Topic: rpietila Altcoin Observer - page 176. (Read 387493 times)

 "As has been mentioned, CryptoNote-based currencies use ring signatures (contrast group signatures, which involve a trusted party) rather than plain old ECDSA signatures in the proof-of-ownership part of their transaction signature scheme. Essentially, in Bitcoin each transaction output has a public key associated to it (identified, though not revealed, by the Bitcoin address on the output), and to spend that output you need to produce a small script including a digital signature using this key. When everyone sees that transaction, they see that the old output(s) are spent (so they can forget about it, except as far as keeping historical blockchain data for new users) and that new unspent output(s) have been created. Ring signatures, on the other hand, are associated to an arbitrary set of public keys, and knowledge of only one is required to make a signature. CryptoNote uses this by having each transaction input be a set of potential unspent outputs of the same value, signed by a ring signature using all those outputs' associated keys. It is impossible to determine which one is the "real" one that the signer is actually spending.

You might ask, if it's impossible to determine which outputs are being spent, how can double-spending by prevented? CryptoNote solves this using a special ring signature algorithm (which is a modified version of existing signatures, so this is original cryptography and their security proof should be scrutinized — fortunately it is not too complicated) in which the real signing key has a key image associated to it, which must be published alongside the signature. This key image cannot be reversed to get the original key and deanonymize the sender, but if a double-spend is attempted, users will see that the same key image is used twice and reject the second attempt."

Don't know if this has been mentioned in this thread, but over in the [XMR] announcement thread somebody posted a link to a stack exchange discussion with a very knowledgable and thoroughgoing analysis of the cryptonote protocol and issues it faces going forward:
https://crypto.stackexchange.com/questions/18091/is-there-any-true-anonymous-cryptocurrencies/18096#18096

Yeah. I can imagine the name has driven off quite a lot of investors to be honest. It's not the worst name for something like an app. But for a currency that's supposed to be quite a serious thing, it's not appropriate.

Monero on the other hand is one of the better names I've seen.

Just worked out I could buy 72 XMR (a year's worth of mining on my laptop) on exchange for $112... that's less than a meal at a restaurant.

Not even going to tax my brain working out electricity cost, whether I'll kill my cpu etc... we're eating in tonight and I'm heading over to Poloniex, job done. A years worth of mining in 2 minutes.

More power to those that can make mining work for them... thankfully for average joes like me there are Crypto-exchanges.  

Tor+Bitcoin and a mixer can be traced. For example, when using a mixer, you must have NO Taint whatsoever on your coins for it to work, that's why it's very hard to mix 100 btc or so at a time, unless there are other people also mixing the same amount(100btc+) at the same time you're mixing it, because it risks your own coins coming back to you. Once that happens, you're screwed, and an investigator will always be able to track you down.

I'm also 100% sure, that there are scripts/programs being made, to keep track of addresses/coins, that are broken down by mixers/people. Those scripts will be able to identify every address the mixed coins were sent to, and eventually identity the person behind the coins once they cash out.

Blockchaininfo's Sharedcoin's mixing was shown to be able to be traced: http://www.reddit.com/r/Bitcoin/comments/27rsv8/confirmed_blockchaininfo_shared_coin_is_broken/

Simply Put: Mixers are a horrible/trivial way to try and hide your coins.

Is there a list of merchants accepting XMR?

XMR market is any person or entity that wants to move money from A to B anonymously, aka worldwide cash, aka the market is huge if people is aware of that this tech can deliver.
No one wants to have their money movements in public like Bitcoin.

I own both XMR and BBR but i'm more optimistic about XMR. For each 5 dollars invested in CryptoNote i have 4 in XMR and 1 in BBR. Historical data showed that other CN coins also got pumped everytime XMR got pumped.

The only thing i dislike about BBR is the name. They had a name contest but i don't know why they came up new name "Boolberry", it sounds even more stupid than previous name "Honeypenny".

I am buying both XMR and BBR. These coins will eat the market segment from DRK and XC gradually thanks to their superior technology and more competent development team. DRK is declining. Good signal for XMR and BBR

Are you buying more?

Also, you don't hold any BBR right? Why or why not? Did we cover that already in the thread? If so I probably missed it as I haven't been reading it since the beginning.

BBR is ultra cheap right now. It's tempting. If XMR rebounds I would expect BBR to have higher percentage gains and potentially go back to around ~25-30% of XMR. That is of course unless there is some development issue that I'm not aware of. But everything I've seen so far seems to indicate that BBR development is quite good.

A great day to buy them. You should always buy value, and now there is some serious value available, shame that the volume is so low.

As long as we stay above the previous low of 0.0018 in XMR, there is nothing to be concerned about pricewise. And I think we will.

Yeah, I know the CN ring signatures are unprecedented. But I meant purely from a anonymity angle. I know the CN anonymity is good. But is the method I mentioned sufficient at all? For years people have said that using Bitcoin can be anonymous if and only if you do it the right way. I'm assuming the 'right way' is what I mentioned or at least similar to what I mentioned. But is it good enough or has it been shown to be weak?

Plain "No". This is really a new tech, with anonymity built in at the root level of the protocol, not an obfuscation layer that you put on top of it (like a bitcoin mixer). This is very different from previous coins that were "just" forks of forks of bitcoin. Go through this thread to learn more, or read the cryptonote white paper.

It's as shitty as using Darkcoin.

What a great day to not be invested in any CN coins.

Is using Tor + Bitcoin and using a mixer any way comparable to this new generation of anon tech?

why no one in the post is talking about cloak?

Don't want to make spam of it, all the info about it is in the official post . I like rpietila's work in btc and altcoins and i'm reading this post from time to time, and it's surprising for me that no one talks about cloak. It's getting strong roots, and i can see it rising in short term and consolidating in top10 for medium/long term.




 

Are they not related to the discussion at all?

Anon was not discussed until Darkwallet and darkcoin hit the headlines.

The *cost of mining* is never an explanation for the valuation of a coin, as we've noted many times.

Botnets are a part of why mining XMR may be less profitable for miners than it used to be.  So is increasing awareness of XMR by other competing miners.  Competition in mining drives the revenue from mining to nearly zero relative to the power cost.

It does everything I need very well. Even If I had an i5, I would still get jack shit. Mining is useless unless you rent servers or have several machines runing, thats all I was saying, you making a link between me mining or not having an impact on the price is what's irrelevant.