synechist
Legendary
 Offline
Activity: 1190
Merit: 1000
To commodify ethicality is to ethicise the market
|
 |
July 31, 2014, 02:30:45 PM |
|
Glad to hear that Darkcoin has built-in protection for this attack vector, it's certainly a valid concern.
It doesn't have that, it was just something I was suggesting in DRK thread earlier and asking what people's thoughts about it are. But if the idea is feasible and provides additional security, the implementation probably should be pretty straightforward. XC does also, in that every single wallet is a node. Thus, there's no central point that can be targeted for a ddos.
It's the same thing. XC node that participates in anonymization requires an open incoming TCP port, and the attacker can ddos those nodes just as well as drk masternodes. In addition, transactions are multisig so they require several parties to sign before they are processed. If a bad node alters a transaction to steal funds, or refuses to sign, the transaction won't be processed, so you can't lose funds. Also, since there are redundant connections between nodes that provide multiple pathways for funds, if a node fails to sign a transaction there are others ready to take its place. Pretty cool stuff, really.
The goal when ddos'ing nodes is to first set up many nodes yourself, then ddos the other nodes, so you can then have a control of big enough percentage of the nodes so you can spy the transactions with good enough success. You're right that it's quite possible to DDOS any coin's nodes like this. However it'll take up massively more resources to DDOS XC nodes with any noticeable severity, since every single node is a "masternode". The number of nodes an attacker would need to control is proportionally huge. |
Co-Founder, the Blocknet
|
|
|
|
|
|
|
|
|
|
|
|
According to NIST and ECRYPT II, the cryptographic algorithms used in
Bitcoin are expected to be strong until at least 2030. (After that, it
will not be too difficult to transition to different algorithms.)
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
rethink-your-strategy
|
|
July 31, 2014, 02:38:13 PM |
|
Refreshing to read opinions of someone who actually has a clue instead of crypto noobs hyping their vapor buzzwords. I consider myself to be crypto noob as well, however:
What if the Darkcoin wallet was monitoring the state of the network, and if the running masternode count fell for example 50% in a short period of time, it would stop denominating funds (denomination is the anonymization process which runs in the background). This wouldn't affect people sending or receiving coins because they already have them denominated/anonymized. It would only prevent people from re-sending received funds during this ddos period.
Every other coin has to use nodes as well, and they can be ddos attacked which can halt the network for the duration of the attack. It's not only Darkcoin that is susceptible to ddos.
The "monitoring the state of the network" thing is then a huge security risk AND a massive drain. This means that every single one of the (potentially tens or hundreds of thousands) have to reach out every single one of the (potentially several hundred) masternodes. This is a massive traffic burden, but it also means that a bad actor can setup (or compromise) just a single masternode in order to identify the IP address of every single node. You are right that every coin has to use nodes, but bear in mind that 50% of nodes becoming unavailable in most cryptocurrencies isn't a showstopper. The rest will continue to operate and maintain consensus, and when those 50% come back online they'll just catch up to the network state. |
|
|
|
|
|
illodin
|
|
July 31, 2014, 02:42:40 PM |
|
You're right that it's quite possible to DDOS any coin's nodes like this.
However it'll take up massively more resources to DDOS XC nodes with any noticeable severity, since every single node is a "masternode". The number of nodes an attacker would need to control is proportionally huge.
Disagree. Not every XC user will run their wallet 24/7 - how many nodes are there right now? There are 800+ DRK masternodes running 24/7 atm. Even though some people are running DRK masternodes in their home computers behind adsl or cable connections, most of them are still on dedicated servers or clouds that have gigabit connections. I would imagine it is completely opposite in XC's case. It doesn't take much to ddos someones laptop running on dsl or 3g phone. Obviously this is not easily quantifiable, but the bolded part is just not true imo. |
|
|
|
|
synechist
Legendary
Offline
Activity: 1190
Merit: 1000
To commodify ethicality is to ethicise the market
|
|
July 31, 2014, 02:43:58 PM |
|
Every coin says this. Nothing against xc but do coins not check if others have currently working anon?
Fair point. Maybe I haven't checked sufficiently. Who else has it? Let me know and I might be able to qualify what I mean by "working" and "anonymity". ;-) All of the CryptoNote coins do (Monero, Boolberry, Bytecoin (BCN) etc.) They have working anonymity from their launch. If you take Bytecoin's claim at face value (it's pretty clear it's bullshit) they have been around for 2 years. Even knowing that it's likely a false claim meant to cover up their 82% premine, you still come face-to-face with an indisputable fact: Bytecoin's first commit to github was on 15 November 2013, and already then the code worked and provided cryptographically untraceable and unlinkable transactions. Monero, too, was launched (fairly) on 18 April 2014, before XC even came into existence. As much as I think Bytecoin is a fail because of their premine, they are the ONLY ones that can lay claim to having the FIRST "working anonymity". Monero and the all the other CryptoNote coins can lay claim to being the ONLY cryptocurrencies that currently have a 100% working solution to cryptographically untraceable and unlinkable transactions. If you don't believe me, pick any transaction on the Monero blockchain (eg. http://monerochain.info/tx/49ee290a4e65bc554382089d778c1ac26b20a5b6044d3fa4b1767780e2617546) and try figure out the address of the person that sent the coins, the address of the person they were sending to, and they amount. I'll gladly even setup two wallets and transfer between them and give you the transaction ID to give it a try. Oh and these transactions are instantaneous, no waiting for a mixing hop to finish or anything. You're right about Cryptonote coins. I should've worded my statement more carefully. My opinion of Cryptonote is that it causes an unworkable degree of blockchain bloat - so much so that it's unlikely to scale even on PCs, never mind on mobile phones. Boolberry have made hotly disputed claims about being able to reduce bloat, but to my knowledge this has not been implemented yet. If a coin bloats, then in my opinion it should not be considered "workable", since it simply can't scale to mainstream (or even sizeable niche) adoption. So although there's a clear sense in which Cryptonote coins are "working", there's also a clear sense in which they're not workable solutions. XC, on the other hand, is designed from the ground up for mobile. It's eminently scalable. |
Co-Founder, the Blocknet
|
|
|
PowderMonkey
Member
Offline
Activity: 105
Merit: 10
|
|
July 31, 2014, 02:46:48 PM |
|
Glad to hear that Darkcoin has built-in protection for this attack vector, it's certainly a valid concern.
It doesn't have that, it was just something I was suggesting in DRK thread earlier and asking what people's thoughts about it are. But if the idea is feasible and provides additional security, the implementation probably should be pretty straightforward. My bad, I thought you were saying they had that in place. I stand corrected. XC does also, in that every single wallet is a node. Thus, there's no central point that can be targeted for a ddos.
It's the same thing. XC node that participates in anonymization requires an open incoming TCP port, and the attacker can ddos those nodes just as well as drk masternodes. Very much true in theory, but what would be the point? When you can't see where the transaction is coming from or where it's going, you'd have to choose to attack a random node, and when that node fails to sign off on the funds due to the attack, the funds go on to the next node anyhow. In addition, transactions are multisig so they require several parties to sign before they are processed. If a bad node alters a transaction to steal funds, or refuses to sign, the transaction won't be processed, so you can't lose funds. Also, since there are redundant connections between nodes that provide multiple pathways for funds, if a node fails to sign a transaction there are others ready to take its place. Pretty cool stuff, really.
The goal when ddos'ing nodes is to first set up many nodes yourself, then ddos the other nodes, so you can then have a control of big enough percentage of the nodes so you can spy the transactions with good enough success. Again, since transactions are fragmented into small pieces and then sent through the network, this attack would not be effective. The attacker could try to spy the network, but the truth of the matter is that the remaining good nodes are still going to end up handling the transactions, however few they may be. But again, since every single wallet is a node, I just don't see this attack being feasible. |
|
|
|
|
synechist
Legendary
Offline
Activity: 1190
Merit: 1000
To commodify ethicality is to ethicise the market
|
|
July 31, 2014, 02:47:13 PM |
|
You're right that it's quite possible to DDOS any coin's nodes like this.
However it'll take up massively more resources to DDOS XC nodes with any noticeable severity, since every single node is a "masternode". The number of nodes an attacker would need to control is proportionally huge.
Disagree. Not every XC user will run their wallet 24/7 - how many nodes are there right now? There are 800+ DRK masternodes running 24/7 atm. Even though some people are running DRK masternodes in their home computers behind adsl or cable connections, most of them are still on dedicated servers or clouds that have gigabit connections. I would imagine it is completely opposite in XC's case. It doesn't take much to ddos someones laptop running on dsl or 3g phone. Obviously this is not easily quantifiable, but the bolded part is just not true imo. There'll be absolutely masses of running nodes on XC's network. Because of XChat:  |
Co-Founder, the Blocknet
|
|
|
|
rethink-your-strategy
|
|
July 31, 2014, 02:48:18 PM |
|
You're right about Cryptonote coins. I should've worded my statement more carefully.
My opinion of Cryptonote is that it causes an unworkable degree of blockchain bloat - so much so that it's unlikely to scale even on PCs, never mind on mobile phones. Boolberry have made hotly disputed claims about being able to reduce bloat, but to my knowledge this has not been implemented yet.
If a coin bloats, then in my opinion it should not be considered "workable", since it simply can't scale to mainstream (or even sizeable niche) adoption.
So although there's a clear sense in which Cryptonote coins are "working", there's also a clear sense in which they're not workable solutions.
XC, on the other hand, is designed from the ground up for mobile. It's eminently scalable.
I'm confused, are you suggesting that mobile devices will run a full node? That seems ill-advised for XC or Monero or any other cryptocurrency. |
|
|
|
|
|
illodin
|
|
July 31, 2014, 02:50:31 PM |
|
Refreshing to read opinions of someone who actually has a clue instead of crypto noobs hyping their vapor buzzwords. I consider myself to be crypto noob as well, however:
What if the Darkcoin wallet was monitoring the state of the network, and if the running masternode count fell for example 50% in a short period of time, it would stop denominating funds (denomination is the anonymization process which runs in the background). This wouldn't affect people sending or receiving coins because they already have them denominated/anonymized. It would only prevent people from re-sending received funds during this ddos period.
Every other coin has to use nodes as well, and they can be ddos attacked which can halt the network for the duration of the attack. It's not only Darkcoin that is susceptible to ddos.
The "monitoring the state of the network" thing is then a huge security risk AND a massive drain. This means that every single one of the (potentially tens or hundreds of thousands) have to reach out every single one of the (potentially several hundred) masternodes. This is a massive traffic burden, but it also means that a bad actor can setup (or compromise) just a single masternode in order to identify the IP address of every single node. You are right that every coin has to use nodes, but bear in mind that 50% of nodes becoming unavailable in most cryptocurrencies isn't a showstopper. The rest will continue to operate and maintain consensus, and when those 50% come back online they'll just catch up to the network state. I don't have deep enough understanding so I'm just throwing ideas around here. But there must be a way to distribute the count of the running nodes in trustless manner (similar to how the blockchain is distributed) without every wallet having to go and ping every masternode. This would obviously mean that the implementation wouldn't be so straightforward anymore.  And, the count is needed only before doing the denomination, which could be once a day, or once a week for most users. |
|
|
|
|
|
battbot
|
|
July 31, 2014, 02:56:37 PM |
|
Does cloak even have any features released? Or are they still in "promise" stage? If the latter, why are we even discussing it?
|
|
|
|
|
PowderMonkey
Member
Offline
Activity: 105
Merit: 10
|
|
July 31, 2014, 02:57:02 PM |
|
You're right about Cryptonote coins. I should've worded my statement more carefully.
My opinion of Cryptonote is that it causes an unworkable degree of blockchain bloat - so much so that it's unlikely to scale even on PCs, never mind on mobile phones. Boolberry have made hotly disputed claims about being able to reduce bloat, but to my knowledge this has not been implemented yet.
If a coin bloats, then in my opinion it should not be considered "workable", since it simply can't scale to mainstream (or even sizeable niche) adoption.
So although there's a clear sense in which Cryptonote coins are "working", there's also a clear sense in which they're not workable solutions.
XC, on the other hand, is designed from the ground up for mobile. It's eminently scalable.
I'm confused, are you suggesting that mobile devices will run a full node? That seems ill-advised for XC or Monero or any other cryptocurrency. I'll let Synechist speak for himself, but I do want to add in my opinion  Being able to run a full node on a mobile device is not only a great idea, it's absolutely necessary for the advancement of crypto. Just think about the direction everything is going in our world today... it's going mobile. That's where crypto should be looking to expand, and XC has been bearing that in mind from the beginning. |
|
|
|
|
|
illodin
|
|
July 31, 2014, 02:57:40 PM |
|
The goal when ddos'ing nodes is to first set up many nodes yourself, then ddos the other nodes, so you can then have a control of big enough percentage of the nodes so you can spy the transactions with good enough success. Again, since transactions are fragmented into small pieces and then sent through the network, this attack would not be effective. The attacker could try to spy the network, but the truth of the matter is that the remaining good nodes are still going to end up handling the transactions, however few they may be. But again, since every single wallet is a node, I just don't see this attack being feasible. How can you tell which nodes are good and which nodes are spying? You can't. |
|
|
|
|
|
illodin
|
|
July 31, 2014, 02:58:15 PM |
|
I don't get it but ok I guess.  |
|
|
|
|
policymaker
Full Member
Offline
Activity: 210
Merit: 100
Crypto Currency Supporter
|
|
July 31, 2014, 02:59:58 PM |
|
This is not a discuses anyone more ... everyone is just throwing his coin in here and trying to advertise so their coin gets pumped how pathetic is this really... Please stay on the topic and let us only focus on DARKCOIN and CLOAKCOIN. Can we do this ? Thank you
We are truly sorry, we didnt mean to offend your investment, but I thought this was the " Pros and Cons to Anon coins, Including Darkcoin / Cloakcoin, lets discuss them" . If you wanted a topic just on those two, you should make it or change it and we can have a conversation into a new topic. @illodin xchat will be available to every single user, for free. You can use it just for the anonymous encrypted messaging, and not be considered a holder with too many coins, but such a powerful software will be usable for free by so many, thus supporting network. |
|
|
|
PowderMonkey
Member
Offline
Activity: 105
Merit: 10
|
|
July 31, 2014, 03:03:16 PM |
|
The goal when ddos'ing nodes is to first set up many nodes yourself, then ddos the other nodes, so you can then have a control of big enough percentage of the nodes so you can spy the transactions with good enough success. Again, since transactions are fragmented into small pieces and then sent through the network, this attack would not be effective. The attacker could try to spy the network, but the truth of the matter is that the remaining good nodes are still going to end up handling the transactions, however few they may be. But again, since every single wallet is a node, I just don't see this attack being feasible. How can you tell which nodes are good and which nodes are spying? You can't. If a bad node/spying node makes an attempt on the funds, or if it refuses to sign off on the transaction, the funds go on to the next good node. |
|
|
|
|
fluffypony
Donator
Legendary
Offline
Activity: 1274
Merit: 1060
GetMonero.org / MyMonero.com
|
|
July 31, 2014, 03:05:47 PM |
|
I don't have deep enough understanding so I'm just throwing ideas around here. But there must be a way to distribute the count of the running nodes in trustless manner (similar to how the blockchain is distributed) without every wallet having to go and ping every masternode. This would obviously mean that the implementation wouldn't be so straightforward anymore. And, the count is needed only before doing the denomination, which could be once a day, or once a week for most users. I'll but in with my thoughts on that, if I may: You'd have to get the MasterNodes to do the consensus finding, as you don't want to have a scenario where individual nodes can be enumerated (eg. by them randomly pinging 2 MasterNodes and then finding consensus with their peer group). The problem is that a superpeer group broadcasting consensus is still effectively centralised (eg. what's your outlier cut-off for network state among the superpeers? well, then that's all that's needed to confuse consensus...whereas with Bitcoin you need to own 51% of the network). It also doesn't let you know if a compromise event occurs. If, for instance, there are 50% of the nodes hosted on Amazon infrastructure (a likely event if the resources required exceeds that available in most virtualised environments), how would you know if Amazon was subpoena'd and the FBI or the NSA or whoever had access to >50% of the MasterNodes? Knowing their up/down status is one thing, knowing if the host OS their VPS is running on is compromised or not is another entirely. |
|
|
|
synechist
Legendary
Offline
Activity: 1190
Merit: 1000
To commodify ethicality is to ethicise the market
|
|
July 31, 2014, 03:11:46 PM |
|
You're right about Cryptonote coins. I should've worded my statement more carefully.
My opinion of Cryptonote is that it causes an unworkable degree of blockchain bloat - so much so that it's unlikely to scale even on PCs, never mind on mobile phones. Boolberry have made hotly disputed claims about being able to reduce bloat, but to my knowledge this has not been implemented yet.
If a coin bloats, then in my opinion it should not be considered "workable", since it simply can't scale to mainstream (or even sizeable niche) adoption.
So although there's a clear sense in which Cryptonote coins are "working", there's also a clear sense in which they're not workable solutions.
XC, on the other hand, is designed from the ground up for mobile. It's eminently scalable.
I'm confused, are you suggesting that mobile devices will run a full node? That seems ill-advised for XC or Monero or any other cryptocurrency. Some mobile devices will run with a full node. They'll stake and everything. Other devices (say, dumbphones) that can't run a node will end up using PoBC. The basic idea is: - dumbphone node contacts other nodes - provably establishes that the other nodes' blockchains are legit - thereby proves that a given tx is legit Why would you say that this is ill-advised? In my view mobile-friendliness is absolutely critical to mainstream adoption. |
Co-Founder, the Blocknet
|
|
|
synechist
Legendary
Offline
Activity: 1190
Merit: 1000
To commodify ethicality is to ethicise the market
|
|
July 31, 2014, 03:15:23 PM |
|
I don't get it but ok I guess. If people can only use their wallets to make payments or to stake, there's no incentive to run them that often. However if your wallet has XChat, that is, true P2P instant messaging with end-to-end encryption and IP obfuscation, then you'll use it a whole lot more often. You'll use it every time you chat to someone. So there'll be larger percentage of XC nodes running at any given point due to XChat. |
Co-Founder, the Blocknet
|
|
|
synechist
Legendary
Offline
Activity: 1190
Merit: 1000
To commodify ethicality is to ethicise the market
|
|
July 31, 2014, 03:21:09 PM |
|
The goal when ddos'ing nodes is to first set up many nodes yourself, then ddos the other nodes, so you can then have a control of big enough percentage of the nodes so you can spy the transactions with good enough success. Again, since transactions are fragmented into small pieces and then sent through the network, this attack would not be effective. The attacker could try to spy the network, but the truth of the matter is that the remaining good nodes are still going to end up handling the transactions, however few they may be. But again, since every single wallet is a node, I just don't see this attack being feasible. How can you tell which nodes are good and which nodes are spying? You can't. You can't spy productively on XC nodes because private transactions are fragmented and because every node forwards them trustless. This creates a scenario where there's no telling if the sender/recipient of a fragment is the original sender or final recipient, and there's no telling whether the amount sent is the whole amount. Furthermore since fragments can be sent, even non-private transactions become "private" in this respect, since the amount sent could be a fragment, and so a spy has no grounds to assert that the amount sent/received is the total amount, or that the sender/recipient is the original sender/final recipient. |
Co-Founder, the Blocknet
|
|
|
|
rethink-your-strategy
|
|
July 31, 2014, 03:21:20 PM |
|
Some mobile devices will run with a full node. They'll stake and everything.
Other devices (say, dumbphones) that can't run a node will end up using PoBC. The basic idea is:
- dumbphone node contacts other nodes
- provably establishes that the other nodes' blockchains are legit
- thereby proves that a given tx is legit
Why would you say that this is ill-advised? In my view mobile-friendliness is absolutely critical to mainstream adoption.
Why reinvent the wheel? Just use Electrum (open source!) or SPV. |
|
|
|
|
|
