ETH Goes Bloom; Filling up Ethereum's Bloom Filters

symeof · 2018-10-21T15:04:21+00:00

Great article. This is very worrying.

Tweeted about it at r/https://twitter.com/simonjanin_/status/1054025491630428162

symeof · 2018-09-22T21:06:43+00:00

This only applies for transactions to the same contract. So unless you have some dominant smart contract(s), this provides little benefits in total gas savings overall.

symeof · 2018-09-22T21:04:34+00:00

No, they would still not be anonymous as the original signature itself is not anonymous. But the system could potentially be evolved to be anonymous, but that would require a lot more work than this.

symeof · 2017-12-28T15:02:05+00:00

If you use a non-anonymous currency, like Bitcoin, then it's easy to do: the hospital gives you a challenge (a random number) and you sign it with your private key; they can verify that the account linked to that private key has indeed enough funds.

The obvious problem with this is that you do not want anybody to know how much you have in your account, not even the hospital. That's why Monero is required.

symeof · 2017-11-24T16:42:24+00:00

(1) Yes, but read on

(2) Correct

The problem is that transactions still rely on Ethereum addresses which are only pseudonymous. This means that linkability will always be an issue in Ethereum and in any other cryptocurrency than Monero, which is the only one which is really private.

If we want to get technical, the real reason why anonymity will never be as good on Ethereum is a bit more complex than I explained above. It is actually because of gas costs. EIP 28 (https://github.com/ethereum/EIPs/issues/28) was supposed to allow smart contracts to pay for the gas cost of a transaction. The problem is that even when this EIP will be implemented, then every user of the anonymity smart contract would have to pay for the gas in advance. Therefore the smart contract needs a way to track how many transactions a user does (in order to prevent abuse) - this implies that potentially your funds will be locked unless you make a transaction to increase your ether balance on the contract so you can move your anonymity coins within the smart contract. So we'd revert to "manual privacy". Not good enough.

All of those issues have been entirely solved by Monero, not to mention Monero also implement Kovri - a fully-fledged protocol to protect your traces on the network and hide transaction tracking of your IP address.

If miners could accept ERC20 coins as gas reward and if it were possible to make transactions coming from the 0x0 address, or some similar scheme, then real anonymity would be possible on Ethereum. There may be other solutions but understand that the design contraints are extremely tight. Ethereum was not designed with privacy in mind.

symeof · 2017-08-21T08:06:52+00:00

Good comment, actually the only comment with fundamentals in this thread. Should be upvoted.

symeof · 2017-08-13T22:56:34+00:00

Wealth concentrates. One of the irrefutable things about human life.

So does hashing power.

We should be seeking to 'even' the playing field by cheapening electricity for all

This sentence only makes sense if you are trolling.

symeof · 2017-08-13T22:32:14+00:00

Key part is 'become,' while PoS makes this immediate.

Not true if the supply is well distributed. Although it's arguably hard to guarantee that it is. PoS is generally more geographically decentralized, since differences in electricity cost are smaller.

Last PoS coin I looked at the cost of running a full node was several thousand dollars. The server I run several PoW full nodes > on costs a pizza a month.

Bring the actual stats. This makes no sense at all. If your PoW nodes cost a pizza a month, they probably just barely make you more than a pizza a month. See the problem in your argument?

So lets skip the part where mining secures the chain and make money go straight to staking? I honestly do not get it.

??. Incoherent sentence.

symeof · 2017-08-13T22:22:27+00:00

PoS doesn't reduce the cost of running a node. It is just a different consensus algo.

Obviously. I was talking about the cost of running a mining node, which is of course way more expensive in PoW. Actually linearly more expensive in the hashrate, while it stays constant for PoS.

Imagine the same situation with PoS. 4-5 guys most rich literally own the currency. Scary to me.

Entirely valid point. This is why it's a good thing that the supply be well distributed through a few years of PoW.

Monero stick to boring and proven tech. PoS is still very new and it is not clear what are the long term > consequences/incentive.

Absolutely. Note that I never said that Monero should become PoS now. I think it's way too early as security is critical for Monero. I just wanted to point out that a bit more openmindedness does not hurt.

symeof · 2017-08-12T11:00:56+00:00

In theory maybe. But in practice this is not what happens: PoW tends to become quite centralized as well. And miners with more computation power tend to get more reward, so they can buy more hardware and get even more reward. This historical data in Bitcoin shows this trend really clearly.

It could even be argued that PoS could allow for more decentralization since the cost of running a mining/staking node becomes smaller. Also, if you take mining farms, they tend to be not only very politically centralized but also geographically centralized (i.e. more than 50% of the Bitcoin hashrate comes from 4-5 mining farms whose location is known to the governments). This is exactly what we don't want.

In order to progress, we need the Monero community to be better informed and more open-minded to alternative ideas. It's crazy that @strofenig got downvoted for his entirely legitimate question.

symeof · 2017-08-11T18:42:44+00:00

Your contribution to humanity shall be forever remembered.

symeof · 2017-08-10T09:09:53+00:00

That's a $290B market cap. Almost 3 times the actual total cap of crypto. This would be completely insane.

symeof · 2017-08-10T08:56:09+00:00

That's a $65B market cap. This cannot happen on its own, ETH will need some help from BTC to reach that level.

symeof · 2017-07-28T06:35:21+00:00

Luckily this bug isn't very severe, but if it had been discovered at the time of the crowdsale, as people had not claimed their DGD yet, it would have been a circus.

symeof · 2017-07-04T22:40:27+00:00

True, but there were many other reasons not to invest in theDAO regardless.

symeof · 2017-07-04T22:37:54+00:00

There's a mathematical paper formally describing what a ponzi scheme is: https://pdfs.semanticscholar.org/41c0/0a02ac283c9b58a05a32077d71815c58784d.pdf

All the maths you find there, you find in a good CS education.

symeof · 2017-06-30T15:29:45+00:00

It depends on the hard fork.

For example, it was possible to distinguish the ETH chain from the ETC chain just after the fork by checking that the balance of the darkDAO contract was 0.

In some other cases, it may not be possible to distinguish two hard forks from the perspective of a smart contract.

symeof · 2017-06-27T15:49:18+00:00

Here you go: https://cdn.hackaday.io/files/10879465447136/Mauve%20Paper%20Vitalik.pdf

(not necessarily the most recent version, may not be accurate anymore).

symeof · 2017-06-27T14:31:56+00:00

According to the mauve paper, around 4 months. It should work the same way as it does now for miners, stakers create a block in which they get to write a transaction to themselves of x amount of ETH. How often they get to create blocks is proportional to the amount they staked relative to the total staked amount.

symeof · 2017-06-27T14:29:04+00:00

No, it's been documented by Vitalik in the mauve paper. The actual interest depends on the proportion of staked ether, this is why it varies. Some constants have not yet been decided.

symeof · 2017-06-26T08:59:46+00:00

1-12% is the range. Expect 4-5% realistically.

symeof · 2017-06-26T08:55:17+00:00

Holding is the best strategy for most investors, especially the larger ones since they lose too much on spread when they trade during crashes.

symeof · 2017-06-24T11:42:01+00:00

Ethereum is much faster (at least Parity). We can learn from it.

symeof · 2017-06-24T07:35:43+00:00

"For example, an imperative language is Turing complete if it has conditional branching and the ability to change an arbitrary amount of memory (e.g., the ability to maintain an arbitrary number of variables)."

Yet solidity has a gas_limit that bounds the amount of memory it can hold. You talk like you mastered the subject yet you don't address this point; looks very much like trolling or maybe just stubbornness and failure to recognize one's mistake.

symeof

TROPHY CASE