Cloakcoin's PoSA is not a trustless system for anonymous transaction

[strasboug]

OK due to many fuds I re-open this thread as self-mod thread and closed the old thread. All fuds and unreasonable posts (such as personal attacks) will be removed.

My purpose is not to attack any coins. My purpose is to seek the truth, as I myself am interested in the trustless anonymous transaction system. So please, state your facts, let's discuss, and let's understand the truth.


Well Cloakcoin claimed that their PoSA is a trustless system, but I read their whitepaper in the thread:
https://bitcointalk.org/index.php?topic=637704.0

It seems to me that this is not at all a trustless system. The reason is that the "elected" nodes have no restrictions at all to follow the rules (i.e. send coins to destination etc), he can change at will the transaction or even steal the coins. So the PoSA is a poorly designed trust system, which trust the "elected" node. Only until they cheated, they may be banned.

Creating addresses is easy, so a cheater can simply create a new address, cheat once, then move to another address and cheat again. PoSA is not a trustless system.

On the contrary, Supercoin is creating a trustless system by using multisig addresses and transactions. To be a trustless system, you must give restrictions to the middle nodes, so they must follow the rules. From what I read, the SuperCoin achieves this by creating multisig address, as an escrow, each party including middle nodes, have assets in the escrow, so they can't cheat, or they may lose the assets in escrow, which may be bigger than what they cheat.

I am not associate with Supercoin or Cloakcoin, the reason I do not post these in Cloakcoin's thread is because their thread is self-mod, so they can delete anything at will.

I welcome Cloakcoin dev to discuss here and prove me wrong, as although I am pretty experienced and understand most altcoin details, I could be wrong. But from what I read, I am pretty sure that Cloakcoin PoSA is not a trustless system, but a poorly designed trust system.

[strasboug]

Actually for those who do not agree with me, please try to answer this question:

What is the logics how to prevent a middle node from cheating? If he uses Cloak released client, he can never cheat. The problem is that he can create his own client, with same interfaces, and does not do the transaction as described. Does the system have anyway to prevent it?

[Bobsurplus]

You dont get it. This question has been answered. If you think it's possible to do then please demo it for all of us.

[smokim87]

Well the thread title seems abit misleading, are you saying PoSA is not a trustless system or claiming its not? From what I understand just by reading the title is that CLoaks PoSA is not trustless. Might want to take a look at that.

[strasboug]

You dont get it. This question has been answered. If you think it's possible to do then please demo it for all of us.

demo you can not see anything. The cheating will not be done with cloakcoin released client, the question is what measures used to prevent it.

[strasboug]

Well the thread title seems abit misleading, are you saying PoSA is not a trustless system or claiming its not? From what I understand just by reading the title is that CLoaks PoSA is not trustless. Might want to take a look at that.

From what I read it is not. The title reflects what I found out. But if you can prove me wrong, and I will correct the title.

[Bobsurplus]

You dont get it. This question has been answered. If you think it's possible to do then please demo it for all of us.

demo you can not see anything. The cheating will not be done with cloakcoin released client, the question is what measures used to prevent it.

Nono, go ahead and make your own client and try to steal coins.

Trust me, as an investor I would like to see this happen. If you find a bug and it truly is a bug I'll be more then happy to throw some btc your way.

Please demo this for us.

[strasboug]

You dont get it. This question has been answered. If you think it's possible to do then please demo it for all of us.

demo you can not see anything. The cheating will not be done with cloakcoin released client, the question is what measures used to prevent it.

Nono, go ahead and make your own client and try to steal coins.

Trust me, as an investor I would like to see this happen. If you find a bug and it truly is a bug I'll be more then happy to throw some btc your way.

Please demo this for us.

Oh I see what you say. Yes I can try it, but from the algorithm we will know if it can be cheated or not. If you take no measures, it will be cheated easily. That's why the anonymous system most implemented the centralized mixer system, for the coinjoin (DRK, SUPER phase-1 etc). Because this way you don't need to take any measures against the cheating, these mixers nodes are trusted.

The Cloakcoin claims any nodes can be elected. There you need forceful way to prevent this node from cheating. If you use mutlisig address/transactions (like supercoin claimed), you use an escrow that prevents any nodes from cheating, or they will lose their parts in escrow. In Cloak's whitepaper, there's nothing like this. The raw tx is transferred, and this raw tx can be changed and post to network any time. If you don't have any measures, cheating is very easy.

[smokim87]

You dont get it. This question has been answered. If you think it's possible to do then please demo it for all of us.

demo you can not see anything. The cheating will not be done with cloakcoin released client, the question is what measures used to prevent it.

Nono, go ahead and make your own client and try to steal coins.

Trust me, as an investor I would like to see this happen. If you find a bug and it truly is a bug I'll be more then happy to throw some btc your way.

Please demo this for us.

Oh I see what you say. Yes I can try it, but from the algorithm we will know if it can be cheated or not. If you take no measures, it will be cheated easily. That's why the anonymous system most implemented the centralized mixer system, for the coinjoin (DRK, SUPER phase-1 etc). Because this way you don't need to take any measures against the cheating, these mixers nodes are trusted.

The Cloakcoin claims any nodes can be elected. There you need forceful way to prevent this node from cheating. If you use mutlisig address/transactions (like supercoin claimed), you use an escrow that prevents any nodes from cheating, or they will lose their parts in escrow. In Cloak's whitepaper, there's nothing like this. The raw tx is transferred, and this raw tx can be changed and post to network any time. If you don't have any measures, cheating is very easy.

Are you refusing to provide a demo?

Your the one claiming that cloaks PoSA  is not a trustless system. We would like to see you do it instead of asking Cloak devs to show how its trustless and unexploited, your the one making the claim so your the one who should show us that i can be done.

Forget the algo, the code...etc

Cheat the system and steal Cloakcoins if you can, if you show a demo of this like Bob said I'll also send you a nice bounty for doing so. .

Edit: As I mentioned in the last thread that was locked and sadly no one bothered to see my post. I spoken to the devs a hour ago and I was told a new well detailed whitepaper on PoSA is being written.

[tokyoghetto]

This is going to turnout just as bad as when Busoni spread FUD about Supercoin.

The title of this thread might lead people to believe that what you are stating is FACT and not a guess. You do not have concrete proof that CLOAK isn't 100% trustless. I would advise that you change the title of this thread  at least until your claims can be proven to be 100% correct.

It seems suspect that a thread like this pops up just as PoSA goes into public beta and CLOAK experiences an increase in price.

[brownmon]

Are you refusing to provide a demo?

Your the one claiming that cloaks PoSA  is not a trustless system. We would like to see you do it instead of asking Cloak devs to show how its trustless and unexploited, your the one making the claim so your the one who should show us that i can be done.

Forget the algo, the code...etc

Cheat the system and steal Cloakcoins if you can, if you show a demo of this like Bob said I'll also send you a nice bounty for doing so. .

Edit: As I mentioned in the last thread that was locked and sadly no one bothered to see my post. I spoken to the devs a hour ago and I was told a new well detailed whitepaper on PoSA is being written.

(I don't agree with the title of this thread, but...)

We investors have to assume that it is *not* trustless, until proven otherwise.

I think CINNI's anon was not to be trustless at first, as that was too difficult to do.

Trust-based is the default for anon.  If CLOAK's is trustless, how is it trustless?  Why can't we be told?

smokim87, we're not talking about identifying a bug, like you seem to be implying.  We're talking about the design itself.  Is it trustless by design?  How?  Don't tell us to built a client.  Not everyone has the time or skill to do that.

[strasboug]

Are you refusing to provide a demo?

Your the one claiming that cloaks PoSA  is not a trustless system. We would like to see you do it instead of asking Cloak devs to show how its trustless and unexploited, your the one making the claim so your the one who should show us that i can be done.

Forget the algo, the code...etc

Cheat the system and steal Cloakcoins if you can, if you show a demo of this like Bob said I'll also send you a nice bounty for doing so. .

Edit: As I mentioned in the last thread that was locked and sadly no one bothered to see my post. I spoken to the devs a hour ago and I was told a new well detailed whitepaper on PoSA is being written.

As I said I can do it in some time, but this is not the point. You can create a standard mixer system and claim it trustless, it is simply base-less. You need to have measures to prevent cheats. From what is published in whitepaper, there is none.

So you can say ok my system is secret and show me how you can break it. I can do it, later. It needs time. If your purpose is to buy time, it's fine. But if you really have measures against cheating, show it. You don't need to show all details. In Supercoin they did not show all details, but from what they said I know it works. From what you said, I know it is NOT working, it can be easily cheated.

[strasboug]

This is going to turnout just as bad as when Busoni spread FUD about Supercoin.

The title of this thread might lead people to believe that what you are stating is FACT and not a guess. You do not have concrete proof that CLOAK isn't 100% trustless. I would advise that you change the title of this thread  at least until your claims can be proven to be 100% correct.

It seems suspect that a thread like this pops up just as PoSA goes into public beta and CLOAK experiences an increase in price.

I don't need to have 100% proof, that proof would be I do a prototype to grab some coins. But that will take me weeks to do. The problem is that it can be easily shown that it is not cheatable, if you know how the trustless system works. It is not s difficult task at all. So far I see nothing that can support PoSA can be a trustless system transaction.

[strasboug]

(I don't agree with the title of this thread, but...)

We investors have to assume that it is *not* trustless, until proven otherwise.

I think CINNI's anon was not to be trustless at first, as that was too difficult to do.

Trust-based is the default for anon.  If CLOAK's is trustless, how is it trustless?  Why can't we be told?

smokim87, we're not talking about identifying a bug, like you seem to be implying.  We're talking about the design itself.  Is it trustless by design?  How?  Don't tell us to built a client.  Not everyone has the time or skill to do that.

Yes exactly. It is not difficult to tell how it is done to be a trustless system. You don't need to tell the detailed algorithm, you just need to tell the methodology, at a pretty high level. All experts understand what you talk about. From what I see in the whitepaper and discussions in the thread, there's nothing about a true trustless system, it simply does not exist in PoSA.

[YackBallz]

Creating addresses is easy, so a cheater can simply create a new address, cheat once, then move to another address and cheat again. PoSA is not a trustless system.

1. How do you create a posa address?

2. How do you cheat?

3. How do you move to another address to cheat again?

Your theory is conceptual so please elaborate on these concepts.

[strasboug]

Creating addresses is easy, so a cheater can simply create a new address, cheat once, then move to another address and cheat again. PoSA is not a trustless system.

1. How do you create a posa address?

2. How do you cheat?

3. How do you move to another address to cheat again?

Your theory is conceptual so please elaborate on these concepts.

You can ask these, and ask me to show you how I break it. But I am asking you the other way around: what did you do to prevent a potential cheat in the middle nodes? Is there any reason to prevent him from cheating? Very simple question, as I posted in the OP (and 2nd post), not difficult to answer.

[brownmon]

From the pdf: Decentralized P2P Crypto Currency Transaction Anonymity via Proof of Stake Protocol Extensions

Trustless
The system is trustless, in that the protocol validates the proper processing of transactions just as
existing decentralized currencies do today. If an elected node fails to process a transaction and meet
protocol, a re-election occurs and a ban count is incremented in a similar fashion as occurs for other
parts of the existing protocol.

This suggests that the system is *not* in fact trustless.

It's trustless because the protocol makes it so, but it's possible for nodes to fail to meet protocol?

[YackBallz]

Creating addresses is easy, so a cheater can simply create a new address, cheat once, then move to another address and cheat again. PoSA is not a trustless system.

1. How do you create a posa address?

2. How do you cheat?

3. How do you move to another address to cheat again?

Your theory is conceptual so please elaborate on these concepts.

You can ask these, and ask me to show you how I break it. But I am asking you the other way around: what did you do to prevent a potential cheat in the middle nodes? Is there any reason to prevent him from cheating? Very simple question, as I posted in the OP (and 2nd post), not difficult to answer.

From what I saw in PoSA testing on Sunday, the level of programming far exceeds the expectation you'd usually find in an altcoin. PoSA far exceeds the realm of simple attacks. There are measures in place to stop man in the middle attacks, there aren't any node changes possible, and the transactions follow a myriad of paths to complete a transaction(Which are unpredictable). So, let's suss out a more specific scenario and we'll delve into this further.

[rethink-your-strategy]

AnonyMint has a good overview of why Cloakcoin is snake oil:

Flaws I see in the white paper:

1. Non-zero transaction fees.

2. PoS, i.e. does nothing to deal with centralization of mining.

3. The anonymization is flawed. It relies on two mining nodes not sharing their knowledge of which transactions correlate to which inputs received by the network. That is a fundamentally flawed concept that I dismissed long enough with my analysis of DarkCoin, because mining nodes can be Sybil attacked (the adversary can flood the network with mining nodes). It gets worse with PoS because those with the largest stake have the most mining nodes, thus your anonymity is for sale (or hackers can target with spyware those nodes with the highest stake).

Worse yet, if the first peer of the two has seen the transactions then it doesn't matter how the second peer rearranges them, so the entire thing is trivially defeated.  Assuming the senders of the transactions are encrypting them for the final peer, then the problem is as you add stages/hops (the paper proposes to double the stages) the system can be attacked with transaction spam since the transactions aren't verified until they are decrypted at the final peer. I assume you could ban IP addresses if sending nodes can't enter the network at-will.

Also, a cryptographic whitepaper without a single piece of algebra to prove a claim indicates it is written by people who do not understand cryptography. I wouldn't trust such a whitepaper.

[strasboug]

Creating addresses is easy, so a cheater can simply create a new address, cheat once, then move to another address and cheat again. PoSA is not a trustless system.

1. How do you create a posa address?

2. How do you cheat?

3. How do you move to another address to cheat again?

Your theory is conceptual so please elaborate on these concepts.

You can ask these, and ask me to show you how I break it. But I am asking you the other way around: what did you do to prevent a potential cheat in the middle nodes? Is there any reason to prevent him from cheating? Very simple question, as I posted in the OP (and 2nd post), not difficult to answer.

From what I saw in PoSA testing on Sunday, the level of programming far exceeds the expectation you'd usually find in an altcoin. PoSA far exceeds the realm of simple attacks. There are measures in place to stop man in the middle attacks, there aren't any node changes possible, and the transactions follow a myriad of paths to complete a transaction(Which are unpredictable). So, let's suss out a more specific scenario and we'll delve into this further.

Again, you can do any demo you want. I can use a centralized mixer and claim it to be trustless. Can you prove me wrong? Not easily. As long as I hide all detailed messages, calls, even I use simple un-verified message, which everyone can easily fake if the interfaces are published. A demo does not constitute any proof that the claimed system works, especially a trustless system. To show your method is working, simply publish the method you are using, and in theory it can be proven if your stuff work or not, easily.