Hi all,
I thought I'd post a little update on my progress with the code work that is being done prior to open sourcing the project.
My main focus during this process is to tighten up the Enigma network and CloakShield protocol in terms of security. The most likely [successful] attacks we'll see are going to be DoS (denial of service) attacks. Although such attacks could not steal funds, they could still cause some nasty headaches by clogging up the network with junk data. To this end, I've refactored the existing DoS code for Enigma and CloakShield to make it far less tolerant of misbehaving nodes. I'm also in the process of improving the integrity checks for CloakShield data packets to allow both relay and target nodes to verify both the data sender and the data content. Here's a little list:
1. Improve CloakShield DoS protection to make it far less tolerant of misbehaving nodes.
2. Add signatures to CloakShield data packets and verify data and sender integrity before processing or forwarding the data.
3. Implement a basic TTL (time-to-live) system for CloakData onion packets.
This is just a short-term measure until our micropayment-backed onion routing system rolls out after OS of the project. I also have some plans for implementing a system to allow nodes to determine approximately how far other nodes are away in terms of hops, but I expect this to be implemented after the source release.4. Ensure that no transaction malleability attack vectors exist within the Enigma transaction system.
I'm also in the process of documenting the cryptography used by both Enigma and CloakShield as an esteemed cryptographer has very kindly agreed to check our cryptography prior to the source release. I won't disclose his name atm though, as I'm still in talks with him regarding this.
There's still a lot of discussion going on regarding funding. I think the network generated project funding is pretty much locked in for the future as it's critical for realising Cloak's potential and sustainability going forward. In terms of nomenclature, 'tax' is indeed an abhorrent term for the funding, 100% agreed. Keeping the project as decentralised as possible is of paramount importance. Our aim for the future is true digital governance where projects are proposed, green-lit and funded upon completion by voting consensus. Hopefully the prospect of digital governance excites you as much as it does us
I've also been doing some thinking on the blockchain-level privacy improvements that will come once we fork after open source. Ring-signatures and 2-key stealth addresses would fit pretty well with Enigma and would allow cloakers to supply a list of candidate inputs [rather than actual inputs] for Enigma transactions. This should also work well in terms of performance and memory usage as Enigma senders wouldn't need to store a big UTXO (unspent transaction outputs - essentially the money that goes IN to an Enigma transaction) set in memory for constructing the ring-signed transactions. Although this new twist could be neat, something different would be preferable to what others are already doing. Timelocked transactions and escrow will also be making an appearance in future. This will be critical for allowing services to be built to run on the Cloak network in future.
Cheers,
Joe
