Topic: Official Anoncoin chat thread (including history) - page 118. (Read 530660 times)

I was also concerned about this but Gnosis assured me that at any point in the future we can generate a larger set of RSA UFOs and upgrade the network with a hard fork if we had to.

From my understanding of RSA UFOs, that is not true as Gnosis only received N and there is no way for him to figure out the factorization of N, which is two large unfactorable numbers P and Q. By combining multiple RSA UFOs, I think Anoncoin is using 13, it ensures that the person that solved one of the UFOs in the distributed computing project cannot know the final accumulator, and Gnosis can't either since he doesn't know the factorization of the 13 RSA UFOs. It makes sense to me how it works and you are incorrect in saying Gnosis knows the factorization of N, as without a LOT of computing power it is impossible for him to know that.

The only worry I have about the RSA UFO project is that possibly someone already knows the factorization of N (IE. The government), or someone will later find it out with faster processors in the future. I am not sure if this is a realistic thing to be worried about though, as the only thing I know about this stuff is from doing research on ZeroCoin/Zerocash/Anoncoin. I will try to reach out to the Zerocash Devs to get their opinion on the RSA UFO project, as I would trust their opinion over a random poster on these forums (no offense).

I don't really understand your argument.  If what you are saying is correct, why did Green et al suggest that using RSA UFOs would allow a group of participants to generate the initial parameters without a trusted third party?  Are you saying that Green is wrong and a trusted third party is always required?  Or are you saying that it is possible to accomplish without a trusted third party but Gnosis/Meeh are not following the correct procedure? 

he's trying to make zerocash trustlesser, but its unclear whether its even mathematically feasible. Luckily zerocoin uses RSA stuff and there is a known way to make it trustless. 


you can view the zercash white paper here: http://zerocash-project.org/media/pdf/zerocash-extended-20140518.pdf

it clearly states that

there is no mention of any method for creating a distributed less trusting setup, and there is no cryptographic literature to support the notion that is possible (though further cryptographic innovations and discoveries may change this). So without a mathematical breakthrough zerocash will remain a dubious technology.

They seem to think that they can, but the answer to that question is not clear as it is based off of random Twitter messages. We could really use some clarification on this by the original ZeroCoin/cash developers.

I think the problem is we are all here discussing something we don't truly understand and never really will be able to understand on a technical level. Seeing as though the ZeroCoin/Zerocash guys aren't really interested in communicating with the cryptocurrency community, there is bound to be misconceptions and misinformation that arises. I take everything everyone says on this stuff with a grain of salt and tend to believe the original people working on the ZeroCoin/Zerocash projects over others. I have asked one of them their opinion on Anoncoin but he didn't answer, so I am on the fence about Anoncoin's implementation of ZeroCoin and the RSA UFO project.. as I don't fully understand both and the ZeroCoin/Zerocash developers haven't commented on it.

I did see Ian Miers' speech at the Bitcoin 2013 conference in person, he struck me as someone that really cares about financial privacy for the betterment of society, and someone that is unlikely to be a shill for the government. https://m.youtube.com/watch?v=A7rnE9nqhic

Again, maybe I am naive but if he feels Zerocash is a better solution then who am I to argue with his expertise?

With all that being said. I see Anoncoin's implementation of ZeroCoin, if successful, as being the most anonymous cryptocurrency that exists today. Who knows if Zerocash will ever come to be in a sufficiently trust less manner, and I think this "experiment" (which is how I look at it) is very important and needed.

Well that is interesting, But I think unless they are able to pool hundreds of people to publicly generate the parameters in a trustless manner I kind of doubt the darknetmarket people will use zerocash over zerocoin.  I'm willing to bet money they would trust meeh over matt green et al.

I am just going off of what they have stated on Twitter. Along with the following statements, they have mentioned the ability to generate the parameters by using multi party computations.. which is basically what the rsa ufo project is doing with ZeroCoin. If you look through their statements on Twitter it doesn't sound much different than they way Anoncoin is computing the ZeroCoin accumulator.

Yes, that is my understanding exactly, except I have read over and over that it is only possible to generate trustless parameters with zerocoin, not zerocash.  Do you have a source that states it is possible with zerocash?

From the zerocash FAQ:

Can one put a backdoor in Zerocash?

Zerocash requires a trusted entity to conduct a one-time setup of the parameters of the system. During the setup procedure, secret random bits are drawn and used to compute the public parameters; the random bits are then destroyed, and the parameters are broadcast. If done correctly, then no secrets or backdoors remain.

If this setup procedure were to be corrupted, the system would continue to provide anonymity guarantees, but it would be possible to "forge" coins. As long as this setup procedure is conducted honestly, it is not possible to corrupt the public parameters of the system.

A different question is the possibility of bugs in the code. Such bugs need to be found and resolved via extensive review and testing, as in any other software project. To facilitate this, Zerocash will be released as open-source software.

Just to play Devils advocate...

I believe the trust issue has to do with unlimited minting of coins, and if someone were to have the initial parameters they will not be able to break the anonymity.. that is at least what Ian from the Zerocoin/Zerocash project stated on Twitter, so the bolded statement is wrong.

Also it seems that the Zerocash parameters can be generated in the same way you guys have implemented the tea ufo project by the use of multi party computations.

I also read that it is not a case of having to trust everyone involved in the creation of the initial parameters was honest, but you only need to trust that one of them was honest. If 20 people had a part in creating the initial parameters, then you would only need to trust that at least 1 out of those 20 people were honest.

These are almost direct quotes from Ian and Matthew from the ZeroCoin/Zerocash projects.

That being said, Zerocash/ZeroCoin has not been able to release a working product yet, so I think it is good projects like Anoncoin are implementing Zerocoin themselves. There is no way of knowing if Zerocash will come to fruition in a sufficiently trustless manner anyways.

If only they could generate the initial parameters in a trustless manner.  NOBODY who cares about privacy is going to use a coin created by academic researcher funded by the US Department of defense in a system where TRUST must be given to the devs to throw away the master key.  That is why zerocoin is superior.  Yes there will be bloat issues, Yes the transactions are slower. But at least we will have trustless anonymity with RSA UFOs used to generate the initial parameters. All of zerocash's advantages are for nothing if the gov't has a private key that unlocks all anonymity and enables unlimited minting of coins.

The quickest solution to stopping any Anoncoin network attacks would be to copy Dogecoin's hardfork to auxPoW with Litecoin.  While we've all seen how well Doge has done since that move.  Another hardfork to the three or five chain auxPoW myriad could be brought in a later date.  I'd personally vote on a three chain myriad of Scrypt plus Primes or Cryptonight and NeoScrypt.  Although a five chain myriad could be implemented by including both Primes and Cryptonight plus Lyra2 as well as Scrypt plus NeoScrypt.

Is Anoncoin working? It's been stalled since 2pm (gmt+2) and it's 0:07 am right now. Near 10 hours...

When I got into anoncoin I read every single page in this thread. It's a good idea to understand how the coin started out and developed when you were not around during that time (I got into ANC in 2014). Anyways, some of the deleted posts may be mirrored on https://bitcointa.lk/threads/official-anoncoin-chat-thread-including-history.135185/

Now that you say it...

Good question. Maybe some guy who posting sheet in the past

Who reads about all the history anyway (seriously) ... it's good for archiving purposes and proof ... but that's it.

PS: who is deleting messages? This thread has lost about 8 pages the last few days...

Very good. I think you should add a better explaination of zerocoin and what it does, similar to how you explain mixing.

One example that I liked a lot:

What? New account? Good to see news though.

Hello everyone, here is an infographics about anonymity in the blockchain that I intend to finish and publish on reddit on october 6, maybe sooner.
The text is coming from the anoncoin wiki, but the title and inter-titles are from me. There might be typos and bad grammer in them.
There will be a second part about IP addresses, and I2P.

Feel free to criticize, it's almost finished but still a draft. I'll work again on some of the visuals maybe, especially the "mixing coins" part wich I'm not too sure of, and maybe the colors are too flashy... I'll see that in the next days.
Leave your comments so that I can make changes if needed.

Also the last part about choosing/testing UFO may not be so accurate these days ? Tell me...

Here it is (imgur is not happy with Tor):

https://img.bi/#/fPHZrnA!0ZcYZivXHJp9Tbm9i298cuKJQb1qRO02ZYvPW933

hahahahaah LOL. I must say you are right. Your post made me laugh out loud! I will look for myself, its just I have been so busy with work lately, havn't even had the time to check out btc talk until now. seems that I will have some time overall since price stabilized again.  

I just watched it a second time haha