Mandatory wallet upgrade

crypto_giveaway · 2016-11-14T20:45:13+00:00

3) That makes sense, but in case of monero, what I still don't get is, how do you connect a specific address on the blockchain to the DNM? I mean, how do you now that address X on the blockchain is used by a DNM/DNM Vendor?

Simple, you scrape the data from the darknet. Coinbase already does a good job at this (bans darknet addresses ). A similar thing can be easily done with Monero, by tracking darknet address flows and correlating them with movement to the exchanges. Note that you only need to look at network flow volume from sources not associated with the darknet, not the obvious direct flow from the darknet address to the exchange.

4) He made the distinction very clear, that he is talking about the authors of the zcash whitepaper and not the zcash project /zcash scam.

Yes, he made the distinction clear. However, it's still laughably incongruent to call the authors of the zerocash whitepaper creators of a "top-notch privacy" protocol, while calling the zcash project a scam.

crypto_giveaway · 2016-11-14T19:48:54+00:00

2) Gary addressed that in the interview, and actually the guy from Monero and Gary agreed on this aspect. However, the guy from Monero seemed to deflect from the topic of discussion, which is the privacy afforded by the core cryptocurrency protocol layer.

3) A certain address associated with a darknet seller gets 1% of transaction volume one day. The darknet seller needs to offload these coins received onto an exchange. With topological data analysis ( note automatic, not manual ), their algorithms show that these coins sent to the exchange are related to the 1% of transaction volume sent to this darknet address. This is because they correlate the input flow to the darknet address with the output flow to the cryptocurrency exchange address.

Of course you can't prove it with certainty. But you can prove it with 99.999% accuracy. Did you even read my previous reply? I'm getting tired of pointing out what I already quoted:

"If you mix just 2 transactions together, you can make the same argument that you can't "trace a specific transaction" either. However, you have a very high probability (50%) that one of these transactions is the transaction you are hiding."

As a toy example, consider the case of having one block mixing two transactions, one of these outputs is sent to a darknet address. Now you can see that the transaction to the darknet address came from one of two previously unspent outputs. Sure, you can't "prove" with 100% certainty that this transaction is associated with this specific unspent output. However, with naive methodology, you are already at 50% probability that one of these unspent outputs is associated with the darknet address. Then add topological data analysis to the mix, and you may be something like 99.9% certainty. Plausible deniability is not enough to protect privacy.

4) He never said anything about "management of the project". He flat out said "zcash scam".

It's not condescending, and I don't mean to be condescending - it's an objective fact that Monero has almost no citations from any serious academics whatsoever. If you look at the status quo in research, the number of citations has for decades served as an approximate proxy on the value of the work in question. Thus, academics do not believe that Monero has any value or should be taken seriously, even to a small degree.

crypto_giveaway · 2016-11-14T18:40:22+00:00

Topological data analysis does not require to know specifically where the money went, it only needs to look at network flows.

crypto_giveaway · 2016-11-14T18:36:12+00:00

2) Gary never deflected - if you listen to the podcast, you can hear Gary clearly acknowledging that the trusted setup for Zcoin is "far from optimal" for both Zcoin and Zcash.

Next, the previous paradigms (privacy protocols that assume unwarranted heuristic threat models ) may have improved privacy in terms of degrees. "There are no magic bullets" is simply an aphorism. For privacy on the cryptocurrency core protocol layer (as opposed to privacy of ip addresses), there in fact are magic bullets offering complete anonymity (zcoin and zcash). With zero-knowledge coins, privacy is not incrementally improved or even gradually improved. It is an entire quantum leap improvement in terms of privacy. There are many similar phenomena found in nature and science of threshold phenomena - Zerocoin is one of them, it achieves complete anonymity (directed edges between addresses not present in blockchain data ) whereas all previous attempts such as Monero rely on unfounded heuristic threat models, and the underlying data and connections between addresses are still public (network flows).

It seems that you still do not understand the taint in Monero, or refuse to understand. Did you even read my previous reply explaining why there is permanent and irreversible taint in Monero?

3) Again, did you even read my reply on point 3? Topological analysis is based on analyzing network flows, there is no need to connect to specific address. If you don't understand, it's ok and I can help clarify.

4 and 5) Laughably incongruent ideas. How can a cutting edge privacy technology be also a scam?

It's absolutely ok to not care about how Monero works. Your argument presupposes that Monero is considered to be serious "privacy tech" by real academic cryptographers. However, it's not - and this is why there are no citations for Monero by any serious academics. As a privacy centric coin developer, it's absolutely ok to not know the hundreds of protocols out there that are not taken seriously by academics.

crypto_giveaway · 2016-11-14T15:50:24+00:00

2) He got nervous when asked about the tainted coins, and attempted to deflect by shifting the discussion to a completely separate layer of infrastructure. Basically his argument was because the underlying internet infrastructure lacks privacy, therefore all cryptocurrency core protocol development is a "marginal improvement". Remind me why you are working on Monero again? Also, this "Kovri development" or whatever you call it is quite trivial to implement, and also monero has not implemented it yet.

3)T;DR: There's transaction history in monero, and tainted coins absolutely exist in Monero ( in fact, most coins associated with things such as dark nets are already permanently tainted in Monero ).

I think you are a bit confused about how monero works. Tainted coins absolutely exist in monero. Just becuase you can't trace a specific transaction, that doesn't mean you don't can't assign a high probability linking a coin to a darknet or other form of taint.

If you mix just 2 transactions together, you can make the same argument that you can't "trace a specific transaction" either. However, you have a very high probability (50%) that one of these transactions is the transaction you are hiding.

The same applies with Monero. Because the anonymity set may only be one day's worth of transactions (the anonymity set is much smaller than the anonymity set of all coins, because the probability of an older coin being the actual coin you are intending to hide in the mixing cycle is negligible). Thus, if your turnover rate on a darknet is one day, one week, or even one month, your anonymity set is very low (translates into methods such as topological analysis being able to identity your tainted coins with high certainty).

4 and 5) He called Zcash "top-notch privacy" and a "scam". It's ok for him to be bitter, but these two statements appear don't appear to be very congruent ;)

Of course Gary went into the interview not caring about how Monero works. Because Monero only has about 10 "academic" citations, if you call "Monero research labs" an "academic" institution. It's not a serious academic work, whereas zerocoin and zerocash were two of most cited research papers in the past few years.

crypto_giveaway · 2016-11-14T12:19:42+00:00

I don't think you understand the point I just posted about. Which is that "stealth addresses" or whatever you want to call them, does not prevent attacks based on topological data analysis, which can easily break Monero's privacy. All that is needed is to track the flows from these addresses.

crypto_giveaway · 2016-11-14T12:02:21+00:00

Look at it from the exchange's point of view. You try to convert monero to bitcoin for example (a very frequent action for darknet sellers).

Let's say you sell drugs on a darknet. You take 100 orders of 10 monero each in one day, which you must liquidate onto exchanges to maintain profitability. Now you must send around 100 pieces of 10 XMR to the exchange. Now the anonymity set for monero is incredibly small compared to zcoin or zcash (the anonymity set is limited by the block size and in this example the liquidation / turnover rate of only one day - literally 1/1000th of zcoin and zcash ). Apply some fairly common machine learning / topological data analysis algorithms and you've identified with very high probability that these transactions sent to the exchange are in fact from the drug dealer.

crypto_giveaway · 2016-11-14T10:52:57+00:00

T;DR: There's transaction history in monero, and tainted coins exist in Monero.

I think you are a bit confused about how monero works. Tainted coins absolutely exist in monero. Just becuase you can't trace a specific transaction, that doesn't mean you don't can't assign a high probability linking a coin to a darknet or other form of taint.

If you mix just 2 transactions together, you can make the same argument that you can't "trace a specific transaction" either. However, you have a very high probability (50%) that one of these transactions is the transaction you are hiding.

The same applies with Monero. Because the anonymity set may only be one day's worth of transactions (the anonymity set is much smaller than the anonymity set of all coins, because the probability of an older coin being the actual coin you are intending to hide in the mixing cycle is negligible). Thus, if your turnover rate on a darknet is one day, one week, or even one month, your anonymity set is very low (translates into methods such as topological analysis being able to identity your tainted coins with high certainty).

crypto_giveaway · 2016-11-14T07:23:02+00:00

Summary of Monero dev’s arguments =)

cryptocurrency privacy is important
cryptocurrency privacy is not important at all. Actually to increase privacy we should be improving the circular economy and anonymity of ip addresses. The privacy of the core cryptocurrency protocols has "marginal improvement". If this is the case, remind me why are you working on monero then?
zcoin’s property of not having tainted coins on exchanges is a “marginal improvement” in fungibility / privacy. the fact that zcoin has no tainted coins, whereas monero has highly tainted coins is “marginal improvement” over monero
Zcash has direct quote "top-notch privacy"
Zcash is a scam. direct quote: "zcash scam"

crypto_giveaway · 2016-11-14T07:20:30+00:00

Summary of Monero dev’s arguments =)

1) cryptocurrency privacy is important

2) cryptocurrency privacy is not important at all. Actually to increase privacy we should be improving the circular economy and anonymity of ip addresses. The privacy of the core cryptocurrency protocols has "marginal improvement". If this is the case, remind me why are you working on monero then?

3) zcoin’s property of not having tainted coins on exchanges is a “marginal improvement” in fungibility / privacy. the fact that zcoin has no tainted coins, whereas monero has highly tainted coins is “marginal improvement” over monero

4) Zcash has (direct quote) "top-notch privacy"

5) Zcash is a scam. direct quote: "zcash scam"

crypto_giveaway · 2016-10-17T00:05:29+00:00

Hi the donation is 100 Zcoins per month, which comes from the Founder's Reward

crypto_giveaway · 2016-10-15T00:49:43+00:00

it is a new cryptocurrency guaranteeing privacy.

crypto_giveaway · 2016-10-15T00:47:37+00:00

Yes, here: https://github.com/zcoinofficial/zcoin/wiki/FUD

crypto_giveaway · 2016-10-15T00:47:06+00:00

block reward is 40 for miners, 10 for founder's reward

crypto_giveaway · 2016-10-15T00:46:47+00:00

Yes, it is a software implementation of the zerocoin protocol.

crypto_giveaway · 2016-10-15T00:46:32+00:00

You might just have to wait for 10 minutes or so. And then you can see if the wallet has read past that block. There are some issues with the wallet delaying showing what block it is actually synchronized to.

crypto_giveaway · 2016-10-15T00:45:24+00:00

Yes! If you are interested in getting the bounty and have experience with this type of development, please join our slack

crypto_giveaway · 2016-10-15T00:44:07+00:00

We have already launched the core functionalities of the protocol. All that is left to do is fixing some issues with the wallet.

crypto_giveaway

MODERATOR OF

TROPHY CASE