Again I would like to thank those who have pointed out publicly a critical deficiency in Chandran signatures as they apply to crypto-currencies [1]. Namely, the deficiency is that Chandran signatures are untraceable. I would especially like to mention that LongAndShort's relentless research into the matter was impressive and genuinely helpful.
Most wonder exactly how the deficiency in traceability may be addressed for sub-linear ring signatures. Fortunately, work by Eiichrio Fujisaki shows that sub-linear ring signatures may be constructed such that they are traceable [2]. Thus, despite references to Chandran signatures in the the whitepaper brief, Chandran signatures will not be used in their original form. Recognize that Fujisaki's work builds on Chandran signatures, so it is a matter of semantics whether one uses the term "Chandran signatures" to refer to the proposed signature system for StealthSend.
Some may wonder if I was aware of the lack of untraceability in Chandran signatures when I wrote the whitepaper brief. I was aware of this deficiency. However, I was not aware at that time that traceability must be an integral part of the signature scheme. I believed that I could add this property ad hoc. This misconception was a result of my own lack of knowledge about cryptography. In retrospect, I would not have proposed Chandran signatures, per se, had I known then what I know now. Instead, I would have proposed the system by Fujisaki.
A misconception about the whitepaper brief is that it was somehow a perfect blueprint for StealthSend. It was not. At the time, it was suggested to me to make a technical proposal for StealthSend, so I wrote down my thoughts--unfinished and infused with my own imperfect knowledge of cryptography. At this moment I feel compelled to advise anyone that unless a product has been implemented, a whitepaper describing the product is simply a proposal and subject to revision. This advice pertains to any product of any crypto-currency.
One question that has seemed to arise in this thread is whether or not I know what I am doing when it comes to implementing the cryptography I propose. I believe that remains to be seen. I am not a cryptographer by training. It is still difficult for me to work my way through cryptography literature although I am getting better. However, keep in mind that I am a scientist by training. I am extremely comfortable at the edge not only of my own knowledge, but also that of humanity. I have always found a way to learn what I need to know in order to achieve the objectives I set out for myself. I have no reason to believe that my plans for StealthSend will be any different.
Finally, I should address the timeline. At this moment, I am behind on the roadmap. We have not been able to procure the help that we need for the wallet upgrades, despite advertising and active recruitment of developers. This could be a reflection of low bitcoin prices right now.
StealthSend is behind as well. I have tried to make frequent updates with the wallet, but these updates have come at the expense of working on StealthSend. At this moment, I can't make a projection for how long it will require. Additionally, I am hesitant to make a projection because I have come to realize that any delay may be interpreted later with suspicion. So at this point, I'll say only that it may take months to produce StealthSend.
-- Hondo
[1]
http://link.springer.com/chapter/10.1007%2F978-3-540-73420-8_38[2]
http://link.springer.com/chapter/10.1007%2F978-3-642-19074-2_25