Pages:
Author

Topic: CoinJoin: Bitcoin privacy for the real world - page 15. (Read 294672 times)

legendary
Activity: 1232
Merit: 1076
@caedes, why not have a peer-to-peer broadcast-flood channel for announcing joint transaction availability? Maybe even reuse one that is already available, well maintained, and has known security properties, like say the bitcoin network itself? And then do direct connections to the followon stages?

We're waiting on a spec from Peter Todd.
legendary
Activity: 905
Merit: 1012
@caedes, why not have a peer-to-peer broadcast-flood channel for announcing joint transaction availability? Maybe even reuse one that is already available, well maintained, and has known security properties, like say the bitcoin network itself? And then do direct connections to the followon stages?
newbie
Activity: 44
Merit: 0
Also, to make it clear:

Our approach does depend that different wallets can find a common medium to broadcast for coinjoin announces.

Other than that, the technique doesn't depend on the server itself, our mechanics is like ctx: https://gist.github.com/luke-jr/5409899 but we don't do it over the bitcoin network.

So the clients, after having chosen a common place to announce, in our case our gateway lobby:

0. Some are listening for offers
1: Send announcements to start a join (now looking for a peer, but could look for more), with a pubkey (now its using the same one, but can be one per-announcement and will be).
2. Other peers answer over ecdh, they will both offer inputs outputs, sign and broadcast over the private encrypted channel.

We believe the base we have can now have more hardened approaches tested, we provide a framework. This is a medium where we can do cryptographers dinner, or dissent protocols. This is just the beginning but it's a minimum that should work for getting the whole thing running.

Our goal is now apply the minimum necessary improvements, so on release this will also be making some claims about privacy, it's not making them right now, we're just offering information about where we are, so together with you people we can make it best.

We also invite other's to join forces and implement their techniques on our platform.

Edit: Added more detailed information about how we do it right now at: https://wiki.unsystem.net/index.php/DarkWallet/CoinMixing#Alpha_mixer
newbie
Activity: 44
Merit: 0

how much is libbitcoin (Bitcoin core implementation of Dark Wallet as I understand so far) compatible to "Bitcoin Core" the reference implementation of the Bitcoin protocol?

as I understood central servers are necessary like the Electrum central servers. are they Open Source software? where can I find this implementation? until now the client is Open Source but is the server code also available?



About how compatible it is, I can't really answer myself just that it should be following the bitcoin protocol and we don't have any "propietary" extensions or anything like that. Of course it's going to need heavy testing, auditing etc and we are open and wellcome anyone that helps on that.

About servers, yes the model is similar to electrum. Since the server is opensource you can install it in you server, and in the future there is nothing against you can just run it in you laptop or some parts of it, ie we have no long running assumption everyone *has to be connected to our lobby or to a server*.

We're soon releasing more installers and howtos about server configuratiojn or autonomous config by installing everything (or some part) in your computer.

Edit: A little detail here. DarkWallet itself is javascript and uses bitcoinjs-lib as its core bitcoin implementation. Then our "obelisk server" runs libbitcoin.

Edit2: We have a thread for discussing DarkWallet technicals: https://bitcointalksearch.org/topic/dark-wallet-alpha-specs-and-discussion-592493. Will be better if we leave this thread for coinjoin specifics and do any dw specifics there.
newbie
Activity: 44
Merit: 0
Is there a central server involved in your implementation? I'm not trying to spread FUD, it's just there is conflicting information out there on the net. What you describe here sounds like it is p2p. Where are the announce messages posted?

The clients meet in a lobby, that right now is the gateway they connect for other services. This works as an irc room. We're not making security assumptions there and the clients encrypt for the channel (useless for public announcement channel like this case) and then for the peer (using curve25519 dh).

What there is not is a pool, all mixing is coinjoin and the funds would never leave the client till signed together with someone.

Clients are sharing public keys and will engage in private communications after the initial announce, for now always through the "chat". Nothing is cleartext and the server has no role other as work like a broadcast medium with channel selection.

The gateway servers are now isolated but the plan soon is have them federate over a tuple space (probably through python entangled) (so anyone can join through tuple space instead of the websocket channel)

The clients can later choose other transports, as our protocol is purely logical.
legendary
Activity: 2856
Merit: 1520
Bitcoin Legal Tender Countries: 2 of 206
Some coinjoin news from darkwallet:

...

Please feedback Smiley



how much is libbitcoin (Bitcoin core implementation of Dark Wallet as I understand so far) compatible to "Bitcoin Core" the reference implementation of the Bitcoin protocol?

as I understood central servers are necessary like the Electrum central servers. are they Open Source software? where can I find this implementation? until now the client is Open Source but is the server code also available?

EDIT: found some information for myself.

https://wiki.unsystem.net/index.php/DarkWallet/Alpha#Server

https://wiki.unsystem.net/index.php/Obelisk

http://libbitcoin.dyne.org/obelisk/

https://wiki.unsystem.net/index.php/Obelisk/Servers

https://wiki.unsystem.net/index.php/DarkWallet/Gateway

https://github.com/darkwallet/gateway

https://github.com/libbitcoin
legendary
Activity: 905
Merit: 1012
Is there a central server involved in your implementation? I'm not trying to spread FUD, it's just there is conflicting information out there on the net. What you describe here sounds like it is p2p. Where are the announce messages posted?
newbie
Activity: 44
Merit: 0
Some coinjoin news from darkwallet:

The alpha version of the coinjoin is just barely working but is allowing us to test the basic usability concepts, we're polishing it during next days, and the wallet is going to take some time to come out of alpha/beta, nonetheless people is playing with it both in testnet and mainnet.

https://blockchain.info/tx/c38aac9910f327700e0f199972eed8ea7c6b1920e965f9cb48a92973e7325046
https://blockchain.info/tx/85f5f2b2e57535b42a30596f8d2a048b0b0c426f953e54dd96c72a77a21a6468

Some description about this:

https://wiki.unsystem.net/index.php/DarkWallet/Alpha#Mixing

More technical details:

The coinjoin now is simple two people coinjoin, as such we just make sure the 2 parties are the only ones who know the outputs correspondence, no need to hide from each other.

This is accomplished by talking over an unsecured channel where each peer publishes their pubkey with coinjoin announces, then others will answer doing ecdh, the initiator will choose one and they will continue talking to each other till they reach an agreement.

Our usability goes like this:

Anyone can set (a branch or pocket in) their wallet in "mixing" state, meaning it will be listening for coinjoin offers to mix available funds into new addresses.

For people sending, the wallet always tries to mix by announcing a coinjoin for the send value. If it can't mix it will send anyways in 60 seconds (at the moment).

Our idea is that this simple form of coinjoin can take off then we can add more complex coinjoin announcements or protocols. It is fully integrated in the normal workings of the wallet and it should work with other features like above you can see a coinjoin that went together with a stealth since the user is just sending stealth.

It seems to work pretty all right as long as at least a few wallets are mixing, and even if the current implementation is almost the simplest trustless mixing implementation i hope you can appretiate the potential.

Also looking forward to implement more advanced forms of coinjoin although our focus now would be to finish off what we have so it will be solid and easily extendable as a platform for development of other protocols. Also to note other wallets or tools can definitely join the same lobby and join together with darkwallets, but there is none yet, we plan to at least make one such simple tool.

Please feedback Smiley
legendary
Activity: 1652
Merit: 1029
Excellent work. Thank you for this.

As a computer n00b I will not be contributing code, but as an early adopter I can contribute some btc.

Thank you.
jr. member
Activity: 56
Merit: 1
Could someone kindly give a status update on when will we have a real-world, usable CoinJoin (besides the implementation on Blockchain.info)? This thread is huge, and I'm sure many casual readers would like to see a tl;dr to learn will this result in a usable client soon, or what's the plan?

I found the thread when reading this article from 7 months ago. What has happened since?
http://bitcoinmagazine.com/6630/trustless-bitcoin-anonymity-here-at-last/

I'm still actively working on the implementation I have started Coinmux.  I have taken a break for the last month after spending 3+ months working on it nights and weekends. Hopefully there is a Bitcoin God that wants to offer me a job to work on it full time. Smiley

Themgp, that looks really interesting! I'm sure others wish you could work on it full time, too! Smiley
How far away is it from being usable for an average Bitcointalker?


The main problem right now is getting an available set of users to do a CoinJoin - the idea doesn't work if no one is using it.  I think if i had a few weeks of solid work on Coinmux, it would be something where a user with a general understanding of bitcoin addresses and public/private keys that wanted to increase their privacy would want to use it.  Hopefully I can find the time soon.
staff
Activity: 4284
Merit: 8808
Was the plan to pay 100% to the author of the first complete implementation, or for piece-work in progress?
Any payouts would need to be discussed with the other signers, but my thinking had been to pay most of it to to the most substantive complete and usable implementation, and partial amounts to smaller efforts (e.g. people who built toy tools and things only a developer could love).  I had also planned on doing the payout itself as a coinjoin, and using a small bit of the funds to pay people to join into the coinjoin. Smiley
member
Activity: 77
Merit: 10
Could someone kindly give a status update on when will we have a real-world, usable CoinJoin (besides the implementation on Blockchain.info)? This thread is huge, and I'm sure many casual readers would like to see a tl;dr to learn will this result in a usable client soon, or what's the plan?

I found the thread when reading this article from 7 months ago. What has happened since?
http://bitcoinmagazine.com/6630/trustless-bitcoin-anonymity-here-at-last/

I'm still actively working on the implementation I have started Coinmux.  I have taken a break for the last month after spending 3+ months working on it nights and weekends. Hopefully there is a Bitcoin God that wants to offer me a job to work on it full time. Smiley

Themgp, that looks really interesting! I'm sure others wish you could work on it full time, too! Smiley
How far away is it from being usable for an average Bitcointalker?
legendary
Activity: 1078
Merit: 1006
100 satoshis -> ISO code
I'll not take the "seems" statement as an insult. Smiley  Coinmux has got quite a way to go from where it is now to where i envision it when finished.  And if "complete" means that the implementation is merged into the reference client, i'll never get there as i did not write it in C/C++ (and i'd probably end up writing some pretty shitty C/C++ anyway).

My IT experience is not in the area which means I can determine for sure how good it is. It sounds good!! :-)
Shouldn't have to be ready for merging, or in c++, and that's why I mentioned translating. It is the prototype which matters.
jr. member
Activity: 56
Merit: 1
I'd be curious to know what a "complete" implementation is.  I'm guessing no one other than the owners of the donated BTC can say for sure... and AFAIK, they haven't said yet.

The OP mentions "complete", which I imagine would be a coinjoin implementation which would be considered by Core Dev worthy of inclusion in the reference client (needing cosmetic, standardizing and/or translation changes or only). Now this may remain a theoretical assessment if the goal is to see 3rd party implementations such as blockchain.info's.

Coinmux *seems* very good, and must be a front-runner, subject to informed criticism such as the input from Cryddit.

@solex, I don't know if it's ever been articulated. That and the fact that the coins haven't moved was basically my gripe, not a specific jab at @nanobit (although, this is open-source software developed by volunteers: asking for time estimates is bad form).

Agreed.

I'll not take the "seems" statement as an insult. Smiley  Coinmux has got quite a way to go from where it is now to where i envision it when finished.  And if "complete" means that the implementation is merged into the reference client, i'll never get there as i did not write it in C/C++ (and i'd probably end up writing some pretty shitty C/C++ anyway).
legendary
Activity: 1078
Merit: 1006
100 satoshis -> ISO code
I'd be curious to know what a "complete" implementation is.  I'm guessing no one other than the owners of the donated BTC can say for sure... and AFAIK, they haven't said yet.

The OP mentions "complete", which I imagine would be a coinjoin implementation which would be considered by Core Dev worthy of inclusion in the reference client (needing cosmetic, standardizing and/or translation changes or only). Now this may remain a theoretical assessment if the goal is to see 3rd party implementations such as blockchain.info's.

Coinmux *seems* very good, and must be a front-runner, subject to informed criticism such as the input from Cryddit.

@solex, I don't know if it's ever been articulated. That and the fact that the coins haven't moved was basically my gripe, not a specific jab at @nanobit (although, this is open-source software developed by volunteers: asking for time estimates is bad form).

Agreed.
jr. member
Activity: 56
Merit: 1
There is now 42 BTC donated: https://blockchain.info/address/3M8XGFBKwkf7miBzpkU3x2DoWwAVrD1mhk

Was the plan to pay 100% to the author of the first complete implementation, or for piece-work in progress?


I'd be curious to know what a "complete" implementation is.  I'm guessing no one other than the owners of the donated BTC can say for sure... and AFAIK, they haven't said yet.
legendary
Activity: 905
Merit: 1012
@solex, I don't know if it's ever been articulated. That and the fact that the coins haven't moved was basically my gripe, not a specific jab at @nanobit (although, this is open-source software developed by volunteers: asking for time estimates is bad form).
legendary
Activity: 1078
Merit: 1006
100 satoshis -> ISO code
There is now 42 BTC donated: https://blockchain.info/address/3M8XGFBKwkf7miBzpkU3x2DoWwAVrD1mhk

Was the plan to pay 100% to the author of the first complete implementation, or for piece-work in progress?
jr. member
Activity: 56
Merit: 1
Could someone kindly give a status update on when will we have a real-world, usable CoinJoin (besides the implementation on Blockchain.info)? This thread is huge, and I'm sure many casual readers would like to see a tl;dr to learn will this result in a usable client soon, or what's the plan?

I found the thread when reading this article from 7 months ago. What has happened since?
http://bitcoinmagazine.com/6630/trustless-bitcoin-anonymity-here-at-last/

I'm still actively working on the implementation I have started Coinmux.  I have taken a break for the last month after spending 3+ months working on it nights and weekends. Hopefully there is a Bitcoin God that wants to offer me a job to work on it full time. Smiley
legendary
Activity: 905
Merit: 1012
Could someone kindly give a status update on when will we have a real-world, usable CoinJoin (besides the implementation on Blockchain.info)? This thread is huge, and I'm sure many casual readers would like to see a tl;dr to learn will this result in a usable client soon, or what's the plan?

I found the thread when reading this article from 7 months ago. What has happened since?
http://bitcoinmagazine.com/6630/trustless-bitcoin-anonymity-here-at-last/
can someone kindly give a status update when we will havemoney distributed to developers to work on a free and fair and decentralized coin join?
Pages:
Jump to: