Topic: rpietila Altcoin Observer - page 131. (Read 387551 times)

smooth, I realized we were discussing an irrelevant tangent, because regardless of the fact that by default I2P makes clients relay nodes (at some percentage of direct connection success) and Tor doesn't, the ability to Sybil attack these networks is only dependent on total network bandwidth. Since Tor is more popular (is it?), it is more difficult to Sybil attack.

And they can both be Sybil attacked.

Novice readers, the tangential technology issue we were discussing is explained somewhat here.

Darkcoin will use premixing so that the simultaneity issue during transactions is resolved in RC4 with DarkSend plus (DarkSend+).

https://darkcointalk.org/threads/development-updates-july-7th.1735
+
https://darkcointalk.org/threads/development-updates-july-15th.1788 (revisions)

I've not seen anything to suggest that Facetime can use significant bandwidth even when you aren't the one using it, and I'm pretty sure it would be widely reported since it matters to users with bandwidth caps and metering (this is of course well known for Skype). However, it is worth keeping in mind that when they say 90-95% of the connections are direct, that only requires that at least one of the two be able to accept incoming connections (or packets).

So the number of accessible end points is around 70%, at least for Facetime users last year (not necessarily representative of the entire internet). This includes both successful NAT traversal and no NAT.

BTW, no major crypto coins use NAT traversal techniques other than UPNP (sometimes). They just rely on one end or the other being reachable by an IP address. I2P support in Monero will likely improve P2P connectivity somewhat.

"Direct connections" can also be deceiving. This could include direct connections from one client to another, where that other client is acting as a P2P relay. Skype used this, because not all clients could punch a hole across NAT. So then you had some clients who are not reciprocating so that is the Tor model where some clients are relays and others are not.

I think if you dig for Gnutella statistics, you can find quantitative stats:

http://en.wikipedia.org/wiki/Gnutella#Gnutella_features

http://webcache.googleusercontent.com/search?q=cache:GSP3Yu7TbGMJ:www.gnutellaforums.com/general-gnutella-development-discussion/5397-gnutella-network-size-statistics.html+&cd=1&hl=en&ct=clnk&client=firefox-a


Please let me know what you find out.

Facetime over cellular wasn't enabled as a feature until last year, which means during the time period discussed in the patent lawsuit (last year) it was either non-existent or very new with minimal usage. Some carriers still don't allow it at all. For the most part it is/was a WiFi application meaning Apple has no special relationship. I'm pretty sure other applications will show similar statistics.

Guys have you seen this upcoming project called "Marking" -> https://github.com/project-bitmark/marking/wiki ?
It is part of Project Bitmark https://github.com/project-bitmark/bitmark

Dev has been developing a getMarked button, similar to the Facebook 'Like' button, which can be added to any web page. Which will serve to 'send' a real value corresponding with Bitmark coin.

I am thinking that walled garden isn't technically applicable to the wild of the internet. Apple dictates (negotiates) the terms with the iOS carriers and I assume can ensure that direct connections between iOS devices over the carriers is possible for the apps Apple wishes to whitelist.

The 5 - 10% before the change may have been amongst the Macs running Facetime that were not on a carrier network?

The model itself may not be a failure... It can be viewed as merely in a temporary stage of development.

Perhaps it is not possible to reach a trustless system without first going through this phase (needing to trust some 3rd parties, whether nodes/miners etc). The reason for this is because the scale of adoption (critical mass of the system) needed to be self sustaining cannot be achieved with a trustless system starting from scratch: It never reaches exponential growth for lack of trust.

Here's another source (testimony in a patent lawsuit) that 90-95% of Facetime connections are p2p (no relay), or at least they were before the lawsuit messed things up.

http://arstechnica.com/tech-policy/2013/08/report-after-patent-loss-apple-tweaks-facetime-and-logs-500000-complaints/

Not all of these are NAT traversal though, some significant number are likely just connections with no NAT at all. Either way though, there are many opportunities for P2P connections, still.

That appears to be his personal anecdotal experience and admits that figure doesn't apply to mobile.

And in my experience NAT traversal never works in the Philippines (I assume Skype was using a relay server).

This 2008 source says we don't have quantifiable data on the success rate.

ISPs don't have an incentive (note: 'shelby' is me) to allow you to run a server on your asymmetric bandwidth consumer internet downloading connection, unless the market demographics demand it (i.e. probably only in the developed western world). Thus the success rate is likely to get worse over time, not better as we move towards the global police state and top-down control over the internet. Moving to mobile should help accelerate the asymmetry of the internet, handing the power to our overlord masters.

Note this may also impact the way many crypto-coins are currently coded for P2P interaction, but I haven't studied their sources.

Zerocash

A scenario that worries me is people decide to adopt Zerocash over Monero because it mostly eliminates the need to obscure your IP address which is a dubious proposition in Monero, and they don't care short-term (which is the similar short-term logic justification in favor of Monero) about the inability to scale, nor the potential compromised masterkey which could allow the long-term undetected creation of coins (but can't impact the anonymity) which is great for our fiat masters.

So then we end up in a coin that can't scale unless mining is centralized (great for our fiat masters!) and has long-term threat of unlimited undetectable debasement and potential breakage of the anonymity if the crypto (not the masterkey) is compromised. (Note the Monero elliptical curve public cryptography would also be vulnerable to quantum computers if they ever come, but it might be possible to implement one-time ring signatures with McEliece public key cryptography instead of elliptical curves).

I'd wish to see something radically innovative that eliminates this confused inertia direction for the markets. That wish is vaporware.

And note Zerocash isn't entirely vaporware, the source code for the underlying SNARK technology is published. Is there any news from them since May 25?

http://zerocash-project.org/q_and_a#how-will-zerocash-be-released-and-deployed
http://zerocash-project.org/talks_and_media

Note Zerocash crypto is based on Pinnochio which is applicable to achieving Ethereum's goals and offloading the computation from the mining nodes. In that context, the newness of the crypto is much less a threat, because breaking it doesn't void the entire history of transactions as it does with retroactively breaking all prior anonymity.

---

Boolberry

In case the coherence of my upthread posts was lost on the reader, my initial enthusiasm about Boolberry was quickly muted when I realized they claim pruning which I (and apparently Monero devs) think is impossible. And their PoW hashing algorithm seems to lack entropy as I think about it more, thus is perhaps gameable (probably but I don't want to publicly assert 'probably' until I can elucidate how). The marketing and product strategy seems to also not be thought out. Thus any initial enthusiam about the quality of the developer has waned for me (although it is not outside the realm of possibility that he is really talented and was just being careless but won't do it again-- not likely).

Oh and I really want to transact in blue balls.

I had already made the point that is it is the opposite actually. I2P blinds us to the level of suggestion about questionable intentions.

That is certainly the most widely cited reason people are reluctant to endorse it. That and the fact that it doesn't exist (vaporware). In a feature-for-feature comparison between something that exists and vaporware, vaporware almost always wins.

So the premise for Monero is scaling doesn't matter short-term and we should chose the strongest anonymity.

In that case, Zerocash will win because you don't even need to obscure your IP address because all transaction details are completed blinded (although it can be seen you are connecting to the Zerocash network). Unless you don't trust the newness of the complex crypto.

So the scaling issue and long-term viability are the only way to beat Zerocash.

Plonk. (sorry but that is the logical conclusion of this long-winded discussion past days)

Looks like a two-horse race on anonymity between Zerocash and Monero (or Cryptonote in general) unless something radically innovative comes along...

They certainly could, it's just the argument that someone providing relay services for free is suggestive of questionable intentions does not apply to i2p the same way it might for Tor. Most of the time it is simply an indicator they are an i2p user.


I have no idea how many i2p users there are. I certainly don't expect Monero to drive i2p adoption to a large degree. Monero is just one small application that will be using i2p.


Here is one claim of an 85% success rate: http://stackoverflow.com/questions/23655243/nat-traversal-probability-of-success-using-stun

You are not a decentralized relay if your internet provider is blocking STUN NAT traversal tunneling, which many do I think to stop you from using your internet connection as a server. ISPs have an incentive to force us more and more towards an asymmetric client-server model and away from client-to-client form of P2P.

In any case, just because every legitimate user could potentially be a relay node (but probably isn't because of NAT traversal failure), doesn't mean the relay nodes can't be Sybil flooded (attacked). Remember the same servers running Tor could apply their bandwidth to I2P and present the I2P network with as many IP addresses as necessary, i.e. one relay node per IP address.

Tor showed that some are willing to donate that free bandwidth without any return (unless the return is monitoring all the traffic). And that I2P obscures who is providing free bandwidth, doesn't make that willingness go away. Worse yet, I2P obscures that an entity is Sybil attacking.

Edit: I suppose in theory I2P could become widespread enough that only the NSA could realistically break it with Sybil flooding. But Cryptonote can't scale to widespread. Would I2P become widespread enough on its own? Doesn't currently seem like it, and what % of internet connections are compatible with NAT traversal?

Edit#2: I have serious doubt that I2P can't be denial-of-service destroyed. My theoretical understandind is it is impossible to allow decentralized Sybil attacks as they do and be immune to DDoS. I read a formal statement of this fundamental tradeoff between decentralized Chaum mix-nets and DDoS in some research paper, but I can't remember which one it is. And working through the analysis in my mind, it seems to be the case.

lol I was literally in the middle of writing this so I'm gonna post it anyways:

If a financial network is running on that network, there is an implicit incentive to keep these nodes up and provided by the users of that network - IE they will potentially answer the "Who is providing all this bandwidth" question - it will be the users of the financial network. Also by doing this, you're (add:potentially) making the resources required to even perform timing attacks on one specific person orders of magnitude more expensive. Like this article: http://www.theguardian.com/world/2014/jul/25/russia-research-identify-users-tor . If Russia had to offer 39m roubles, instead of 3.9m just to get some research (assuming the cost for research would scale in a similar fashion) .. that's a positive outlook.

also, can the latency/other technical aspects of the i2p network impede the ability for pools themselves to scale? Will you have more trouble dealing with so much traffic going to one place IE: will there be a specific number of people that can possibly connect to a pool before the 'luck' of that pool goes down due to increased traffic volumes? of course people can just mine it without i2p i guess, but does it at least present a situation where that can be possible?

Actually there's a quote in that article that stands out heavily to me:


I was not aware that it was developed by USNRL. Guess I'll need some more history lessons here. Current thoughts on this - if USNRL thought this was going to offer a suitable usage case for their communications at one point .. do they still think so and have they worked out bugs we're dealing with right now .. or have they moved onto something totally different? More on this - could one of the reasons that these types of communications are not currently outlawed or banned in some countries be because these specific forms of communication transmission are currently serving their stated purpose?

CloakCoin

Flaws I see in the white paper:

1. Non-zero transaction fees.

2. PoS, i.e. does nothing to deal with centralization of mining.

3. The anonymization is flawed. It relies on two mining nodes not sharing their knowledge of which transactions correlate to which inputs received by the network. That is a fundamentally flawed concept that I dismissed long enough with my analysis of DarkCoin, because mining nodes can be Sybil attacked (the adversary can flood the network with mining nodes). It gets worse with PoS because those with the largest stake have the most mining nodes, thus your anonymity is for sale (or hackers can target with spyware those nodes with the highest stake).

Worse yet, if the first peer of the two has seen the transactions then it doesn't matter how the second peer rearranges them, so the entire thing is trivially defeated.  Assuming the senders of the transactions are encrypting them for the final peer, then the problem is as you add stages/hops (the paper proposes to double the stages) the system can be attacked with transaction spam since the transactions aren't verified until they are decrypted at the final peer. I assume you could ban IP addresses if sending nodes can't enter the network at-will.