Guys, calm down and think for yourselves.
This is coming from the inside of the bob's group: Hondo was on bob's payroll the whole time. Both of them are gone from this thread and have abandoned the coin. If you do not trust me just study the most recent scam bob pulled out - CLOAK - the devs were working for him: he admitted this.
Do yourselves a favour and get the hell out of because it will go down to 1 K satoshi in a few days. You were taken for a ride by bob the scammer. Face it and cut your loses. Many people were in your shoes, face the reality.
Jimmy Zed
Before addressing the criticisms raised in this thread, I would like to express my sincere appreciation for these criticisms. Although some believe the manner in which they have been introduced may not be optimal to promote civil discourse, they are valuable criticisms nevertheless, and help to strengthen crypto-currencies in general. It is far better to address weaknesses in crypto systems during implementation than it is to address attacks after deployment.
Chandran signatures [1] make use of a common reference string. The common reference string generator (CRSGen) is a necessity for a model that does not require a random oracle, as described in [1]. CRSGen produces a string that is used as an input to a key generation function. The key generation function produces the user's public-private key pair. This key pair has specific properties in that it is a member of a particular mathematical group. In principle, key generation can be replaced by a cryptographic one-way function if the random oracle assumption is introduced.
Admittedly a more difficult issue to address is one of "unlinkability/untraceability", which boils down to the potential for a double spend. In short, Chandran signatures require the generation of a secret random parameter, g, that serves as an input to a "commitment" to a specific key in the key ring. This commitment basically identifies the public key from which the money is spent. The problem is that any number of g can be produced, creating the potential for any number of commitments to the specific public key.
In reality, this same issue exists with CryptoNote ring signatures except that the CryptoNote system incorporates a key image, I, into signing and verification, such that I can only ever be used once. A similar approach can be taken with Chandran signatures. As presented in [1], a key image I can be incorporated into Step 3 of signing and appended to the final signature. In addition to other parameters, Step 3 commits to the public keys of a subset of the ring. Just as with CryptoNote ring signatures, such a modification would commit to the key image and prevent its use for double-spends.
[1] Chandran N., et al. Ring Signatures of Sub-linear Size Without Random Oracles. ICALP 2007, LNCS 4596, pp. 423–434, 2007.
-- Hondo
But Hondo just posted in the thread quashing all questions. Jimmy Zed: "Think for yourselves", lol. He should have at least read a few pages back before posting such nonsense.
