Bitcoin Forum
October 14, 2019, 07:36:44 PM
 Welcome, Guest. Please login or register.
 News: Latest Bitcoin Core release: 0.18.1 [Torrent]
 Home Help Search Login Register More
 Pages: 1 ... 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 [95] 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139
 Author Topic: delete  (Read 165306 times)
TheFascistMind
Newbie

Offline

Activity: 42
Merit: 0

 October 04, 2014, 03:01:03 AMLast edit: October 04, 2014, 03:23:54 AM by TheFascistMind

...
Strictly by the definitions, the "Bitcoin Mining Problem" (BMP), the partial inversion of SHA256, is O(1), because it does not matter what the algorithm outputs when n is not 256.  Hence, strictly by the definitions, BMP is in P, and therefore is in NP; but is not NP-complete.  And, indeed, it could be solved by a giant table.  Of course, that table is too big to be built in practice; but that obstacle is not relevant for the theory.

I am not aware of any theory that would give a useful estimate of the practical difficulty of solving some problem with fixed-size inputs, like the BMP.  At best, one can prove theoretically that a certain specific shortcut will not work; but there is no way to prove that there are no practical shortcuts.  The only "proof" that BMP is hard is that many people have tried to find such a practical shortcut, for many years, with no success.

It is a terrible misconception to think that "exponential cost" is bigger (or grows faster) than "polynomial cost".  That is true only for "sufficiently large n", but the theory does not say when n is "sufficiently large"; it could be true only for n greater than 10500...

Indeed you are correct that the theory only makes proofs about the asymptotic complexity. It is analogous to Random Oracle proofs of cryptographic properties, because it is in fact proven that no perfect Random Oracle can be created.

We can prove nothing in this universe with absolute certainty because we are not an external observer (study the assumptions of the Shannon-Nyquist theorem for example). I get into the philosophical discussion of this in my article about the Universe.

However, I can analyze at which ranges of n algorithm resource costs scale more like nk versus n log n. Maybe I can even write a proof for a specific algorithm that it scales approximately like some function over a certain range of n. Are you saying that can't be done? I've never tried, I just intuitively looked at the code and could see it was scaling exponentially and one line was the culprit.

You are correct that if our best known algorithms are impractical to implement with current resources, it doesn't mean there isn't any possible algorithm that will. But here I want to take you back to my discovery about the edge of the universe. I was toying around with the duality of the Bottom and Top type in the two difference classes of programming languages and it made me realize that time and the universe is co-inductive and thus the finality or edge is indeterminate, which is analogous to undecidable in the Halting problem.

Thus in the real world all we have are the observations we've made, i.e. the calls we made to our co-inductive universe.

In summary, you were talking about what is provable and I was talking about what is observable. That is why we were talking past each other. And I used the wrong terminology, because O() and NP/P have very specific meanings that are essentially meaningless, because they can't ever be observed. I get your point now, yes indeed.

Edit:

I have seen several computer scientists and students who, trusting that "O(log n) is much better than O(n)", tried to use this  method for things like pattern matching, where each site is an observed pattern, represented by a point in some high-dimensional space.  Only to find that, for that application, the quad-tree method is often much slower than plain sequential search.

In the real-world there is no absolute referential transparency, thus we can never be sure there aren't other input variables other than n that impact the performance.

It turns out that the quad-tree begins to work only if the number of sites n is at least 2d.  It works quite well for n = 1000 and d = 2 or 3; but, for  d = 30, it is a total waste of time unless n is a lot greater than a billion.  Not "smallish" at all...

The big-O notation was invented by pure mathematicians, to describe the limiting behavior of functions from reals to reals, such as the solutions of differential equations.  It was adapted to algorithm analysis by Don Knuth, IIRC.  However, for Knuth it was only a working tool, that would give an idea of the type of formula that had to be determined.  For example, if the number t(n) of inner block executions was found to be O(n2), one could write t(n) ≤ A n2 + B n + C, and then look for suitable values of A, B, and C.  If t(n) was found to be exponential, one would look for a formula like t(n) ≤ A × Bn. An so on.

However, finding those constants requires lots of boring algebra, so Knuth's lazy followers tacitly agreed that finding the big-O of the running time was good enough.  And then came the really lazy ones, who decided that "polynomial time" was all one needed to know.

Ah so you do agree with me that we can apply the concept of approximated scaling to analysis of algorithms, with caveats. Yeah we can't prove anything absolutely.
1571081804
Hero Member

Offline

Posts: 1571081804

Ignore
 1571081804

1571081804
 Report to moderator
1571081804
Hero Member

Offline

Posts: 1571081804

Ignore
 1571081804

1571081804
 Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1571081804
Hero Member

Offline

Posts: 1571081804

Ignore
 1571081804

1571081804
 Report to moderator
1571081804
Hero Member

Offline

Posts: 1571081804

Ignore
 1571081804

1571081804
 Report to moderator
1571081804
Hero Member

Offline

Posts: 1571081804

Ignore
 1571081804

1571081804
 Report to moderator
nioc
Legendary

Offline

Activity: 1624
Merit: 1008

 October 04, 2014, 03:06:03 AM

Been gone 2 days and just wasted 1/2 hour trying to catch up, but fuck that 20 more pages of this crap is too much.

Someone wanna sum up whats going on right now?

In the time of chimpanzees
I was a monkey
Butane in my veins
So I'm out to cut the junkie
With the plastic eyeballs,
Spray-paint the vegetables
Dog food stalls with the beefcake pantyhose
Kill the headlights
And put it in neutral
Stock car flaming' with a loser
And the cruise control
Baby's in Reno with the vitamin D
Got a couple of couches,
Sleep on the love seat
Someone keeps saying'
I'm insane to complain
About a shotgun wedding
And a stain on my shirt
Don't believe everything that you breathe
You get a parking violation
And a maggot on your sleeve
So shave your face
With some mace in the dark
Saving' all your food stamps
And burning' down the trailer park

(Yo. Cut it.)
Soy un perdedor
I'm a loser baby, so why don't you kill me?

(Double-barrel buckshot)

Soy un perdedor
I'm a loser baby, so why don't you kill me?

Forces of evil in a bozo nightmare
Banned all the music with a phony gas chamber
'Cuz one's got a weasel
And the other's got a flag
One's on the pole, shove the other in a bag
With the rerun shows
And the cocaine nose-job
The daytime crap of the folksinger slop
He hung himself with a guitar string
Slap the turkey-neck
And it's hanging' from a pigeon wing
You can't write if you can't relate
Trade the cash for the beef
For the body for the hate
And my time is a piece of wax
Falling' on a termite
Who's choking' on the splinters
Soy un perdedor
I'm a loser baby, so why don't you kill me?
(Get crazy with the cheeze whiz)
Soy un perdedor*
I'm a loser baby, so why don't you kill me?
(Drive-by body-pierce)
(Yo, bring it on down)
Soooooooyy....
(I'm a driver; I'm the winner;
Things are gonna change
I can feel it)
Soy un perdedor
I'm a loser baby, so why don't you kill me?
(I can't believe you)
Soy un perdedor
I'm a loser baby, so why don't you kill me?
Soy un perdedor
I'm a loser baby, so why don't you kill me?
(Sprechen sie Deutsch, baby?)
Soy un perdedor
I'm a loser baby, so why don't you kill me?
(Know what I'm saying'?)

TheFascistMind
Newbie

Offline

Activity: 42
Merit: 0

 October 04, 2014, 03:10:58 AM

Auroracoin (which btw rpietila invested in

He suggests that he didn't. What is your evidence?

Even though I was interested in this before the great pump in March (and would have made up to 100x gains if I had bought), now it is in a "following" mode after crashing back. If I moved to Iceland, I would probably start using it. Not an unconditional "sell" though.

Okay I thought he had because it seemed like he was very interested, but I did tell him that it had the wrong distribution model thus couldn't be anything other than a pump and dump. I had assumed he sold on the way up and wasn't left holding the bag, but now I learn he never bought.
CoinHoarder
Legendary

Offline

Activity: 1456
Merit: 1025

In Cryptocoins I Trust

 October 04, 2014, 03:20:08 AM

Auroracoin (which btw rpietila invested in

He suggests that he didn't. What is your evidence?

Even though I was interested in this before the great pump in March (and would have made up to 100x gains if I had bought), now it is in a "following" mode after crashing back. If I moved to Iceland, I would probably start using it. Not an unconditional "sell" though.

Okay I thought he had because it seemed like he was very interested, but I did tell him that it had the wrong distribution model thus couldn't be anything other than a pump and dump. I had assumed he sold on the way up and wasn't left holding the bag, but now I learn he never bought.

Anyone that even considered Auroracoin loses credibility in my mind.
TooDumbForBitcoin
Legendary

Offline

Activity: 1638
Merit: 1001

 October 04, 2014, 03:23:16 AM

Auroracoin (which btw rpietila invested in

He suggests that he didn't. What is your evidence?

Even though I was interested in this before the great pump in March (and would have made up to 100x gains if I had bought), now it is in a "following" mode after crashing back. If I moved to Iceland, I would probably start using it. Not an unconditional "sell" though.

Okay I thought he had because it seemed like he was very interested, but I did tell him that it had the wrong distribution model thus couldn't be anything other than a pump and dump. I had assumed he sold on the way up and wasn't left holding the bag, but now I learn he never bought.

Anyone that even considered Auroracoin loses credibility in my mind.

Even those hot Icelandic bitches named Somebodysdottir?

 ▄▄                                  ▄▄ ███▄                            ▄███  ██████                      ██████   ███████                  ███████    ███████                ███████     ███████              ███████      ███████            ███████       ███████▄▄      ▄▄███████        ██████████████████████         ████████████████████          ██████████████████           ████████████████            ██████████████             ████████████              ██████████               ████████                ██████                 ████                  ██ veil | PRIVACY          WITHOUT COMPROMISE.       ▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂▂ | NO ICO. NO PREMINE.     X16RT GPU Mining. Fair distribution. | The first Zerocoin-based Cryptocurrency          WITH ALWAYS-ON PRIVACY. | ▄▄████              ▄▄████████▌         ▄▄█████████▀███    ▄▄██████████▀▀ ▄███▌▄████████████▀▀  ▄█████▀▀▀███████▀   ▄███████▌      ██    ▄█████████       █  ▄██████████▌       █  ███████████       █ ██▀ ▀██████▌       ██▀     ▀████                 ▀█▌ ▄███████   ████████   ███▀   ███████████████████████   ███   ███   ███   ███   ███   ███ ▄▄█▀▀ ▄▄▄▄▄▄▄▄ ▀▀█▄▄   ▐██▄▄██████████████▄▄██▌   ████████████████████████  ▐████████████████████████▌  ███████▀▀▀██████▀▀▀███████ ▐██████     ████     ██████▌ ███████     ████     ███████▐████████▄▄▄██████▄▄▄████████▌▐████████████████████████████▌ █████▄▄▀▀▀▀██████▀▀▀▀▄▄█████  ▀▀██████          ██████▀▀      ▀▀▀            ▀▀▀
CoinHoarder
Legendary

Offline

Activity: 1456
Merit: 1025

In Cryptocoins I Trust

 October 04, 2014, 03:32:12 AM

Auroracoin (which btw rpietila invested in

He suggests that he didn't. What is your evidence?

Even though I was interested in this before the great pump in March (and would have made up to 100x gains if I had bought), now it is in a "following" mode after crashing back. If I moved to Iceland, I would probably start using it. Not an unconditional "sell" though.

Okay I thought he had because it seemed like he was very interested, but I did tell him that it had the wrong distribution model thus couldn't be anything other than a pump and dump. I had assumed he sold on the way up and wasn't left holding the bag, but now I learn he never bought.

Anyone that even considered Auroracoin loses credibility in my mind.

Even those hot Icelandic bitches named Somebodysdottir?

Haha... They get a free get out of jail card.
TheFascistMind
Newbie

Offline

Activity: 42
Merit: 0

 October 04, 2014, 03:49:04 AM

Certainly ring sigs don't automatically cause massive numbers of otherwise-unrelated transactions to suddenly depend on a rejected fork, especially if the fork is of limited duration. Granted there are slightly more dependencies, but that is quantitative difference not a qualitative one.

I posited to NewLiberty upthread that the development of a Gordian knot would depend on the duration of such an attack.

I argue it it also qualitative because my outputs get mixed in rings without my permission. Thus I can't spend in times of such an attack without incurring the risk that my spend must be unwound. Whether I know an attack is underway is irrelevant.

Quote
Quote
Quote
3. Non-Cryptonote coins do not have throw away 20% of the timestamp information upon difficulty adjustment. I know you think the vulnerability I have broad-sketched above is not sufficiently detailed to warrant any concern, but nevertheless this is a risk that doesn't exist in other coins.

More vague uncertainty and doubt without some sort of positive statement.

I have described a specific set of steps for an algorithm upthread.

I missed that. Please quote it or summarize it.

I am so hungry. For example, I posited a way to continually increase the difficulty by always structuring the attackers blocks to make the fastest block solutions in the discarded 20% set, thus skewing the statistics of the hashrate. I wrote the caveat that I hadn't studied the implementation to see if this was feasible.

I posited this would cause the network hashrate to drop (because miner's profits depends on difficulty) thus increasing the attackers % of the network hashrate.

Btw, the selfish mining white paper shows the math for this effect, so you've just opened a window to make it easier with less hashrate. You can work through the equations there. I suppose 20% as BCX said wouldn't be far off because of my recent interaction with that math.

Quote
You actually did this in describing the existence of stronger-than-MRL-0001 deanonymation attack (though not its scope and practical effect).

Oh I see you are recognizing that. Thanks.

Exactly, and this is not meant to personalize the issue with respect to you or anyone else or Monero or any other project. Specific, well-supported and well-presented contributions are more valued than vague ones. Always and everywhere.

I agree they are valued, but I entirely disagree they are universally more valuable in every case. Sometimes just the inkling of an incredibly powerful idea is more valuable to me than some implementation of something.

I am 100% sure you agree there are such cases.

Quote
It is very intuitive to me mathematically that you've got aliasing error in your difficult adjustment.

Show a specific example (or more general mathematical proof, but I'm guessing that proof-by-example might be easiest here).

Too hungry. Will see if something comes to me later.
TheFascistMind
Newbie

Offline

Activity: 42
Merit: 0

 October 04, 2014, 03:56:53 AMLast edit: October 04, 2014, 11:12:33 AM by TheFascistMind

A minor price drop is nothing more than the weak hands pissing themselves and they will regret it soon enough and buy back in at a loss.

This thread has become a joke.

Unless ring signatures are qualitatively the wrong solution for anonymity. The jury is still out on this one. Needs more analysis.

One thing I don't like personally is IBM says we are 10-15 years from a quantum computer and all that anonymity history goes poof and then the government backtrack and go after all those assets that were hidden from the coming global implosion 2016 - 2032.

But not everyone even agrees with my pessimism about the next 15 years.

Also I don't trust those simultaneous equations that I showed which mixed operations over different number fields. That is entirely new cryptography and it could potentially enable some new mathematical attack at any time. There is no Diffie-Hellman refutation that has a lot of cryptanalysis.

I'd rather not put my anonymity in some unproven math on the block chain that is saved forever. Eventually there will be a quantum computer and all that will be cracked.

And we still have to see what the outcome will be on the de-anonymization and respective mitigation algorithms which are already known but not yet fully explored. Might be duds, but I doubt it.

Also although smooth claims they know how to prune ring signatures to make a better scaling blockchain, and even the algorithm I presented to them in theory does some pruning, I am not yet convinced ring signatures are congruent with the decentralization I would be aiming for. But this is very vague at this point and nothing I can really do to immediately get all the specifics enumerated.

That is several different vectors of weakness for ring signatures. I never really understood why some investors think they found the Holy Grail. We need more analysis to know how they compare against all other options.

Edit: that the spender of a ring is culpable for which public keys he mixes with, unlike other anonymity mixing methods which remove this choice and thus culpability from the spender.
Spoetnik
Legendary

Offline

Activity: 1540
Merit: 1010

FUD Philanthropist™

 October 04, 2014, 04:03:33 AM

You Monero Shills REALLY get off taking credit for Cryptonote don't you ?
In case people don't know Cryptonote was a coin cloning "Platform" designed to make cloning coins easier..
Monero is simply one of many !

There's usually no such thing as bad publicity, however I think in this case, the Monero shills have created an exception to this rule.

Many people I speak to in Crypto are starting to dislike Monero because of all the sock-puppet accounts, whomever is funding this Jihad went too far.

Funny, I see the opposite. All the sockpuppets and retards attacking it are giving it more legitimacy I've seen this thing attacked 3 times (IIRC) since I started watching it and it hasn't faltered.

I'd say the FUd is failing. A minor price drop is nothing more than the weak hands pissing themselves and they will regret it soon enough and buy back in at a loss.

This thread has become a joke.

the fact that myself and others am laughing at Monero and it's blatant shills does not make it more and more legit

FUD first & ask questions later™
Spoetnik
Legendary

Offline

Activity: 1540
Merit: 1010

FUD Philanthropist™

 October 04, 2014, 04:05:50 AM

Been gone 2 days and just wasted 1/2 hour trying to catch up, but fuck that 20 more pages of this crap is too much.

Someone wanna sum up whats going on right now?

In the time of chimpanzees
I was a monkey
Butane in my veins
So I'm out to cut the junkie
With the plastic eyeballs,
Spray-paint the vegetables
Dog food stalls with the beefcake pantyhose
Kill the headlights
And put it in neutral
Stock car flaming' with a loser
And the cruise control
Baby's in Reno with the vitamin D
Got a couple of couches,
Sleep on the love seat
Someone keeps saying'
I'm insane to complain
About a shotgun wedding
And a stain on my shirt
Don't believe everything that you breathe
You get a parking violation
And a maggot on your sleeve
So shave your face
With some mace in the dark
Saving' all your food stamps
And burning' down the trailer park

(Yo. Cut it.)
Soy un perdedor
I'm a loser baby, so why don't you kill me?

(Double-barrel buckshot)

Soy un perdedor
I'm a loser baby, so why don't you kill me?

Forces of evil in a bozo nightmare
Banned all the music with a phony gas chamber
'Cuz one's got a weasel
And the other's got a flag
One's on the pole, shove the other in a bag
With the rerun shows
And the cocaine nose-job
The daytime crap of the folksinger slop
He hung himself with a guitar string
Slap the turkey-neck
And it's hanging' from a pigeon wing
You can't write if you can't relate
Trade the cash for the beef
For the body for the hate
And my time is a piece of wax
Falling' on a termite
Who's choking' on the splinters
Soy un perdedor
I'm a loser baby, so why don't you kill me?
(Get crazy with the cheeze whiz)
Soy un perdedor*
I'm a loser baby, so why don't you kill me?
(Drive-by body-pierce)
(Yo, bring it on down)
Soooooooyy....
(I'm a driver; I'm the winner;
Things are gonna change
I can feel it)
Soy un perdedor
I'm a loser baby, so why don't you kill me?
(I can't believe you)
Soy un perdedor
I'm a loser baby, so why don't you kill me?
Soy un perdedor
I'm a loser baby, so why don't you kill me?
(Sprechen sie Deutsch, baby?)
Soy un perdedor
I'm a loser baby, so why don't you kill me?
(Know what I'm saying'?)

You Monero Shills always say that HAHAHHA

FUD first & ask questions later™
jwinterm
Legendary

Online

Activity: 2100
Merit: 1042

 October 04, 2014, 04:13:32 AM

You are correct that if our best known algorithms are impractical to implement with current resources, it doesn't mean there isn't any possible algorithm that will. But here I want to take you back to my discovery about the edge of the universe. I was toying around with the duality of the Bottom and Top type in the two difference classes of programming languages and it made me realize that time and the universe is co-inductive and thus the finality or edge is indeterminate, which is analogous to undecidable in the Halting problem.

I totally remember reading about that discovery in Nature or Science...oh wait, it was published on Google Groups. Such legit
smooth
Legendary

Offline

Activity: 2282
Merit: 1136

 October 04, 2014, 04:14:36 AM

I argue it it also qualitative because my outputs get mixed in rings without my permission. Thus I can't spend in times of such an attack without incurring the risk that my spend must be unwound. Whether I know an attack is underway is irrelevant.

This is not how it works. Whether your output is included in a mix makes no difference to your ability to spend it. In fact, you wouldn't even notice either my use of your output or the unwind of my use of your output. It wouldn't affect your transaction at all, nor would the presence of absence of my use of your output as a mix affect your ability to spend now or in the future. You have nothing to fear.

There is one case where it makes a difference. If you spend using my output as a mix, and my output disappears, then your transaction becomes invalid (on the other fork), but you still have your coins. You still have nothing to fear from this situation, though the recipient, as always, needs to fear a double spend attack in the case of a chain fork. In this case a small number of innocent bystanders may have the opportunity to double spend, although that doesn't guarantee they would do it. In practice many would just a assume some sort of glitch caused the transaction to not go through and resend it.

Quote
Quote
Quote
More vague uncertainty and doubt without some sort of positive statement.

I have described a specific set of steps for an algorithm upthread.

I missed that. Please quote it or summarize it.

I am so hungry. For example, I posited a way to continually increase the difficulty by always structuring the attackers blocks to make the fastest block solutions in the discarded 20% set, thus skewing the statistics of the hashrate. I wrote the caveat that I hadn't studied the implementation to see if this was feasible.

Structured how? Specifically.

Quote
Specific, well-supported and well-presented contributions are more valued than vague ones. Always and everywhere.

I agree they are valued, but I entirely disagree they are universally more valuable in every case. Sometimes just the inkling of an incredibly powerful idea is more valuable to me than some implementation of something.

I am 100% sure you agree there are such cases.

Such cases exist. Unfortunately they often are ignored because they don't rise above the noise floor. This is not only not specific to the "culture" of Monero but it is rational and universal and necessary to communicate in a noisy environment. You can't control the noise floor, you can only control the strength of your signal. Please increase it.

Quote
Will see if something comes to me later

Now we are getting somewhere (maybe).

TheFascistMind
Newbie

Offline

Activity: 42
Merit: 0

 October 04, 2014, 04:17:02 AM

Whether your output is included in a mix makes no difference to your ability to spend it.

Try re-reading what I wrote.
Spoetnik
Legendary

Offline

Activity: 1540
Merit: 1010

FUD Philanthropist™

 October 04, 2014, 04:17:43 AM

Auroracoin (which btw rpietila invested in

He suggests that he didn't. What is your evidence?

Even though I was interested in this before the great pump in March (and would have made up to 100x gains if I had bought), now it is in a "following" mode after crashing back. If I moved to Iceland, I would probably start using it. Not an unconditional "sell" though.

Okay I thought he had because it seemed like he was very interested, but I did tell him that it had the wrong distribution model thus couldn't be anything other than a pump and dump. I had assumed he sold on the way up and wasn't left holding the bag, but now I learn he never bought.

Anyone that even considered Auroracoin loses credibility in my mind.

damn straight !

problem = most idiots in crypto want dem lambo's
and they will gladly buy into any faggy CancerHead ISIS Pedophile baby Rapist Corrupt Scam IPO/ICO Angel Invested Crowd Funded Coin ..... as long as they turn a profit.
i know because ALL the well known fuckers in this scene have told this to my face word for fucking word on here and on cryptsy chat for a year+ now !
i won't bother naming names (you know who you ALL are)
does this sound familiar idiots ?
ya but but i made 4 Bitcoin of "it"

exactly and you fucking destroyed the scene and reduced it to a laughing stock.. crypto-nigerian schemes !
where do all those new guys flooding back in OCT/NOV/DEC 2013 go ?
seem the amount of new guys tapered off and even worse many cashed out dropping prices and LEFT !!!!

Look in the mirror excuse makers.. all you did was make corrupt shit holes like Cryptsy and scammy pool operators money with fee's !
oh and you fucked up the whole scene and made Bitcoin look like shit in the process.. congrats guys LOL
your soooooo brilliant

don't mind me carry on with your Monero Genius Mensa talk.. maybe throw around some impressive big words and math calculations
that should lure in the retards to BUY Monero coins with Bitcoin so you can pad your Bitcoin Wallets LOL
I can see some of you are bending over backwards here on this topic with that whole routine ahahhaa
anti-FUD engineered with a mathmatical elyptical curve to calculate the quantum profit margins of the Monero Billion dollar Economy!

Summary ?

Scam coin.

move along.. nothing to see here.

- so there you have it.. my opinion (the correct one)

FUD first & ask questions later™
TheFascistMind
Newbie

Offline

Activity: 42
Merit: 0

 October 04, 2014, 04:26:27 AM

I am so hungry. For example, I posited a way to continually increase the difficulty by always structuring the attackers blocks to make the fastest block solutions in the discarded 20% set, thus skewing the statistics of the hashrate. I wrote the caveat that I hadn't studied the implementation to see if this was feasible.

Structured how? Specifically.

According to the statistics used to choose the 20% set, and given the loose rules about the timestamps the attacker can put on his blocks. Again I said I didn't study the implementation to see if the actual calculation can be so gamed. It is just a conceptual point.

If the code was something I could quickly wrap my head around, I would have looked at it. I have not seen the algorithm used described in sufficient detail, like most things in Cryptonote, you have to go look at spaghetti code instead.
TheFascistMind
Newbie

Offline

Activity: 42
Merit: 0

 October 04, 2014, 04:30:06 AMLast edit: October 04, 2014, 04:40:37 AM by TheFascistMind

Whether your output is included in a mix makes no difference to your ability to spend it.

Try re-reading what I wrote.

Hint: I was referring to when bad transactions mix with the same outputs as I do, thus if you can't de-anonymize, then my transaction gets mixed with the double-spent outputs even though neither I (nor my prior trace of coin history) did double-spend.

I can fix that by mixing with no outputs other than mine, thus no anonymity.

I suppose this applies to any form of transaction mixing, not just ring signatures. And it is just a risk of mixing with more outputs increasing the risk of mixing with a double-spend.

Perhaps a difference is if I am sure I am mixing with very old outputs that are unlikely to be double-spent, then another bad transaction mixing with those plus some that are double-spent, I am thinking you can't remove me from the bad set in some convoluted hierarchal scenarios.

Edit: the more I think about it, it is applicable to any form of block chain mixing in transactions, not just ring signatures. The greater your anonymity set, the greater the risk of dominoes cascade of double-spends into your transaction.
smooth
Legendary

Offline

Activity: 2282
Merit: 1136

 October 04, 2014, 04:38:35 AM

Whether your output is included in a mix makes no difference to your ability to spend it.

Try re-reading what I wrote.

Hint: I was referring to when bad transactions mix with the same outputs as I do, thus if you can't de-anonymize, then my transaction gets mixed with the double-spent outputs even though neither I (nor my prior trace of coin history) did double-spend.

You're not getting it. The concept of a non-transparent blockchain precludes there being "bad" outputs. There is, in general, no-deanonymiziing (certainly no assurance of it) and just outputs (coins) and transactions.

You have nothing to fear from spending on a doomed fork, because either nothing at all happens (transcation ends up being executed on both forks -- some of this happened after the malleable block attack last month), or you will get your coins back. Recipients have everything to fear from receiving on a doomed fork, because they may very well lose their coins. That is just the same as any other coin, unless recipients are pinning their hopes on some kind of targeted rollback and/or freeze on "bad" coins. That would be quite foolish (in addition to being not even possible in many cases on a non-transparent blockchain, and even transparent blockchains in a lot of cases).

The concept of good outputs and bad outputs exist only in theory on transparent blockchains anyway. For example, after the recent Nxt hack there was a proposal to freeze or unwind the hacked coins by creating a fork (not sure which as I don't really follow Nxt). A version of the code that enforces that was released and some people adopted it. However, ultimately it was rejected by the community and that fork died, so the "bad" coins stayed where they are.

This is by design. You can't have strong fungibility if people can pick and choose good and bad coins. There are simply coins and transactions, with the surviving fork (whatever that is) deciding where they go.

TheFascistMind
Newbie

Offline

Activity: 42
Merit: 0

 October 04, 2014, 04:44:05 AM

You're not getting it. The concept of a non-transparent blockchain precludes there being "bad" outputs. There is, in general, no-deanonymiziing (certainly no assurance of it) and just outputs (coins) and transactions.

That is my point. With mixing on the block chain, there is no way to rollback just the double-spends if they get extensively mixed in with the legitimate transactions. Thus I do have to fear that when I spend, it can be unwound and that is me doing a double-spend, because my recipient has lost his funds. What if I've died, moved on, lost or discarded my private key, etc.. I can't reissue the transaction.

And on chain mixing could in theory much more amplify this potential Gordian knot.

And please don't equate with waiting for 6 confirmations as you did upthread. Different risk category when we are talking about an extended duration fork attack.
Spoetnik
Legendary

Offline

Activity: 1540
Merit: 1010

FUD Philanthropist™

 October 04, 2014, 04:45:37 AM

isn't it interesting what guys here go out of their way to avoid saying anything on Monero topics ? (with their Main accounts)
just look around you will see what i mean

FUD first & ask questions later™
smooth
Legendary

Offline

Activity: 2282
Merit: 1136

 October 04, 2014, 04:48:00 AM

my recipient has lost his funds.

Yes this is what happens in a double spend scenario

Quote
What if I've died, moved on, lost my private key, etc.. I can't reissue the transaction.

Then you are a small edge case, especially for plausible fork lengths, and even more especially for plausible fork lengths given regular checkpoints (as in Bitcoin and every other reasonable coin). Given the possibility of forks (even normal ones transient ones) you always need to be prepared to reissue your transaction for some reasonable period of time.

The far more likely cases are that: 1) nothing happens, or 2) you simply see the coins back in your wallet and resend them.

Quote
And please don't equate with waiting for 6 confirmations

I didn't. I said sufficient. That is a judgement call for the recipient to make. 6 is just a default number from Bitcoin but it really means nothing other than the output of a particular probabilistic model from Satoshi's paper, as you correctly explained. Recipients have to make their own judgements when dealing with blockchain technologies. Transactions are never really "final" they are just "final enough." Normal forks and accidental forks (due to software bugs) and deliberately-created forks and double spend attacks are all possibilities to consider, and all have happened before.

 Pages: 1 ... 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 [95] 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139
 « previous topic next topic »
Jump to:

Sponsored by , a Bitcoin-accepting VPN.