qwizzie
Legendary
Offline
Activity: 2548
Merit: 1245
|
|
March 06, 2015, 09:32:41 PM |
|
lets not deviate this into a monero versus darkcoin discussion, frankly thats not really popcorn material. People will regret having bought popcorn for this thread then.
|
Learn from the past, set detailed and vivid goals for the future and live in the only moment of time over which you have any control : now
|
|
|
|
GingerAle
Legendary
Offline
Activity: 1260
Merit: 1008
|
|
March 06, 2015, 09:38:27 PM |
|
argh, yeah, was hopin this wouldn't turn into xmr vs. drk.
fundamentals!!
|
|
|
|
g4q34g4qg47ww
|
|
March 06, 2015, 09:42:27 PM |
|
fluffy dev put whole thread to sleep OP admitted he was wrong I guess i'll find something else of interest
|
|
|
|
Evil-Knievel (OP)
Legendary
Offline
Activity: 1260
Merit: 1168
|
|
March 06, 2015, 09:44:25 PM Last edit: April 17, 2016, 07:49:39 PM by Evil-Knievel |
|
This message was too old and has been purged
|
|
|
|
fluffypony
Donator
Legendary
Offline
Activity: 1274
Merit: 1060
GetMonero.org / MyMonero.com
|
|
March 06, 2015, 09:45:25 PM |
|
Now you're just trolling. Timestamps are set by miners and are not universally reliable, and in any event difficulty retargeting relies on the law of large numbers (ie. capacity for statistical variance has to exist). Also hey, the last 5 Darkcoin blocks tell exactly the same story: [1] [2] [3] [4] [5]
|
|
|
|
stonehedge
Legendary
Offline
Activity: 1722
Merit: 1002
Decentralize Everything
|
|
March 06, 2015, 09:50:24 PM |
|
fluffy dev put whole thread to sleep OP admitted he was wrong I guess i'll find something else of interest I never, at no point admitted I was wrong. The flaw is obvious here, and anyone who tries with a block explorer and a pen and paper can reassemble the correct transaction without shuffling. I am working on a block explorer which allows deanonymization of darksend transactions ... it is trivial actually, an let it work only in 80% of all cases. Good luck, we look forward to seeing the results of your endeavours.
|
|
|
|
qwizzie
Legendary
Offline
Activity: 2548
Merit: 1245
|
|
March 06, 2015, 09:55:50 PM |
|
fluffy dev put whole thread to sleep OP admitted he was wrong I guess i'll find something else of interest I never, at no point admitted I was wrong. The flaw is obvious here, and anyone who tries with a block explorer and a pen and paper can reassemble the correct transaction without shuffling. I am working on a block explorer which allows deanonymization of darksend transactions ... it is trivial actually, an let it work only in 80% of all cases. I'm looking forward to it as any weakness thats exposed in Darkcoin now can only strengthen it in the future but to be honest i think we having a higher chance of seeing Masternode Blinding implemented on Darkcoin Mainnet before ever seeing a working block explorer that effectively deanonymize darksend transactions. But i would love to be proven wrong on this one, maybe you are The One
|
Learn from the past, set detailed and vivid goals for the future and live in the only moment of time over which you have any control : now
|
|
|
ðºÞæ
Sr. Member
Offline
Activity: 1176
Merit: 297
Bitcoin © Maximalist
|
|
March 06, 2015, 09:56:28 PM |
|
op is just pointing out the flaw. who is to say someone else is not already utilizing it for some time without telling anyone
|
"The existing Visa credit card network processes about 15 million Internet purchases per day worldwide. Bitcoin can already scale much larger than that with existing hardware for a fraction of the cost. It never really hits a scale ceiling." Satoshi Nakamoto, April 2009 Avoiding taxes is totally legal if you consider and respect the law.
|
|
|
GingerAle
Legendary
Offline
Activity: 1260
Merit: 1008
|
|
March 06, 2015, 09:56:58 PM |
|
fluffy dev put whole thread to sleep OP admitted he was wrong I guess i'll find something else of interest I never, at no point admitted I was wrong. The flaw is obvious here, and anyone who tries with a block explorer and a pen and paper can reassemble the correct transaction without shuffling. I am working on a block explorer which allows deanonymization of darksend transactions ... it is trivial actually, an let it work only in 80% of all cases. yes - this was an interesting phenomenon in this thread, the magic of "OP admitted he was wrong" appeared somewhere, whereas the last post of the two primary debaters was "good luck making that python thingy" or something along those lines.
|
|
|
|
onemorexmr
|
|
March 06, 2015, 10:00:18 PM |
|
fluffy dev put whole thread to sleep OP admitted he was wrong I guess i'll find something else of interest I never, at no point admitted I was wrong. The flaw is obvious here, and anyone who tries with a block explorer and a pen and paper can reassemble the correct transaction without shuffling. I am working on a block explorer which allows deanonymization of darksend transactions ... it is trivial actually, an let it work only in 80% of all cases. I'm looking forward to it as any weakness thats exposed in Darkcoin now can only strengthen it in the future but to be honest i think we having a higher chance of seeing Masternode Blinding implemented on Darkcoin Mainnet before ever seeing a working block explorer that effectively deanonymize darksend transactions. But i would love to be proven wrong on this one, maybe you are The One well, thats the reason why i need a formal proof on anonymity and some good reviews by cryptographers before i'll trust an anon feature. if you make a transaction thinking it is anonymous and a few weeks later someone says: no, sorry. only the next update may be safe (i dont need to proof that of course, because always when i said its anon you believed me: this time will be the same) -> you may be pretty fucked. if not: why did you do an anon transaction in the first place?
|
|
|
|
g4q34g4qg47ww
|
|
March 06, 2015, 10:02:10 PM |
|
For this we have 10*9*8*7*6*5*4*3*2 possibilities,
SO TO CHECK HOW THE OUTPUTS WERE ORDERED IN THE PREVIOUS TRANSACTION ... we have to think.
OP has failed to unravel a single darksent transaction, and has found that he is missing a gigantic step in his process.
|
|
|
|
qwizzie
Legendary
Offline
Activity: 2548
Merit: 1245
|
|
March 06, 2015, 10:05:13 PM |
|
back to basics : Post 1 from OP
1. Inputs always unsorted 2. Outputs shuffled 3. Next transaction inputs unshuffled again which allows you to reassemble the original order in previous transaction 4. Multiple Amounts/Denominations allow only a few combinations how the original transaction looked like 4. Done! Reply from Darkcoin lead developer : https://bitcointalk.org/index.php?topic=978447.msg10681184#msg10681184Interesting approach, although the input order isn't random, it's randomly generated from multiple transactions on the client side. Even if it was completely not random, that doesn't allow you to "jump" the mixing transaction and know which outputs belong to which inputs. One more thing to note is that after coins are mixed through multiple sessions, there are "final" outputs that are just spent randomly. That can happen in any session, which causes more randomness. You most definitely can't map those randomly spent outputs to the inputs at all. That's what you should be trying to do, you need to be able to show anonymously spent coins and their original source funds.
Nice try though PS. If you believe it's really a weakness you need to map the outputs to the inputs and show who's anonymously spending money on what. I'm not sure it's worth the time though, because masternode blinding randomizes the input order anyway. that pretty much summarize this whole discussion and i agree with post above from g4q34g4qg47ww (who's name is remarkbly difficult to type if you happen to be in a situation where you can not copy and paste it).
|
Learn from the past, set detailed and vivid goals for the future and live in the only moment of time over which you have any control : now
|
|
|
Evil-Knievel (OP)
Legendary
Offline
Activity: 1260
Merit: 1168
|
|
March 06, 2015, 10:06:51 PM Last edit: April 17, 2016, 07:49:33 PM by Evil-Knievel |
|
This message was too old and has been purged
|
|
|
|
illodin
|
|
March 06, 2015, 10:15:12 PM |
|
Now you're just trolling. Timestamps are set by miners and are not universally reliable, and in any event difficulty retargeting relies on the law of large numbers (ie. capacity for statistical variance has to exist). Also hey, the last 5 Darkcoin blocks tell exactly the same story: [1] [2] [3] [4] [5] Yep, your example was basically the same thing. Difficulty retargets slow. And the reward curve described in the whitepaper was taken into use after GPU miners started to appear, so the graph you posted does not use that formula at the beginning.
|
|
|
|
qwizzie
Legendary
Offline
Activity: 2548
Merit: 1245
|
|
March 06, 2015, 10:23:15 PM |
|
that pretty much summarize this whole discussion.
Yes, and the claims the dev did are imho wrong. If you continue reading you will see the explanation. Specially, the message with the colors. i think the claim you are doing is wrong, i mean specifically this one : https://bitcointalk.org/index.php?topic=978447.msg10681598#msg10681598As long as we have the correct order, all three trails will eventually lead to the originator. I am pretty sure that a transaction deanonymizer, which does this order reversal, could walk his way all the way back to the transactions where people started to denominating their funds, and get the # of users from the change outputs. Pls make that transaction deanonymizer and prove your claim, that end trails can indeed be traced back to the originator through following correct order. You would be the first to deanonymize darksend transactions in the history of Darkcoin.
|
Learn from the past, set detailed and vivid goals for the future and live in the only moment of time over which you have any control : now
|
|
|
onemorexmr
|
|
March 06, 2015, 10:31:37 PM |
|
You would be the first to deanonymize darksend transactions in the history of Darkcoin.
https://darkcointalk.org/threads/dead-change-an-anonymity-issue.3019/fixed long ago, not sure if anybody really used it to deanonymize darksend. but there was a problem... and old transaction may still be deanonymized. EDIT: my point is: how should i trust him with my privacy. i need some proofs that he is capable to do what he is claiming (formal proof, code reviews, code reviews by other cryptographers). but the speed at which it is developed cries for bugs (and we see them regularly): under such circumstances i think that good reviews are not even possible -> moving target.
|
|
|
|
AizenSou
|
|
March 06, 2015, 10:37:27 PM |
|
fluffy dev put whole thread to sleep OP admitted he was wrong I guess i'll find something else of interest I never, at no point admitted I was wrong. The flaw is obvious here, and anyone who tries with a block explorer and a pen and paper can reassemble the correct transaction without shuffling. I am working on a block explorer which allows deanonymization of darksend transactions ... it is trivial actually, an let it work only in 80% of all cases. Trivial? Yes Mr Genius. We're still waiting for your free NXT and your BTC private key cracker, which you claimed trivial too.
|
|
|
|
qwizzie
Legendary
Offline
Activity: 2548
Merit: 1245
|
|
March 06, 2015, 10:44:15 PM Last edit: March 06, 2015, 11:04:29 PM by qwizzie |
|
yeah, i admit i forgot about the dead change issue : using non-anonimized change potentially but not necessarily
deanonymize your previously anonymous spend. Aswan who posted about this problem became part of the Darkcoin Development Team very soon after btw. I see this differently then the supposed deanonymizer from OP that he claims can deanonymize 80% of current darksend transactions. edit : with regards to yr own edit .. how to trust our lead developer with your privacy ? Needing code reviews etc EDIT: my point is: how should i trust him with my privacy. i need some proofs that he is capable to do what he is claiming (formal proof, code reviews, code reviews by other cryptographers).
Darksend was code reviewed by Kristov Atlas, a well respected person in the cryptocurrency world. He outlined the Darksend mixing, stated the possible vulnerabilities towards certain types of attack and posted that in our forum and in his blog i think. An update was issued afterwards to deal with some of these type of attacks. https://stellartalk.org/topic/5435-kristov-atlas-paper-an-analysis-of-darkcoins-blockchain-privacy-via-darksend/
|
Learn from the past, set detailed and vivid goals for the future and live in the only moment of time over which you have any control : now
|
|
|
ahoenk
|
|
March 06, 2015, 10:48:14 PM |
|
fluffy dev put whole thread to sleep OP admitted he was wrong I guess i'll find something else of interest I never, at no point admitted I was wrong. The flaw is obvious here, and anyone who tries with a block explorer and a pen and paper can reassemble the correct transaction without shuffling. I am working on a block explorer which allows deanonymization of darksend transactions ... it is trivial actually, an let it work only in 80% of all cases. Trivial? Yes Mr Genius. We're still waiting for your free NXT and your BTC private key cracker, which you claimed trivial too. +10000 i wait for Mr genius claim..lol
|
|
|
|
|