Topic: [SDC] ShadowCash | Welcome to the UMBRA - page 104. (Read 1289635 times)
Looks like the whole chain has been deanonymized. ugh. https://raw.githubusercontent.com/ShenNoether/Deanon/master/sdcDeAnon.txt
I edited my original post to include "My limited understanding is that reveals which signature belongs to the original initiator of a ring signature. Can any other information be deduced from that signature?
You have the SDC logo in your avatar but you have no idea what is being offered with this coin or how it works? A knowledgeable investor wouldn't ask this question.
FINE i erased the "no it doesnt" 
I'm going to give you the benefit of the doubt and assume that even though you support this coin you are not just another SDC slimebag.
Here's what you need to do:
(1) Face your denail.
(2) Dump your SDC while the price is still inflated.
(3) If you like it so much, buy back cheaper.
(4) Consider the profit your reward for monitoring this thread and staying loyal to your coin.
If you want to tip me after you realize your profits, I'll take XMR.
What exactly does this exploit reveal in a single ring signature transaction?
A ring signature has multiple possible signers. The idea is that it is suppose to not be possible to tell which previous transaction's output is being spent.
I edited my original post to include "My limited understanding is that reveals which signature belongs to the original initiator of a ring signature. Can any other information be deduced from that signature?"
So, their whole blockchain is now useless from a privacy perspective right?
The SDC portion was always equivalent to BTC from a privacy perspective (except for being less used which likely makes it worse in practice).
The Shadow portion has functioning (afaik) stealth addresses but the ring sigs did not function. That makes it equivalent to BTC where addresses are never reused. No 'mixing' function.
You are too much of a gentleman.
It is much much much worse than bitcoin because people have used the "anonymous" feature of this coin with the expectation of anonymity. This jeopardizes their freedom, safety, and maybe even life.
It's inexcusable.
You are in denial. They produced a list of every ring signature of SDC deanonymized.
So, their whole blockchain is now useless from a privacy perspective right?
The SDC portion was always equivalent to BTC from a privacy perspective (except for being less used which likely makes it worse in practice).
The Shadow portion has functioning (afaik) stealth addresses but the ring sigs did not function. That makes it equivalent to BTC where addresses are never reused. No 'mixing' function.
You are too much of a gentleman.
It is much much much worse than bitcoin because people have used the "anonymous" feature of this coin with the expectation of anonymity. This jeopardizes their freedom, safety, and maybe even life.
It's inexcusable.
You are in denial. They produced a list of every ring signature of SDC deanonymized.
You issued this:
No but I do suppose I was the one blowing the loudest "bullshit trollfud" horn. Honestly I can't say I blame you. There is a lot of FUD and trolling and false claims that go on here, this just didn't happen to be one of them, as it turns out.
Anyway, the i information is out now, and it will be up to your team to decide how to address it. Ideally it gets fixed.
Signing off from the thread for now unless anyone has a question for me.
Still don't like to overall tone of this criticisms throughout the thread.
But I do have a question for you. I don't have time to sort through all the insults being thrown around by everyone as I'm doing homework.
What exactly does this exploit reveal in a single ring signature transaction?
A ring signature has multiple possible signers. The idea is that it is suppose to not be possible to tell which previous transaction's output is being spent.
As an example, say some unpopular military attack has to be ordered, but nobody wants to go down in history as the one who ordered it. If 10 leaders have private keys, one of them could sign the order and you wouldn't know who did it.
In the case of the broken ring signatures in Shadow, you can always tell which leader gave the order (which transaction's output is being spent).
So, their whole blockchain is now useless from a privacy perspective right?
The SDC portion was always equivalent to BTC from a privacy perspective (except for being less used which likely makes it worse in practice).
The Shadow portion has functioning (afaik) stealth addresses but the ring sigs did not function. That makes it equivalent to BTC where addresses are never reused. No 'mixing' function.
You are too much of a gentleman.
It is much much much worse than bitcoin because people have used the "anonymous" feature of this coin with the expectation of anonymity. This jeopardizes their freedom, safety, and maybe even life.
It's inexcusable.
So, their whole blockchain is now useless from a privacy perspective right?
The SDC portion was always equivalent to BTC from a privacy perspective (except for being less used which likely makes it worse in practice).
The Shadow portion has functioning (afaik) stealth addresses but the ring sigs did not function. That makes it equivalent to BTC where addresses are never reused. No 'mixing' function.
You are too much of a gentleman.
It is much much much worse than bitcoin because people have used the "anonymous" feature of this coin with the expectation of anonymity. This jeopardizes their freedom, safety, and maybe even life.
It's inexcusable.
You issued this:
No but I do suppose I was the one blowing the loudest "bullshit trollfud" horn. Honestly I can't say I blame you. There is a lot of FUD and trolling and false claims that go on here, this just didn't happen to be one of them, as it turns out.
Anyway, the i information is out now, and it will be up to your team to decide how to address it. Ideally it gets fixed.
Signing off from the thread for now unless anyone has a question for me.
Still don't like to overall tone of this criticisms throughout the thread.
But I do have a question for you. I don't have time to sort through all the insults being thrown around by everyone as I'm doing homework.
What exactly does this exploit reveal in a single ring signature transaction? My limited understanding is that reveals which signature belongs to the original initiator of a ring signature. Can any other information be deduced from that signature?
So, their whole blockchain is now useless from a privacy perspective right?
The SDC portion was always equivalent to BTC from a privacy perspective (except for being less used which likely makes it worse in practice).
The Shadow portion has functioning (afaik) stealth addresses but the ring sigs did not function. That makes it equivalent to BTC where addresses are never reused. No 'mixing' function.
So, their whole blockchain is now useless from a privacy perspective right?
You issued this:
No but I do suppose I was the one blowing the loudest "bullshit trollfud" horn. Honestly I can't say I blame you. There is a lot of FUD and trolling and false claims that go on here, this just didn't happen to be one of them, as it turns out.
Anyway, the i information is out now, and it will be up to your team to decide how to address it. Ideally it gets fixed.
Signing off from the thread for now unless anyone has a question for me.
You issued this:
No but I do suppose I was the one blowing the loudest "bullshit trollfud" horn. You issued this:
https://blog.shadowproject.io/2016/02/12/deanonymize-shadow-nope/
"We would like you -our dedicated users- to know that, after 10+ hours of testing by Shadow’s core developers, our team has not yet managed to deanonymize any private transaction."
If so, then you either lied about your core developers being unable to write a few lines of code in a 10 hours, or they aren't able to do so.I don't know which.
https://blog.shadowproject.io/2016/02/12/deanonymize-shadow-nope/
"We would like you -our dedicated users- to know that, after 10+ hours of testing by Shadow’s core developers, our team has not yet managed to deanonymize any private transaction."
If so, then you either lied about your core developers being unable to write a few lines of code in a 10 hours, or they aren't able to do so.I don't know which.
This coin will never have credibility because the devs are incompetent and the community is slime.
I remember they viciously fudded other coins for the content of their roadmaps, nitpicking on technicalities.
And here, through gross incompetence, the devs jeopardize the safety (yes safety) of every person who used their "anonymous" system.
I know my post will get deleted because of the intellectual dishonesty of the devs, but hopefully it will stand long enough for a few others to read it.
I'm not positive but I think both ring sig versions have the flaw.
The code can be fixed, going forward. Incompetence is harder to fix.
You issued this:
https://blog.shadowproject.io/2016/02/12/deanonymize-shadow-nope/
"We would like you -our dedicated users- to know that, after 10+ hours of testing by Shadow’s core developers, our team has not yet managed to deanonymize any private transaction."
If so, then you either lied about your core developers being unable to write a few lines of code in a 10 hours, or they aren't able to do so.I don't know which.
https://blog.shadowproject.io/2016/02/12/deanonymize-shadow-nope/
"We would like you -our dedicated users- to know that, after 10+ hours of testing by Shadow’s core developers, our team has not yet managed to deanonymize any private transaction."
If so, then you either lied about your core developers being unable to write a few lines of code in a 10 hours, or they aren't able to do so.I don't know which.
This coin will never have credibility because the devs are incompetent and the community is slime.
I remember they viciously fudded other coins for the content of their roadmaps, nitpicking on technicalities.
And here, through gross incompetence, the devs jeopardize the safety (yes safety) of every person who used their "anonymous" system.
I know my post will get deleted because of the intellectual dishonesty of the devs, but hopefully it will stand long enough for a few others to read it.
You issued this:
https://blog.shadowproject.io/2016/02/12/deanonymize-shadow-nope/
"We would like you -our dedicated users- to know that, after 10+ hours of testing by Shadow’s core developers, our team has not yet managed to deanonymize any private transaction."
If so, then you either lied about your core developers being unable to write a few lines of code in a 10 hours, or they aren't able to do so.I don't know which.
https://blog.shadowproject.io/2016/02/12/deanonymize-shadow-nope/
"We would like you -our dedicated users- to know that, after 10+ hours of testing by Shadow’s core developers, our team has not yet managed to deanonymize any private transaction."
If so, then you either lied about your core developers being unable to write a few lines of code in a 10 hours, or they aren't able to do so.I don't know which.
This coin will never have credibility because the devs are incompetent and the community is slime.
I remember they viciously fudded other coins for the content of their roadmaps, nitpicking on technicalities.
And here, through gross incompetence, the devs jeopardize the safety (yes safety) of every person who used their "anonymous" system.
I know my post will get deleted because of the intellectual dishonesty of the devs, but hopefully it will stand long enough for a few others to read it.
Proof of concept code has been posted by shen:
More FUD. And who else delivers it but SMOOTH, official Monero "dev". Proof of proof of concept? You got nothing. Just give it up. There was some doubt about whether this post is purely theoretical, or whether it in fact allows one to de-anonymize the sdc chain in practice. In fact, I originally thought it would be too much effort to install these other coins clients, which I am really familiar with, and then muck about in their code enough to get it working. However, after some prodding, I have created a simple replacement for their “ringsig.cpp” (see https://github.com/ShenNoether/Deanon) in the shadowcoin code, which, when run, after resyncing the chain, you will be able to determine who the signer of any ring sig is (read the debug.log in .shadowcoin directory). For example, here is the output according to the first ring signature sent on their blockchain:
ProcessBlock: ACCEPTED a801e125053dcc556b94
verifying ring sig asdf
index i = 0 / 4
index i = 1 / 4
index i = 2 / 4
index i = 3 / 4
signer is index 3
ProcessBlock: ACCEPTED a801e125053dcc556b94
verifying ring sig asdf
index i = 0 / 4
index i = 1 / 4
index i = 2 / 4
index i = 3 / 4
signer is index 3
Dude:
signer is index 3
Do you know what that means?
They can if they have any idea what they are doing. After 10 hours of work which would have required a few lines of code to reproduce, all they could do is issue a false denial.
You issued this:
https://blog.shadowproject.io/2016/02/12/deanonymize-shadow-nope/
"We would like you -our dedicated users- to know that, after 10+ hours of testing by Shadow’s core developers, our team has not yet managed to deanonymize any private transaction."
If so, then you either lied about your core developers being unable to write a few lines of code in a 10 hours, or they aren't able to do so. I don't know which.
Proof of concept code has been posted by shen:
More FUD. And who else delivers it but SMOOTH, official Monero "dev". Proof of proof of concept? You got nothing. Just give it up. There was some doubt about whether this post is purely theoretical, or whether it in fact allows one to de-anonymize the sdc chain in practice. In fact, I originally thought it would be too much effort to install these other coins clients, which I am really familiar with, and then muck about in their code enough to get it working. However, after some prodding, I have created a simple replacement for their “ringsig.cpp” (see https://github.com/ShenNoether/Deanon) in the shadowcoin code, which, when run, after resyncing the chain, you will be able to determine who the signer of any ring sig is (read the debug.log in .shadowcoin directory). For example, here is the output according to the first ring signature sent on their blockchain:
ProcessBlock: ACCEPTED a801e125053dcc556b94
verifying ring sig asdf
index i = 0 / 4
index i = 1 / 4
index i = 2 / 4
index i = 3 / 4
signer is index 3
ProcessBlock: ACCEPTED a801e125053dcc556b94
verifying ring sig asdf
index i = 0 / 4
index i = 1 / 4
index i = 2 / 4
index i = 3 / 4
signer is index 3
Dude:
signer is index 3
Do you know what that means?
They can if they have any idea what they are doing. After 10 hours of work which would have required a few lines of code to reproduce, all they could do is issue a false denial.
Proof of concept code has been posted by shen:
More FUD. And who else delivers it but SMOOTH, official Monero "dev". Proof of proof of concept? You got nothing. Just give it up. There was some doubt about whether this post is purely theoretical, or whether it in fact allows one to de-anonymize the sdc chain in practice. In fact, I originally thought it would be too much effort to install these other coins clients, which I am really familiar with, and then muck about in their code enough to get it working. However, after some prodding, I have created a simple replacement for their “ringsig.cpp” (see https://github.com/ShenNoether/Deanon) in the shadowcoin code, which, when run, after resyncing the chain, you will be able to determine who the signer of any ring sig is (read the debug.log in .shadowcoin directory). For example, here is the output according to the first ring signature sent on their blockchain:
ProcessBlock: ACCEPTED a801e125053dcc556b94
verifying ring sig asdf
index i = 0 / 4
index i = 1 / 4
index i = 2 / 4
index i = 3 / 4
signer is index 3
ProcessBlock: ACCEPTED a801e125053dcc556b94
verifying ring sig asdf
index i = 0 / 4
index i = 1 / 4
index i = 2 / 4
index i = 3 / 4
signer is index 3
Dude:
signer is index 3
Do you know what that means?
They can if they have any idea what they are doing. After 10 hours of work which would have required a few lines of code to reproduce, all they could do is issue a false denial.
Proof of concept code has been posted by shen:
More FUD. And who else delivers it but SMOOTH, official Monero "dev". Proof of proof of concept? You got nothing. Just give it up. There was some doubt about whether this post is purely theoretical, or whether it in fact allows one to de-anonymize the sdc chain in practice. In fact, I originally thought it would be too much effort to install these other coins clients, which I am really familiar with, and then muck about in their code enough to get it working. However, after some prodding, I have created a simple replacement for their “ringsig.cpp” (see https://github.com/ShenNoether/Deanon) in the shadowcoin code, which, when run, after resyncing the chain, you will be able to determine who the signer of any ring sig is (read the debug.log in .shadowcoin directory). For example, here is the output according to the first ring signature sent on their blockchain:
ProcessBlock: ACCEPTED a801e125053dcc556b94
verifying ring sig asdf
index i = 0 / 4
index i = 1 / 4
index i = 2 / 4
index i = 3 / 4
signer is index 3
ProcessBlock: ACCEPTED a801e125053dcc556b94
verifying ring sig asdf
index i = 0 / 4
index i = 1 / 4
index i = 2 / 4
index i = 3 / 4
signer is index 3
Dude:
signer is index 3
Do you know what that means?
Jump to: