enriching themselves for now and even the future with their big stashes. I noticed a slight simultaneous XMR downtrend and a corresponding BBR uptrend situation today for the first time.

bbr is a one-man show run by a very talented control-freak.  in order to have any hope of becoming the monopoly currency it would first need a complete relaunch under a new name, with a competent CEO type at the helm, and a diverse development team.

In contrast, QCN, MCN, FCN - these are just crap.  If I were the judge, the developers of these coins would be shot and their families billed for the bullet.  The BCN founders would merely be sent to Fort Leavenworth for a decade or so.

BBR team has 4 people now: 1 designer, 1 marketing, 2 devs

[drawingthesun]

Personally I was hoping there would be no more cannibalization between CN coins and or a co-ordinated FUD against XMR from some disgruntled BCN followers. I respect BBR dev, but I can't understand the thought of breaking the market when a majority accepted XMR as the go to CN coin. With the private miner in BBR only a select few are enriching themselves for now and even the future with their big stashes. I noticed a slight simultaneous XMR downtrend and a corresponding BBR uptrend situation today for the first time.

bbr is a one-man show run by a very talented control-freak.  in order to have any hope of becoming the monopoly currency it would first need a complete relaunch under a new name, with a competent CEO type at the helm, and a diverse development team.

In contrast, QCN, MCN, FCN - these are just crap.  If I were the judge, the developers of these coins would be shot and their families billed for the bullet.  The BCN founders would merely be sent to Fort Leavenworth for a decade or so.

BBR team has 4 people now: 1 designer, 1 marketing, 2 devs

Looks like BBR is taking over. What does rpietila think about this?

[drawingthesun]

Stop trying to hype Monero it's just another random altcoin.
LTC and DRK holding the first places I see.

Now this is the stuff of legend. For you to make this claim you must actually know nothing about CryptoCoins.

If you do, I'm sorry to tell you that you don't. Please unlearn and relearn as you missed something the first time around. Good luck and be open minded.

[tacotime]

Looks like BBR is taking over. What does rpietila think about this?

We have way more active FOSS devs than that.

https://github.com/monero-project/bitmonero/network/members
https://github.com/zone117x/node-cryptonote-pool
https://github.com/tsiv/ccminer-cryptonight/
https://github.com/Jojatekok/monero-client/
https://github.com/Neozaru/bitmonero-qt/

Marketing and PR, etc, way more of that too, although I think that's not as important.

BoolBerry introduced a lot of fairly strange design decisions that I don't really agree with, but we're thankful for the bugfixes he's made that we can introduce into our code.

[aminorex]

BoolBerry introduced a lot of fairly strange design decisions that I don't really agree with, but we're thankful for the bugfixes he's made that we can introduce into our code.

I think it is generally helpful for the particulars of these differences to be well-known.  Can you provide a reference?  Or even just high-entropy keywords?

[tacotime]

I think it is generally helpful for the particulars of these differences to be well-known.  Can you provide a reference?  Or even just high-entropy keywords?

1) Using the block header hashes as the scratchpad was intended to keep individual miners full nodes, but this was naive and pools simply send the (tiny) headers out to the miners themselves. There is lots of discussion about how to prevent pool centralization in Bitcoin lately, and Boolberry's solution has been criticized as being "the worst of both worlds" (requires lots of extra data to hash, but doesn't prevent pooled/centralized mining at all).
2) Aliases attach additional, permanent identity pieces to your addresses and should probably be avoided in my opinion.
3) The mandatory mixin=n for txouts doesn't solve fundamental issues with privacy relating to ring signatures. Monero has the same issues, but this will be discussed in an upcoming softfork proposal I'm coming up with thanks to some guidance from gmaxwell. Right now, because Monero is mostly used speculatively, it's not really an issue and is probably a boon to trading over the chain. Further, Boolberry's feature attaches identifier information to outputs which may be further used in analysis to identify spenders.

[rpietila]

Looks like BBR is taking over. What does rpietila think about this?

I still don't know enough of the coin, so I'll stick with XMR. The little I know does not warrant a switch.

ADD: Boolberry is so stupid a name that it must be changed before I'll consider

[digicoin]

2) Aliases attach additional, permanent identity pieces to your addresses and should probably be avoided in my opinion.

Further, Boolberry's feature attaches identifier information to outputs which may be further used in analysis to identify spenders.

This is a nice feature in BBR. You don't need to use it at all. Alias name is just as anonymous as CryptoNote address. It can not be used to identify the sender if sender doesn't want to. Similarly, who knows Satoshi is?

[dga]

I think it is generally helpful for the particulars of these differences to be well-known.  Can you provide a reference?  Or even just high-entropy keywords?

1) Using the block header hashes as the scratchpad was intended to keep individual miners full nodes, but this was naive and pools simply send the (tiny) headers out to the miners themselves. There is lots of discussion about how to prevent pool centralization in Bitcoin lately, and Boolberry's solution has been criticized as being "the worst of both worlds" (requires lots of extra data to hash, but doesn't prevent pooled/centralized mining at all).
2) Aliases attach additional, permanent identity pieces to your addresses and should probably be avoided in my opinion.
3) The mandatory mixin=n for txouts doesn't solve fundamental issues with privacy relating to ring signatures. Monero has the same issues, but this will be discussed in an upcoming softfork proposal I'm coming up with thanks to some guidance from gmaxwell. Right now, because Monero is mostly used speculatively, it's not really an issue and is probably a boon to trading over the chain. Further, Boolberry's feature attaches identifier information to outputs which may be further used in analysis to identify spenders.

I'm going to disagree with #2 - I think the issue with aliases is that they haven't been yet pushed hard enough.  For example, there should be an alias rebinding mechanism (perhaps using a tx fee and a signature from the originally bound key).  But aliases are optional, just like publishing your view key is.  Many recipients may wish to be publicly known but be able to have senders retain their anonymity, and aliases fit into this use model.  Aliases are an interesting, though fairly unimportant in the big picture as of now, exploration of the use of the blockchain.

update: Rebinding is apparently coded, just not available via external commands yet.  Sorry for the partial mis-information.

4)  You left off a discussion of transaction identification by prefix.  Comments?  As a mechanism to keep the blockchain smaller, this seems like one of the most technically relevant ways in which BBR departs from XMR, given that the blockchain size is one of the big deals with the entire cryptonote family.

[tacotime]

2) Aliases attach additional, permanent identity pieces to your addresses and should probably be avoided in my opinion.

Further, Boolberry's feature attaches identifier information to outputs which may be further used in analysis to identify spenders.

This is a nice feature in BBR. You don't need to use it at all. Alias name is just as anonymous as CryptoNote address. It can not be used to identify the sender if sender doesn't want to. Similarly, who knows Satoshi is?

Consider the instance in which a user uploads their alias, and someone sends them a small output, maybe 0.1 BBR.

Now, the person watches the blockchain for when this output is spent. If the user with the alias spends it in a tx with mixin=0, the user can now identify that the money has been spent, can assume any associated inputs belong to the spender, and can see where outputs are intended to go.

[dga]

2) Aliases attach additional, permanent identity pieces to your addresses and should probably be avoided in my opinion.

Further, Boolberry's feature attaches identifier information to outputs which may be further used in analysis to identify spenders.

This is a nice feature in BBR. You don't need to use it at all. Alias name is just as anonymous as CryptoNote address. It can not be used to identify the sender if sender doesn't want to. Similarly, who knows Satoshi is?

Consider the instance in which a user uploads their alias, and someone sends them a small output, maybe 0.1 BBR.

Now, the person watches the blockchain for when this output is spent. If the user with the alias spends it in a tx with mixin=0, the user can now identify that the money has been spent, can assume any associated inputs belong to the spender, and can see where outputs are intended to go.

I couldn't help but notice that you have an XMR address in your signature.

It amounts to the same thing.  Public disclosure and reuse of an address coupled with mixin=0 respending allows (limited) tracing of spends in all of the cryptonote family.

The only real difference is that the address disclosed in the blockchain is completely public.  I believe that's the intent of the aliases, no?

But this is a fairly unimportant distinction in the grand scheme of things.  XMR could easily add aliases if they prove successful, BBR could probably rip them out, ... these don't strike me as a fundamental thing to bring to the debate.

[tacotime]

Consider the instance in which a user uploads their alias, and someone sends them a small output, maybe 0.1 BBR.

Now, the person watches the blockchain for when this output is spent. If the user with the alias spends it in a tx with mixin=0, the user can now identify that the money has been spent, can assume any associated inputs belong to the spender, and can see where outputs are intended to go.

I couldn't help but notice that you have an XMR address in your signature.

It amounts to the same thing.  Public disclosure and reuse of an address coupled with mixin=0 respending allows (limited) tracing of spends in all of the cryptonote family.

The only real difference is that the address disclosed in the blockchain is completely public.  I believe that's the intent of the aliases, no?

But this is a fairly unimportant distinction in the grand scheme of things.  XMR could easily add aliases if they prove successful, BBR could probably rip them out, ... these don't strike me as a fundamental thing to bring to the debate.

Correct. I don't believe in sticking this information into the blockchain in arbitrary data appended to tx though, because I think it's bloat and creates races to spam the chain much like races to purchase domain names.