Topic: [ANN][DASH] Dash (dash.org) | First Self-Funding Self-Governing Crypto Currency - page 6533. (Read 9723858 times)

I am building features on top of the NXT core, one of these features is Asset Exchange, which is similar to Mastercoin, Counterpary and Ripple. Details are different, Mastercoin and Counterparty build on BTC blockchain, NXT blockchain is separate and goes at 1 minute, instead of 10 minutes. Ripple is faster (5 seconds), but it is Ripple.

The idea of the BTC bridge is to automatically be able to spend DRK for BTC denominated purchases. So instead of manually depositing DRK, placing an order, waiting for it to get filled, sending out BTC, it is all automated. I think it is quite useful and now that Ripples BTC bridge is out of commission, I am accumulating a bunch of XRP I cant do anything with. I used to just zap them out the BTC bridge.

I am not aware of any anonynimity BTC bridge for DRK. If there is, I would like to know more about it.

James

First off, I dont want to rely on TOR. It is under surveilance and attack by the TLAs. Anybody that uses it is automatically added to a database of people to be investigated. If you dont believe me, just put yourself in the shoes of the guy tasked with finding people using the internet for bad stuff. What would you do, ignore any IP address that connects to TOR or log it for further analysis.

So, even assuming TOR is not compromised yet (it is a giant target), if usage of TOR can be detected (I am pretty sure it can), then you are flagged, followed, investigated. Why paint a giant glowing neon sign on yourself?

I STRONGLY discourage using TOR as part of the solution, unless you can be sure to do it from an already encrypted connection without any connection to your normal acct. So, maybe from Starbucks wifi, sure use TOR, still with https totally cracked, any assumptions about privacy is probably wrong...

I have not fully understood the dataflow implications of your diagram, so hey that is a good start
However, the fundamental problem is that you have txout -> txin -> txout, this creates a direct chain, yes diluted by the number of chains at any given time, but there is timing analysis that can be done, even if knapsacking is removed and I am not certain all knapsacking is removed with your approach.

As to the question of whether your approach improves things or not, it probably does, but the question becomes one of risk/reward. How much does it improve it versus the risk of implementation issues. The more complicated DRK send becomes, the more likely for there to be an unforseen attack at the protocol level. Remember the XCP incident. Very scary.

For DRK send, I prefer the simplest implementation that gets Aunt Flo off our backs. I suggest adding "super DRK send" that will build on the basic DRK send. This way, we can get DRK send out of beta and released, that is kind of important. Adding more complexity now will certainly delay things and at worst exposes use to unforseen attacks.

There could be layers and layers of DRK sending, preferably each of them independent so if there is a problem with one, it wont be a total disaster. By having one super complicated DRK send, it increases the chances of exploit or bug and if it is a bad on, the entire thing explodes.

Compartmentalize, modularize, diversify.

James

Isn't this just a DEX, similar to MasterCoin or Counterparty? It seems like you are reinventing the wheel.

Thanks for the price advice by the way, picked up a few at .001175

From a practical point, not only will anonymity investors diversify across all the viable options, the best anonymity will be achieved by combining them. Unless each coin is implementing anonymity identically, sending payments from one to the other to the other will create greater privacy.

This is why I said that all anonymity providers are automatically friends. The stronger any of us gets, the stronger we all get as we will be used in combination. At least any sensible anonymity seeker would.

If anyone has ideas on features they want in an DRK -> BTC anonymity bridge, I am definitely open to ideas as it is just in the concept stage now. The current concept is that you send BTC address with payment amount (rounded) in DRK -> bridge -> -> BTC address

I am surprised that nobody has expressed any opinion on being able to send DRK to any place that accepts BTC, effectively getting DRK accepted at all places BTC is accepted, while adding more anonymity to the spend process.

James

Look at my diagram above and give me your thoughts, if you don't mind.

Why wouldn't that alone suffice? With a denomination pool to combine all smaller inputs into larger inputs, you effectively have complete anonymity. Evan has indicated he would like to work on anonymous transaction broadcasting further down the road. TOR is already in the client, it's just not on by default. With my diagram + TOR I can't see any possible way a user could be tracked.

500 ! That much pages is a good sign in my book

This can not be stressed enough in my mind. Even as in investor, keep in mind that it's pretty easy to bet on all the horses in this race. It's not a zero-sum game, so we can afford to experiment and have a few losing bets

I am glad to see indepth posts on anonymity! This is the DRK thread and while all the GPU mining info is of practical concern, the primary thing about DRK is the anonymity and it will benefit the most from thoughtful discussions. Especially since Evan seems to magically add all the new capabilities each week

All these txout and txin issues are avoided if the spending step goes through a BTC bridge, with proper intermediate steps. From a practical standpoint, it adds a new blockchain that needs to be correlated. Theoretically, not much, but practically speaking another dataset that needs to be processed. There can be LTC bridges and other altcoin bridges too.

All the inputs into the BTC bridge will have the same denomination, then they all get deposited into a single account. In NXT accounts are just a single number. So this allows sending from the merged acct different amounts to the BTC destination address.

You might say, "Wait!" the BTC destinations can be knapsack analyzed with the original DRK sends into the BTC bridge. While this is true if people didnt send the same amounts, it can be avoided by having the change just kept in the BTC bridge until the next transaction. This way, all DRK sends coming in are of the same amount and I dont see a way to correlate the BTC receiving address. Also, there will be a DRK to BTC conversion at market prices and by slightly randomizing this conversion price it will add more noise.

James

I think the price is where it should be right now, given the market forces (buyers and sellers) no matter the 1-4% fluctuations by the bot. The whale buyers seem to have constant buying orders of ~5-10 BTC providing very strong support. After last time when I wrote that the buyers should move lower to make the dumping more costly for the one who dumps, they wisely re-positioned themselves from .0013 to 0.0012 and now to 0.00117. In this way the dumper whale will have to get the same BTC by losing more coins and that's good because his coin supply will run out earlier. No need for the buyers to buy their way up to 0.0014 when they can get 20% more coins.

As for large investment interest mentioned earlier, that's natural: The "transparent" market cap of bitcoin and alts is 10 billion USD. The anonymous market is peanuts: 4mn USD (1mn anoncoin + 3mn darkcoin). When the anonymous market delivers, if even 1% of the transparent money move to privacy-centric coins, we are talking about 100mn marketcap to be shared between anonymous coins. You can't go wrong there, although from an investment perspective I doubt they are talking exclusively about DRK. It would probably be a portfolio of coins with unique anonymity characteristics. That would also serve as a hedge to a potential loss in the bitcoin and alt market which would seem as problematic for being transparent. This type of money involved as investment and hedging is more important for coin price than market adoption in commercial trades done with DarkSend, simply due to the enormous volume of USD that are involved. Adoption in transactions will be slow. Today you can't even buy things with Bitcoins (except 0.01% of the cases), so the issue of adoption of altcoins is in itself somewhat of an oxymoron. But there will be a day when this will change.

I have to disagree...
The level of anonymity that DRK can achieve, especially if combined with some of my upcoming NXT based services, will require MORE data than is available in the public blockchains.

Dark is a good word, some of the data paths wont be in the light, eg. blockchain websites.

Also keep in mind that NXT has no txouts -> txins that creates a lifetime historical chain. That is really the fundamental reason why bitcoin is so transparent. So, if identical amounts are coming into a single NXT based acct and identical amounts leave, there is only random statistical probabilities that can be used, eg guessing.

Have to be very careful about smoothing out the amounts being sent and received as even with random guessing, over time you can build a better and better statistical model. It wont be as simple as putting in a source address and getting a destination address to some website that anybody can use. What you get is a probability distribution of the possible destinations.

When there are meaningful number of transactions, the theoretical website of yours will be spewing out tons of possible destination addresses. Not useless, but unless it is a really determined attacker, not much value.

What will be required is data not available in the blockchain, eg. IP packet sniffers that have large percentage of the Internet flowing through them. This is why I said encryption is needed, plus a lot more, to make it 99.9999% anonymous. Still there is no solution to physical surveilance...

I doubt anybody that has this resource (TLA's) will be making a public website for Aunt Flo to snoop on you!

Reaching 100% Anonymity is like reaching the speed of light. The closer you get, the harder it gets to get closer.
My assessment is that with current and near future incarnations, DRK will be anonymous enough for personal privacy use. However, it will be a mere annoyance to a determined attacker with globally positioned packet sniffers and a large server farm to crunch trillions of calculations to unravel all payment paths. Additionally, they are working on creating a database of every internet address with a social security number/physical address. I think legislation in the works to make KYC required for all bitcoin transactions. Welcome to Big Brother 2014, puts the 1984 version to shame.

If they havent already, they will soon have almost the entire history of bitcoin transactions fully mapped to individual social security numbers. Now, at some point I can see a website that comes out that will let anybody see all the info from this. DRK is clearly needed!!!

James

P.S. Please dont feel that I am an anonymity competitor, in the anonymity biz we are all friends as we can help each other achieve better anonymity. Plus I did manage to get a decent amount of DRK mined with my mini server farm before the GPU era

Actually this is exactly how DarkSend works. The same implications that drove Cryddit to make that beautiful, detailed post are the same reasons why I made this post yesterday:

This is not how darksend works, it was someone who made a suggestion.

on another note

CRYPSTY STILL HASN'T FIXED DUST TRANSACTIONS THAT ARE DRIVING DOWN THE PRICE OF DARKCOIN ARTIFICIALLY

If the above diagram is how Darksend works, then I have identified an easily-corrected flaw.

The reverse of the above situation -- in which the Darksend itself "denominates" its outputs -- is simpler and more secure.  Everybody can see whose coins are going into the Darksend, denominated or not, because everybody can see the blockchain.  Denominating them doesn't really help all that much.  

Darksends are examples of the knapsack problem.  Denominating the coins allows the solution to the knapsack problem of the Darksend to be non-trivial.  IE, you can't break it into distinct subproblems because the inputs are equal-sized. So the number of possible solutions is guaranteed to be at least as large as the number of inputs.  But it doesn't guarantee that the solution is Hard, because different size outputs still leak partitioning information.  Worse, the partitioning information can be combined with other information at a later time, to associate the partitions with the inputs, potentially resulting in a unique solution.  Which would mean successfully tracing all the coins through the Darksend.

As an example of what I'm talking about, let's say Alice puts a 10-coin input into the Darksend, along with Bob and Carol and Dave.  And the outputs are 1, 2, 3, 4, 6, 7, 8, and 9 coins.  40 total in, 40 total out.  (I'm ignoring fees for the moment; bear with me). Now Eve, looking at the blockchain, doesn't know who got which coins.   But she knows that the same person who controlled where the 1 went also controlled where the 9 went.  She knows that the same person who controlled the 2 also controlled the 8.  She knows that the same person who controlled the 3 also controlled the 7.  And she knows that the same person who controlled the 4 also controlled the 6.  Because no other combination adds up to everybody controlling the same amount they put in as an input.  There are other ways to make 10 -- for example, 7,2,1 or 6,3,1.  But Eve knows that nobody got those combinations of outputs because that would mean that somebody else didn't get 10.  

This is "partition information" -- there are relatively few solutions to which outputs went together, even if you don't know who controlled which set.  Maybe there are multiple solutions, especially if two or more parties asked for the same denominations of outputs.  But you'll usually find surprisingly few solutions to the partitioning problem.  Additional information can come from later spends and eliminate subsets of the solution space.  A surprisingly small number of spends later, Eve will have the information to reconstruct the Darksend transaction and trace the movement of coins through it.

In order to guarantee that the solution to the Darksend is Hard, it is necessary for it to produce equal-sized outputs.  With equal-sized outputs there is no partitioning information to be had, so a later spend can't provide any new information about the movement of other coins through the Darksend.  

Consider a Darksend where Alice, Bob, Carol, and Dave all put in a single 10 coin input.  It produces a dozen 3.33 coin outputs.  Now, Eve knows that each participant got 3 outputs.  But even if she later associates one of the outputs with an 'Alice' transaction, that doesn't give her any new information about which of the *OTHER* outputs Alice has, or spent, nor allow her to eliminate any possibilities as to which outputs Bob, Carol, and Dave have, or spent.  The partitioning problem is Hard, and remains Hard.

This remains true even if Alice, Bob, Carol, and Dave all put in undenominated inputs that total up to exactly 10 coins each.  Security here is in equality of the amount input, not in the size of the individual txins. Remember, Eve already knows who's putting in which inputs, denominated or not.  As long as each participant puts in a like amount, and the outputs are identically-sized, Eve has no information about the disposition of coins after the send.  

Anyway, my point here is that you can make the problem Hard by doing it the other way round.  Use the Darksend to denominate the coins into equal-size outputs that all come back to you, but then spend those outputs (along with NO OTHER OUTPUTS, not even outputs from other Darksends) in regular transactions, and those regular transactions will be conditionally untraceable. To make them completely untraceable, you don't spend the change from those transactions either; gather the change together until you have a 'denomination-worth' of input, send that into another Darksend, and get a new set of outputs.

If true it's not surprising.  My assumption has been that serious speculators large and small (who are aware of DRK) are waiting for darksend to be properly vetted.

I have kind of a bombshell here. I got a friend who has a friend working at the investment company mentioned in this article (Ribbit Capital) My buddy has heard they are investing steadily in Bitcoin. But here's the big one. There is massive interest in Darkcoin due to its anonymity and they are planning on dropping serious money on buying the coin. I actually heard about this last week but now I see the article I know its true.

I have no idea how much this could move the price, but I'm guessing a lot!!!

http://www.ihavebitcoins.com/featured/major-bitcoin-action-anticipated-pantera-joining-forces-fortress-benchmark-ribbit/

Great idea.  Aside from cheerleading, I'm pretty much dead weight to this community, LOL, but wish I could do this!  Perhaps this is what LimLims should replace the "new mining pool" bounty with?

First, the image is oddly cropped, with no axes explaining what is being shown... That certainly doesn't look like any chart I've seen recently with darkcoin's value.

Second, yes, it probably does suck for miner/dumpers - or speculators, if you prefer that term. I can understand that. I'm not currently investing to make a quick profit, I'm investing in the infrastructre, because I can see where the coin is going. So yes, oblivion for speculators, but stability for us long term supporters. You have read the signs correctly.

That's such a warped zoomed in section of an oddly spread out chart.  If you look at a more normal chart, like this one, over time, yes there has been a downward trend, but it's not a big one in the scheme of things, and its pretty darn flat after the C-cex incident:

https://coinmarketcap.com/drk_30.html

So, whatever.  To me it shows incredible stability compared to most others:

Maxcoin: https://coinmarketcap.com/max_30.html

AuroraCoin: https://coinmarketcap.com/btc_30.html

Peercoin: https://coinmarketcap.com/ppc_30.html

DogeCoin: https://coinmarketcap.com/doge_30.html

Even Bitcoin has been more volatile, by a lot!  https://coinmarketcap.com/btc_30.html

Hell, we're the only stable coin out there!  and practically brand new!

Actually, that should really benefit us, though the difficulty will rise exponentially, it will really distribute the coin!

I want an alpenföhn cooler!  Just for the name!

(sorry, my silly side coming out again, that sounds so silly to the ear, rofl, like Farfegnugen, LOL. (I'm first generation German, no offence, really aber es ist lustig)