Gold collapsing. Bitcoin UP.

[rocks]

Monero has lost ~90% of it's value vs. BTC since last September

Uh, no. You are misreading something.

My bad, I was looking at the market cap valuation which is off that much. The BTC price is only down ~75% from last Sept. Still not exactly great price performance....

http://coinmarketcap.com/currencies/monero/  (click on "all" for the full history)

You can implement the exact same distributed and trustless mixing mechanisms in wallets that live on top of Bitcoin

No you can't. It is totally different cryptography at the transaction level, and would require at least a soft fork, but that is very messy and far more complex than any existing or propose soft forks, meaning it has essentially zero chance to happen in practice. It could and probably will happen on a side chain, but that raises various other issues.

There are other differences like an actual deployed (and somewhat stress tested) mechanism for managing the blocksize without a hard limit.

I disagree here, there are multiple proposals on how to layer privacy oriented transactions on top of bitcoin. Some rely on shared secrets, some enable wallets to communicate and build distributed trustless mixing mechanisms (which is exactly what Monero says it does). You don't need distributed trustless mixing mechanisms in the protocol to have that, you can implement the same in wallets. I remain unimpressed by these bitcoin clones that are simply adding simple functionality to the core protocol, functionality that can easily be layered on top of bitcoin. That is not an improvement IMHO.

Zerocoin is an example of a true innovation as I see it. Zerocoin does not rely on mixing as Monero does, but implements true removal of all history.  This is something that neither Bitcoin nor Monero can do. If someone made this, I'd seriously consider it.

[TPTB_need_war]

Not sure if game players want to pick an unnecessary fight with the government.

Sometimes I feel you should have some acid to relieve yourself of the irrational fear of government (it helps). You are the most government-fearing person that I know, and that is not fitting for an alpha-male. You should conduct your life such that the government anticipates how much they lose if they try to harass you, and leave you alone.

The game is not associated with any government, jurisdiction or law. It is just a game. Like playing Monopoly. It is your problem if you feel that the government has the right to infringe your playing a game. I don't give them such a right concerning mine.

The distasteful voice is because I have a distaste for government, and would rather not speak about it. I also seldom speak about shit that sticks to the sole of my shoe. And I don't lift my hand to remove it, same as I don't lift my hand to remove the government. But I don't touch it either.

I missed this until Erdogan quoted it.

I am calculating the government is going to lose 0 up to $trillions because of me.

I am just making the point that people that don't have any vested reason for fight, often don't see any incentive for waging one.

Marketing is about matching concerns (demographics).

I didn't say it won't work. I am just wondering what gaming has to do with the anonymity fight? Seems like two different demographics.

I thought the gaming idea with your game coin would work well. Adding the anonymity seemed like going in the wrong direction or at least until the gamers have some need for it.

[Odalv]

4. In reality Monero is not more anonymous than bitcoin, it is only a little harder(for uninformed crowd) to analyse.

Can you offer any elaboration or cite some research on this?

Ask google or ask monero experts they will tell you truth.
if you can solve a system of equations then it is what you need.

[kazuki49]

I disagree here, there are multiple proposals on how to layer privacy oriented transactions on top of bitcoin. Some rely on shared secrets, some enable wallets to communicate and build distributed trustless mixing mechanisms (which is exactly what Monero says it does). You don't need distributed trustless mixing mechanisms in the protocol to have that, you can implement the same in wallets. I remain unimpressed by these bitcoin clones that are simply adding simple functionality to the core protocol, functionality that can easily be layered on top of bitcoin. That is not an improvement IMHO.

Some of us do not want to do with Bitcoin anymore and only stash it in reasonable quantities so when the TPTB unleash the next phase of their financial freedom elimination through a transparent ledger we dump it for a nice profit or we have a positive stake in the game, so you can say we are after a profit after all but its not with Monero. Monero is the future of our freedom.

Yes its a rebellion and you can't stop it

[TPTB_need_war]

4. In reality Monero is not more anonymous than bitcoin, it is only a little harder(for uninformed crowd) to analyse.

Can you offer any elaboration or cite some research on this?

Ask google or ask monero experts they will tell you truth.
if you can solve a system of equations then it is what you need.

Hey that was the allegation I raised in the BCX thread. Are you quoting me via Google?

I can't say I won that discussion. I am not sure I was entirely convinced I lost it, but I even forgot by now the conclusions (Multiple Sclerosis effect perhaps).

[rocks]

I disagree here, there are multiple proposals on how to layer privacy oriented transactions on top of bitcoin. Some rely on shared secrets, some enable wallets to communicate and build distributed trustless mixing mechanisms (which is exactly what Monero says it does). You don't need distributed trustless mixing mechanisms in the protocol to have that, you can implement the same in wallets. I remain unimpressed by these bitcoin clones that are simply adding simple functionality to the core protocol, functionality that can easily be layered on top of bitcoin. That is not an improvement IMHO.

Some of us do not want to do with Bitcoin anymore and only stash it in reasonable quantities so when the TPTB unleash the next phase of their financial freedom elimination through a transparent ledger we dump it for a nice profit or we have a positive stake in the game, so you can say we are after a profit after all but its not with Monero.

I honestly have no idea what that sentence is suppose to mean.

[79b79aa8d5047da6d3XX]

Sometimes I believe the central banks shooting themselves in the foot could do more for bitcoin than all the VC investment in the world. If they ever implemented a cash ban for real, there would be a significant effort to find a new cash-like mechanism, enter bitcoin.

http://www.zerohedge.com/news/2015-05-19/cashless-society

Yep, all the cons to banning cash presented in that article are easy to see. Here is one they don't mention: money in the bank is not under your control and does not belong to you. It can be frozen or seized in an instant (like coins sitting on Coinbase). For example, the IRS will freeze your bank account if they *suspect* you have evaded taxes. They have no need to prove it, it is up to you to prove innocence and fight to get it back.

So banning cash is banning a most important form of private property. It is not politically feasible. It is also not practicable at present levels of technological deployment (and neither is crypto ubiquity).

[kazuki49]

I disagree here, there are multiple proposals on how to layer privacy oriented transactions on top of bitcoin. Some rely on shared secrets, some enable wallets to communicate and build distributed trustless mixing mechanisms (which is exactly what Monero says it does). You don't need distributed trustless mixing mechanisms in the protocol to have that, you can implement the same in wallets. I remain unimpressed by these bitcoin clones that are simply adding simple functionality to the core protocol, functionality that can easily be layered on top of bitcoin. That is not an improvement IMHO.

Some of us do not want to do with Bitcoin anymore and only stash it in reasonable quantities so when the TPTB unleash the next phase of their financial freedom elimination through a transparent ledger we dump it for a nice profit or we have a positive stake in the game, so you can say we are after a profit after all but its not with Monero.

I honestly have no idea what that sentence is suppose to mean.

It means, with all due respect to the people in this thread, its not this discussion that will decide the future and I'm positioned in what I believe to be a win-win situation with crypto as a whole. I think the savvy term is hedge. And Bitcoin is my hedge not Monero, but thats me.

[TPTB_need_war]

Some rely on shared secrets, some enable wallets to communicate and build distributed trustless mixing mechanisms (which is exactly what Monero says it does). You don't need distributed trustless mixing mechanisms in the protocol to have that, you can implement the same in wallets.

CoinJoin is not scalable. It can be jammed by Sybil attacks. It has a timing simultaneity requirement that means it is not autonomous, not end-to-end, and failure/hassle prone.

The only way to do it correctly is put on chain. Sorry you are technically incorrect.

Zerocoin is an example of a true innovation as I see it. Zerocoin does not rely on mixing as Monero does, but implements true removal of all history.  This is something that neither Bitcoin nor Monero can do. If someone made this, I'd seriously consider it.

Zerocoin doesn't allow you spend any coins until you remove them from the anonymity accumulator.

Perhaps you meant Zerocash. Zerocash has the problem that you can never know if the setup keys were compromised allowing unlimited minting of coins because the money supply can not be known. That is unacceptable for a store-of-value.

[kazuki49]

I may have forgotten the specific details of the unlinkability (been away from that for some months) but afair the IP address can be associated with a total payment amount and the output addresses. The unlinkability only creates a new address for each payee for each payment, but doesn't hide this new address. Thus on the next spend of the change, the input to the ring it likely known. It is these sort of combinatorial attacks (other variations) that I think might breakdown Monero's anonymity. Smooth please do correct me if my recollection has failed me.

You clearly smarter than me but the reason I do not worry is because I2p integration will come to Monero.

[Odalv]

I can't say I won that discussion. I am not sure I was entirely convinced I lost it, but I even forgot by now the conclusions (Multiple Sclerosis effect perhaps).

hint:
 N times more blockchain size => N times more information => N times more anonymity ?   ---> in reality same information + (N-1) bytes of shit

[TPTB_need_war]

So banning cash is banning a most important form of private property. It is  not politically feasible. It is also not practicable at present levels of technological deployment (and neither is crypto ubiquity).

On the next big economic coflagration 2018ish, when 80% of the people in the West are receiving their government survival stipend via Coinbase or Circle in their iPhone and they must have a Facebook login to get government aid, then you tell me it is not politically feasible. And you will be paying for that.

[TPTB_need_war]

I may have forgotten the specific details of the unlinkability (been away from that for some months) but afair the IP address can be associated with a total payment amount and the output addresses. The unlinkability only creates a new address for each payee for each payment, but doesn't hide this new address. Thus on the next spend of the change, the input to the ring it likely known. It is these sort of combinatorial attacks (other variations) that I think might breakdown Monero's anonymity. Smooth please do correct me if my recollection has failed me.

You clearly smarter than me but the reason I do not worry is because I2p integration will come to Monero.

I am not sure if I am correct on the IP correlation, but I surely don't trust Tor due to Sybil attack on relays, timing analysis, etc. I don't know if I2P has defeated those issues. I doubt it but everytime I looked for detailed design docs in the past I didn't readily find the information I needed to formulate an opinion.

[smooth]

It seems reasonable, and afair TPTB have cracked down on exchanges for game currencies because they do realize this threat.

Is Monero ready to resist such crackdowns? Does it have decentralized exchanges? Can the authorities not track down IP addresses and make examples to discourage others from subverting a ban?

Might work.

My idea is an area that is more targeted to the market of those who need anonymity and thus might be more willing to fight. Not sure if game players want to pick an unnecessary fight with the government.

I like your posts but IPs is one of the least worries for privacy in a coin, the "worst" they could ascertain is that you made a transaction to... somewhere, a Monero crackdown would only Straisant effect it, they can't even block torrents, how would a ban take place? They can't ban it everywhere in the world at same time.

I may have forgotten the specific details of the unlinkability (been away from that for some months) but afair the IP address can be associated with a total payment amount and the output addresses. The unlinkability only creates a new address for each payee for each payment, but doesn't hide this new address. Thus on the next spend of the change, the input to the ring it likely known. It is these sort of combinatorial attacks (other variations) that I think might breakdown Monero's anonymity. Smooth please do correct me if my recollection has failed me.

It does hide every new address (in the sense that it is just a random number), and the change is blinded just like any other payee. You can't tell by monitoring at the network level which outputs are change and which are not. You also can't tell by monitoring at the network level which outputs are being spent, so you can't ever be sure that change is being spent.

Wallets do have to be careful how they select coins to avoid skewing probabilities. The best is probably to spend a change output by itself without combining with other outputs (this could be spent back to yourself, but at that point it no longer can be identified as change). It's probably still okay to spend it with other outputs of yours that don't share a near ancestor.

Even so, the worst case is a probabilistic correlation that is still denyable, and which erodes away after multiple transactions. At the IP level it is definitely true that monitoring Monero traffic reveals far, far less useful information than monitoring Bitcoin traffic.

I have no idea what Odalv is talking about, he makes these claims about simultaneous equations but he seems not to understand the math at all. He previously claimed you could steal coins that way, but I guess he's given up on that nonsense now and moved on to some other likely nonsense.

[rpietila]

I am wondering why gamers need anonymity and would fight the government.

Well, I don't want to go deeper here (people in general rightfully feel that CK has very little to do with gold collapsing - especially as CKgold is doing well - sorry I had to..), so let's stop this topic please.

There is no fighting the government here: I told about the shit - if you fight it, your hand gets dirty. If you ignore it and continue walking, it wears off gradually.

Gamers are just people, and it's just normal to prefer keeping stuff to you. Also we have to remember that CK is not a standalone business idea, it was purposefully designed to increase and strengthen Monero economy and adoption, so they cannot be separated. Most games also are not valued at $5k per player. So yes there is something special in CK, which I am not telling you here. Thank you for interest, and welcome to join  

[smooth]

I may have forgotten the specific details of the unlinkability (been away from that for some months) but afair the IP address can be associated with a total payment amount and the output addresses. The unlinkability only creates a new address for each payee for each payment, but doesn't hide this new address. Thus on the next spend of the change, the input to the ring it likely known. It is these sort of combinatorial attacks (other variations) that I think might breakdown Monero's anonymity. Smooth please do correct me if my recollection has failed me.

You clearly smarter than me but the reason I do not worry is because I2p integration will come to Monero.

I am not sure if I am correct on the IP correlation, but I surely don't trust Tor due to Sybil attack on relays, timing analysis, etc. I don't know if I2P has defeated those issues. I doubt it but everytime I looked for detailed design docs in the past I didn't readily find the information I needed to formulate an opinion.

i2p is somewhat better because of what they call garlic routing where multiple separate messages are deliberately combined to frustrate timing/traffic attacks. I don't know of a careful analysis of how effective that is, but at least they try.

[TPTB_need_war]

rpietila I wasn't phrasing it as "you are wrong". I was wondering what the natural synergy is. Perhaps gamers are rebellious enough by nature. My son is a game aholic  and he doesn't seem to be phased by anything. He does exactly what he damn pleases, including refusing to get a job or go see the sunshine (sounds like somebody I know around my age except the refusing to hold a job part although my job is like a game to me). Surely he is not your demographic though as he doesn't have $100.

[sickpig]

Zerocoin is an example of a true innovation as I see it. Zerocoin does not rely on mixing as Monero does, but implements true removal of all history.  This is something that neither Bitcoin nor Monero can do. If someone made this, I'd seriously consider it.

http://zerocash-project.org

https://github.com/scipr-lab/libsnark

http://www.scipr-lab.org/

How are Zerocash transactions checked for correctness?

For a mint transaction, the commitment cointained therein is constructed so that that anyone can verify that the committed coin has the claimed value.

For a pour transaction, anyone can verify that the zero-knowledge proof contained therein is valid (and that a few other simple invariants hold). For efficiency, however, Zerocash does not use "any" zero-knowledge proof, but leverages zero-knowledge Succinct Non-interactive ARguments of Knowledge (zk-SNARK) systems, which are zero-knowledge proofs that are particularly short and easy to verify. Specifically, Zerocash uses zk-SNARKs constructed by SCIPR Lab described in BCTV13; such proofs are less than 300 bytes long and can be verified in only a few mmilliseconds.

[kazuki49]

I'll be sure to make a small hedge in Zerocoin too and I'll be using my Bitcoins not Moneroj, there is clearly of pattern of innovation to legacy that Monero will skip even with Zerocoin because of its optionally transparent features

edit: first I'll have to be relatively sure zercoin/zerocash is not a scam and no one can create infinite coins like said before.

[Odalv]

I have no idea what Odalv is talking about, he makes these claims about simultaneous equations but he seems not to understand the math at all. He previously claimed you could steal coins that way, but I guess he's given up on that nonsense now and moved on to some other likely nonsense.

Yes, you are right. I was wrong with my claim I can compute Monero private key. -> I'm not so good :-) ... nevermind.