Author

Topic: Lets hammer out the details of how to make a true hard crypto (Read 721 times)

legendary
Activity: 1050
Merit: 1016
S2 simply is a 32 byte secure random number sequence, S1 is the SHA256+RIPEMD of that 32 byte sequence.

S1 is stored publicly, S2 is sent to the receiver in an encrypted form which only the receiver can retrieve.  On a spend, S2 is provided and is subjected to a SHA256+RIPEMD and compared to S1.

That is basically the model in its most simple of forms.  S2 is not calculable from S1 (unless you have all the energy and time in the universe with current hardware) so as its a 1 way process its secure and reliable form of validating who is able to spend what with full anonymity.

legendary
Activity: 1722
Merit: 1217
no need to twist yourself in knots, we've already done it Cheesy

eMunie is 100% anonymous, impossible to trace transactions, only the sender and receiver ever know it happened......we've done the same with the system email, chat, IM, vault storage and everything else to come, all "hard" as you put it Smiley

The [ANN] thread is so sparse on details. How is it determined which node gets to write the new block?

what aspect of it makes transactions anonymous? your transactions still have multiple inputs and outputs right? that could be used by researchers to build models of user activity.

You can disregard a lot of whats in the ANN thread, when that was posted the anonymous transaction model was not developed or even thought of.

Blocks are not generated in the same way that BitCoin and other alt's create them, there are no "miners" competing to create a block and the verification of transactions works completely different.

The transaction data is encrypted with the public keys of both the sender and receiver, only they can decrypt this information with the corresponding private key.  The sender creates a secret pair S1,S2 for the transaction.

S1 is placed in the transaction output which is recorded in the database for all nodes to see, S2 is passed to the receiver along with other data in the receivers encrypted portion of the transaction.  When the receiver wants to spend, it creates a transaction input referencing the transaction output containing S1 and provides the S2 to prove that he is allowed to spend that transaction.  When the block is created the provided S2 in the input is SHA256+RIPEMD and should match S1 of the reference output, if it matches, the transaction is processed.

By using secrets, and passing them between the sender and receiver in this encrypted manner, the addresses of the 2 parties making the transactions is never required or known outside of those 2 parties performing the transaction, thus, the system is anonymous and secure.

We are currently writing the whitepaper and a lot of other documentation now that we are close to a V1 (read 4-6 weeks) and all the technical aspects are functional and beta-tested.

Can you tell me more about S1 and S2 please. What are they specifically? If its an asymmetric key pair than which is public and which is private?
legendary
Activity: 1050
Merit: 1016
no need to twist yourself in knots, we've already done it Cheesy

eMunie is 100% anonymous, impossible to trace transactions, only the sender and receiver ever know it happened......we've done the same with the system email, chat, IM, vault storage and everything else to come, all "hard" as you put it Smiley

The [ANN] thread is so sparse on details. How is it determined which node gets to write the new block?

what aspect of it makes transactions anonymous? your transactions still have multiple inputs and outputs right? that could be used by researchers to build models of user activity.

You can disregard a lot of whats in the ANN thread, when that was posted the anonymous transaction model was not developed or even thought of.

Blocks are not generated in the same way that BitCoin and other alt's create them, there are no "miners" competing to create a block and the verification of transactions works completely different.

The transaction data is encrypted with the public keys of both the sender and receiver, only they can decrypt this information with the corresponding private key.  The sender creates a secret pair S1,S2 for the transaction.

S1 is placed in the transaction output which is recorded in the database for all nodes to see, S2 is passed to the receiver along with other data in the receivers encrypted portion of the transaction.  When the receiver wants to spend, it creates a transaction input referencing the transaction output containing S1 and provides the S2 to prove that he is allowed to spend that transaction.  When the block is created the provided S2 in the input is SHA256+RIPEMD and should match S1 of the reference output, if it matches, the transaction is processed.

By using secrets, and passing them between the sender and receiver in this encrypted manner, the addresses of the 2 parties making the transactions is never required or known outside of those 2 parties performing the transaction, thus, the system is anonymous and secure.

We are currently writing the whitepaper and a lot of other documentation now that we are close to a V1 (read 4-6 weeks) and all the technical aspects are functional and beta-tested.
legendary
Activity: 1722
Merit: 1217
no need to twist yourself in knots, we've already done it Cheesy

eMunie is 100% anonymous, impossible to trace transactions, only the sender and receiver ever know it happened......we've done the same with the system email, chat, IM, vault storage and everything else to come, all "hard" as you put it Smiley

The [ANN] thread is so sparse on details. How is it determined which node gets to write the new block?

what aspect of it makes transactions anonymous? your transactions still have multiple inputs and outputs right? that could be used by researchers to build models of user activity.
legendary
Activity: 1050
Merit: 1016
no need to twist yourself in knots, we've already done it Cheesy

eMunie is 100% anonymous, impossible to trace transactions, only the sender and receiver ever know it happened......we've done the same with the system email, chat, IM, vault storage and everything else to come, all "hard" as you put it Smiley
legendary
Activity: 1722
Merit: 1217
hey thanks for taking a look. I've been thinking about it more and the one flaw I've found is in the process of making change. The exchanges could log information and sell it to the government or who ever.
hero member
Activity: 798
Merit: 1000
‘Try to be nice’
I like these general ideas,  and I like that someone is putting thought into it , the denomination principle is novel and thought provoking.

This forum is definitly in "idea deficit" at the moment .  These things probably cycle.

While I dont think the anonymity aspect of cryptocurrency as the biggest issue, but if it can be achieved without further security risks , its all a feature after that point.

legendary
Activity: 1722
Merit: 1217
For those who dont know, a hard cryptocurrency is anonymous by design.

I've been twisting my brain in knots these last few days trying to figure out how it could be done. I know there are ways to do it with built in mixing but that's terribly inefficient, i really want to avoid that, i was hoping to think of something novel. I do kind of have an idea, but i dont know how good it is.

I kind of have this vague idea that what you need to do is make it so that addresses are not reusable and transactions can only have one input. If I'm thinking through the logic correctly this would make the currency anonymous. Of course it would have its drawbacks but then if you could build the rest of the system purposefully around that core idea, than perhaps you could sufficiently mitigate those drawbacks.

So thats where i was hoping to get some feedback, if we assume that the system must not allow addresses to be reused, and transactions can only have one input. How do we build an efficient protocol around those limitations?

Here is one idea i had. Perhaps, as well as only being allowed to have one input, transactions would also only be allowed to have one output. Addresses could be required to contain specific denominations. So 1 or .1 or .01 or .001 ect..  So think of it like bills of currency. The miner who minted a new block could determine how he wanted his reward denominated. Entrepreneurs would provide exchanges for breaking bills/consolidating change. this would mean that at times certain bills would carry a very small premium compared to other bills. Miners would respond to these market signals and produce more of the the bills that were in demand and less of those that wernt, thus keeping the heterogeneity of value between bills to a minimum.

anyway I'm not saying "lets start a bounty and make this thing right now", i just wanted to get this discussion started you know, and start throwing around some ideas.
Jump to: