Topic: rpietila Altcoin Observer - page 146. (Read 387493 times)

But the more you try to hide your transactions, the more they keep an eye on you. And also, the government may persuade companies like amazon, dell, etc. not to support cryptos with these feature.

There's always been the chance of governments attempting to outlaw cyrptocurrency outright.  If they don't do that, they might also attempt to kill it with overbearing regulation, or according to Anonymint, confiscation.  People see anonymous coins as being a safeguard to both of those variables, amongst others.  Purely speculative on my part of course.

Could anyone explain to me why there's too much fuss about anon coins and how would ordinary users benefit from this feature?
Say, someone wants to buy 2nd hand ps4 from someone. Why would he be so eager to use cryptos with anon feature and hide his transactions?

The currency is dead in the water if an ASIC comes out before more than half of the currency is mined IMO.  Litecoin would be an example of this.  It only has 30 of 80 million mined, and now the entire revenue stream of the network basically goes straight to the pockets of ASIC manufacturers.  There's no reason for the average human to want to become involved in the network under that situation, and it has hampered the uptake of BTC severely.  CPU coins, on the other hand, are born with this problem from day one due to botnets, and the fact that very few people own large CPU mining rigs to compete with them.  A long GPU mining period seems essential to establishing a currency.

As for the monopolization of XMR due to ASIC, such as what happened to Litecoin, XMR has a rather short mining period, a little too short in my opinion, so there's less risk of a situation like mentioned above occurring.  My idea of soft forking to have multiple PoW algorithms should the first one become ASIC monopolized too soon is probably completely unnecessary given how short XMR mining period is.  Dealing with continuous weighting upkeep in that situation is also a developer hassle and kind of defies the idea of decentralization having someone babysit the code.

Yes, thats what made me decide to invest in Monero. Darkcoin was the front contender for anonymity, but the instamine hinders it immensely, I was skeptical of Monero at first naturally, since I was a Darkcoin "bagholder", but in time I've come to accept that Monero  is the superior choice, both because of its superior anonymity and fair release. I also really like it's name.

Like you, I am not troubling myself to do any diligence, such as to address Bitmark.  Hence, I abstracted away from the specific coin (thus, 'appcoin X') to make what I felt was a useful point (for the median reader).  I have no knowledge from which to address topics specific to Bitmark.

Amen.  A heartbreaking work of staggering genius.  Mining decentralization has been the most persistently obvious weak point.


This +1000.  

The government actor is the only substantive challenge, and also the critical differentiator between BTC and XMR, for the highly competent actor:  Anyone can run dark on the bitcoin chain, with comparable security probabilities to those enjoyed by a somewhat more naive XMR runner, if they apply layered technologies.    Access and ease of use are the substantive differentiator for XMR, which will give it the bulk of the dark liquidity market.  The bigger the money, the more desirable it is to capture that liquidity market.  The bigger the money, the more important it is to harden against a nation-state actor.    The biggest money will have a natural affinity for the most secure platform, and will use dark channels effectively, by means of high technical expertise, but the second tier of large money will be more important in aggregate, and will require ease of use, conjoined with robust cryptographic assurances.  That tier will be seeking assurances which are  responsive to nation-state threat models.  XMR has the potential to meet this need, although it cannot now, and will benefit enormously from doing so.  I keep emphasizing this, because incentives work wonders, but only if the relevant actors are aware of them, to be motivated accordingly.

Brilliant.  I hope this bumps their xn volume.  I will probably try some large volume marginal alt scalps, just to reward PLX (with negative costs).

I bought DRK as well, when there was no superior alternative.  It was a good choice for me.  I hope that you benefitted as well.  And although the forks &c haven't done DRK any good, I don't blame its fate on those.  One could recover from such problems.  The fundamental issues are twofold: (1) what the cryptographic community likes to call 'snake-oil cryptography', and (2) the 'scam' tag that comes from pre-mine (and ponzi marketing).  It is nigh impossible to recover from those.

I think he was talking about Bitmark. Is that an appcoin? As far as I can tell it was just trying to be a regular coin, but I couldn't be sure.

Agreed.  That does not mean that appcoin X is not a good investment.  But it does mean that appcoin X is almost certainly not a candidate for a substantial slice of global liquidity, as are BTC and XMR for the moment.  An appcoin such as Ethereum, or name your favorite, might be a very good investment without a 1,000,000x upside.

Considering how I support/ed Darkcoin, which was poised to take over LTC's marketcap if it werent for the messed up forks, etc etc. I have no doubt that Monero will be able to take over LTC's market cap since it lacks any of those faults tbh.

this is just the beginning. I'm waiting for monero to take over the LTC market cap

Not necessarily. The task of assembling them into an attack is still a significant investment. And once that is done you face the question of whether it is more profitable to mine or attack. Empirically it seems the incentives are usually to mine, with a few (so far) outlier exceptions (low-usage coins with large rapid drops in hash rate).

You mentioned Google or NSA, but both Google and NSA have those computers for a reason, so presumably they are already doing something. If you want to take those computers and use them to attack a coin, that has a significant opportunity cost. And even at that, Google still isn't that big. XMR is reasonably close (1-2 orders of magnitude) to exceeding Google's rumored entire 1m computer capacity (meaning you would have to shut down Google to pull off the attack -- good luck with that plan), and XMR is still a tiny coin.

I think you underestimate the task of building a large attack. By contrast, any subset of these computers can just go ahead and mine instead

Monero just became the main coin on poloniex...litecoin market was switched for a monero market....Looks like monero really is something to take seriously.

Yes, indeed, you could be right.  I've certainly considered that scenario.  But isn't the CPU scenario worse?  There's a huge pool of CPUs already out there and assembled into machines.


Yes indeed.  Satoshi's real genius was to create a system with the right incentives, at all levels.

As I said, this is still a "thought in progress".  But I worry less about the evil SHA-256 ASIC plant then about the evil NSA CPU cluster.  I think there are enough producers churning out SHA-256 ASICs as fast as they can (certainly including many we don't know about, that are just mining for their own benefit rather than selling miners) that the attack you describe is actually becomeing pretty unlikely.

roy

I don't know anything about Bitmark, so I don't have an opinion on how likely it is to eclipse LTC.

As for whether Monero will ever have custom miners?  I think probably, but I haven't thought about this deeply.  I doubt we will have Cryptonight ASICs any time soon in an analagous sense to SHA-256 ASICs.  But then, custom designed machines that miner more efficently than a PC or graphics card?  Very likely.  And in the long term, will such devices use ASICs to assist the process?  Probably.

But my belief is that the factor by which the custom hardware improves the hash per dollar over PCs and GPUs will be way lower with Cryptonight than with BTC.  And therefore I think out network will be less secure that it could have been. My guess is Scrypt has the same problem in being worse than SHA-256 in this regard, but that Scrypt is better than Cryptonight. (Except, as I said, I wouldn't use scrypt, because there is already a big established scrypt coin which will be difficult to displace)

I don't think you can trust the ASICs in the way you suggest. The ones already delivered and paid for in the hands of customers, perhaps. But chip production costs are usually quite low, especially for mature processes with high yield. Manufacturers constrain their production volume in order to achieve a high selling price (or if they are mining themselves, to maximize profitability by not driving up difficulty) and recoup NRE.

But consider the same economics from the point of view of a rogue ASIC-developer. He can run off 10x or 100x as many ASICs at only modestly increased cost, and then use them to attack the network instead of for mining.

The only real protection from this risk seems to be that it is usually more profitable to mine than attack.

That applies equally to ASICs, CPUs, and GPUs. We have seen enormous numbers of CPUs from AWS, etc. come online in a very short period of time on this coin and others. GPUs likewise move around constantly between different coins in order to mine them. This is easy to do when the mining profitability is there. But we rarely see actual attacks, and never on coins with a real level of success. It seems the incentives to attack are much smaller than the incentive to take that same resource and just mine with it. Otherwise, with how easy it already is to move CPUs and GPUs around, we would see attacks constantly.

Satoshi said something along these lines in his paper. It likely assumes some level of actual success by the coin (so the mined coins are worth enough, otherwise you will get nuisence attacks, even if they aren't economically motivated), and it assumes a rational mining emissions. If there are no (or nearly no) mining rewards, you might as well attack.

Perhaps both will happen

Sorry, what I should have said was, no coin can create a new PoW funciton and start with a network that ASIC mines it.

I read what you say, and as I said, I don't think this is a big deal.  I'm not going to stop investing in XMR because of it.

But the fact of the matter is that BTC is in the enviable situation that there is no one bigger that it using the same mining hardware.  You are not in that situation, and nor are we. [EDIT: And unless we change our PoW, we will never be in that enviable situation unless/until there are custom Cryptonight miners.  And unless you change your PoW you will never be in that enviable situation unless LTC fails - or you grow bigger than it.]

roy