[SDC] ShadowCash | Welcome to the UMBRA - page 105.

smooth

legendary

Activity: 2968

Merit: 1198

Quote from: erok on February 12, 2016, 10:54:45 PM

Quote from: smooth on February 12, 2016, 10:46:12 PM

Proof of concept code has been posted by shen:

Quote from: https://shnoe.wordpress.com/2016/02/11/de-anonymizing-shadowcash-and-oz-coin/

There was some doubt about whether this post is purely theoretical, or whether it in fact allows one to de-anonymize the sdc chain in practice. In fact, I originally thought it would be too much effort to install these other coins clients, which I am really familiar with, and then muck about in their code enough to get it working. However, after some prodding, I have created a simple replacement for their “ringsig.cpp” (see https://github.com/ShenNoether/Deanon) in the shadowcoin code, which, when run, after resyncing the chain, you will be able to determine who the signer of any ring sig is (read the debug.log in .shadowcoin directory). For example, here is the output according to the first ring signature sent on their blockchain:

ProcessBlock: ACCEPTED a801e125053dcc556b94
verifying ring sig asdf

index i = 0 / 4

index i = 1 / 4

index i = 2 / 4

index i = 3 / 4
signer is index 3

More FUD. And who else delivers it but SMOOTH, official Monero "dev". Proof of proof of concept? You got nothing. Just give it up. Tongue

Dude:

signer is index 3

Do you know what that means?

Shen has a file with every single ring signature from the chain broken. Anyone can reproduce using the code from his blog.

EDIT: https://raw.githubusercontent.com/ShenNoether/Deanon/master/sdcDeAnon.txt

erok

hero member

Activity: 896

Merit: 1000

Avatars are overrated.

Quote from: smooth on February 12, 2016, 10:46:12 PM

Proof of concept code has been posted by shen:

Quote from: https://shnoe.wordpress.com/2016/02/11/de-anonymizing-shadowcash-and-oz-coin/

There was some doubt about whether this post is purely theoretical, or whether it in fact allows one to de-anonymize the sdc chain in practice. In fact, I originally thought it would be too much effort to install these other coins clients, which I am really familiar with, and then muck about in their code enough to get it working. However, after some prodding, I have created a simple replacement for their “ringsig.cpp” (see https://github.com/ShenNoether/Deanon) in the shadowcoin code, which, when run, after resyncing the chain, you will be able to determine who the signer of any ring sig is (read the debug.log in .shadowcoin directory). For example, here is the output according to the first ring signature sent on their blockchain:

ProcessBlock: ACCEPTED a801e125053dcc556b94
verifying ring sig asdf

index i = 0 / 4

index i = 1 / 4

index i = 2 / 4

index i = 3 / 4
signer is index 3

More FUD. And who else delivers it but SMOOTH, official Monero "dev". Proof of proof of concept? You got nothing. Just give it up. Tongue

smooth

legendary

Activity: 2968

Merit: 1198

Proof of concept code has been posted by shen:

Quote from: https://shnoe.wordpress.com/2016/02/11/de-anonymizing-shadowcash-and-oz-coin/

There was some doubt about whether this post is purely theoretical, or whether it in fact allows one to de-anonymize the sdc chain in practice. In fact, I originally thought it would be too much effort to install these other coins clients, which I am really familiar with, and then muck about in their code enough to get it working. However, after some prodding, I have created a simple replacement for their “ringsig.cpp” (see https://github.com/ShenNoether/Deanon) in the shadowcoin code, which, when run, after resyncing the chain, you will be able to determine who the signer of any ring sig is (read the debug.log in .shadowcoin directory). For example, here is the output according to the first ring signature sent on their blockchain:

ProcessBlock: ACCEPTED a801e125053dcc556b94
verifying ring sig asdf

index i = 0 / 4

index i = 1 / 4

index i = 2 / 4

index i = 3 / 4
signer is index 3

erok

hero member

Activity: 896

Merit: 1000

Avatars are overrated.

Quote from: RyanOlstren on February 12, 2016, 10:33:49 PM

Quote from: LiteBit on February 12, 2016, 10:02:45 PM

^^ Shadow's #1 fan!

6 posts ever made and all in this thread!

I love SHADOW! It's the best!

Shadow is the best!

LiteBit

legendary

Activity: 1133

Merit: 1050

Quote from: RyanOlstren on February 12, 2016, 10:33:49 PM

Quote from: LiteBit on February 12, 2016, 10:02:45 PM

^^ Shadow's #1 fan!

6 posts ever made and all in this thread!

I've probably made 30 here but they get deleted. Criticism really isn't tolerated here. It shows in the code vulnerabilities.

Wow, super fan! Batting 1000.
Come join the rest of the community on slack https://shadowproject.herokuapp.com/

RyanOlstren

newbie

Activity: 29

Merit: 0

Quote from: LiteBit on February 12, 2016, 10:02:45 PM

^^ Shadow's #1 fan!

6 posts ever made and all in this thread!

I've probably made 30 here but they get deleted. Criticism really isn't tolerated here. It shows in the code vulnerabilities.

rutherford

sr. member

Activity: 624

Merit: 250

code: I'm a humble person in contrast to the arrogance in the altcoin scene, I chose not to declare myself as an expert cryptographer or programmer because I haven't worked with the OpenSSL API or the code in Shadow at all. However I feel completly capable of analyzing the situation and testing if the bug is a reality. Cryptography is a tedious case of testing all components used in the attack vector, in this situation being the generator, hash and the mathematics involved into combining them. While the blogpost points out a flaw in the mathematical relationship between the generator and the hash, we have to make sure that it exists and all necessary components are in place as described within the bug report. I'm not sure about letting a minority of both communities with the same goal abuse this situation to generate financial profits.

A message for Child_Harold,
If you have anything to say about my actions or words, please direct them to me. I don't trust you, or any of your puppet accounts, they are easily spottable by the way. The fact is your approach may be effective from time to time, but it's unethical. If you ever feel about debating your ethics, feel free to quote me.

LiteBit

legendary

Activity: 1133

Merit: 1050

^^ Shadow's #1 fan!

6 posts ever made and all in this thread!

RyanOlstren

newbie

Activity: 29

Merit: 0

Quote from: child_harold on February 12, 2016, 03:48:59 PM

Quote from: Wheatclove on February 12, 2016, 09:16:59 AM

https://blog.shadowproject.io/2016/02/12/deanonymize-shadow-nope/

If anyone from the Monero camp wishes to help attempt to deanonymize an actual transaction, feel free.

I just read through this and am slightly confused. It's not clear to me whether a problem exists or not.
All Im getting is:
a) we couldn't de-anon a tx using the vulnerability published after trying for 10 hours. This does not seem exhaustive and the blog shows no fancy maths to prove everything is OK
b) Your NOT gonna award the bounty cause he declared it publicly first.

Am I the only one who thinks more investigation is needed?

You are not.

The discussion on the github thread is anything but conclusive.

Also "trying for 10 hours" to deanonymize a transaction may mean that they didn't find a particular instance where this problem applies. I'd hate to be the politically persecuted individual who tried to send an "anonymous" token only to get it deanonymized because this particular vulnerability applied to my transaction.

The most likely case is that they couldn't find any transactions to deanonymize because no one actually uses this anonymous system. Probably for good reason.

erok

hero member

Activity: 896

Merit: 1000

Avatars are overrated.

Quote from: X1235 on February 12, 2016, 05:59:26 PM

Quote from: erok on February 12, 2016, 05:51:51 PM

Noone has deleted no one...

Quite controversial statement. Btw, who is Noone? Some imaginary friend from your early childhood? Grin

http://lmgtfy.com/?q=noone

You really are below average intelligence, X1235. You are like a racist Kylo Ren if Princess Leia got the Zika virus during pregnancy and passed on Microcephaly.

BAZINGA!

X1235

hero member

Activity: 671

Merit: 505

Quote from: erok on February 12, 2016, 05:51:51 PM

Noone has deleted no one...

Quite controversial statement. Btw, who is Noone? Some imaginary friend from your early childhood? Grin

erok

hero member

Activity: 896

Merit: 1000

Avatars are overrated.

Quote from: child_harold on February 12, 2016, 04:36:32 PM

Quote from: Wheatclove on February 12, 2016, 04:24:12 PM

Quote from: child_harold on February 12, 2016, 04:22:49 PM

Quote from: Wheatclove on February 12, 2016, 04:19:29 PM

Who gives a fuck bro? It's being worked on. Stop grasping at straws.

The headline bro, it's misleading. I sure hope you font have to edit it in a few days from Nope to Yup.

The entire Monero campaign has been misleading. Nobody cares though so fuck off now

Nobody cares. Your probably right. How sad for you.

Now I'll gladly fuck off since I am reminded of what a nightmare it is posting anything in this heavily moderated thread.

Noone has deleted anything you have said so far. I'm actually impressed you seem more civilized than usual although you completely disregarded my response. HOW RUDE. Tongue

child_harold

hero member

Activity: 812

Merit: 1000

Quote from: Wheatclove on February 12, 2016, 04:24:12 PM

Quote from: child_harold on February 12, 2016, 04:22:49 PM

Quote from: Wheatclove on February 12, 2016, 04:19:29 PM

Who gives a fuck bro? It's being worked on. Stop grasping at straws.

The headline bro, it's misleading. I sure hope you font have to edit it in a few days from Nope to Yup.

The entire Monero campaign has been misleading. Nobody cares though so fuck off now

Nobody cares. Your probably right. How sad for you.

Now I'll gladly fuck off since I am reminded of what a nightmare it is posting anything in this heavily moderated thread.

erok

hero member

Activity: 896

Merit: 1000

Avatars are overrated.

Quote from: child_harold on February 12, 2016, 04:22:49 PM

Quote from: Wheatclove on February 12, 2016, 04:19:29 PM

Who gives a fuck bro? It's being worked on. Stop grasping at straws.

The headline bro, it's misleading. I sure hope you wont have to edit it in a few days from Nope to Yup.

No actually they never proved that it could be de-anon'ed. They have effectively failed at that when challenged and now the internal team is spending days trying to prove his theory and are unable to because his theory is bullcrap. And now you are trolling again for an emotional response.

lol

Wheatclove

hero member

Activity: 606

Merit: 500

Quote from: child_harold on February 12, 2016, 04:22:49 PM

Quote from: Wheatclove on February 12, 2016, 04:19:29 PM

Who gives a fuck bro? It's being worked on. Stop grasping at straws.

The headline bro, it's misleading. I sure hope you font have to edit it in a few days from Nope to Yup.

The entire Monero campaign has been misleading. Nobody cares though so fuck off now

child_harold

hero member

Activity: 812

Merit: 1000

Quote from: Wheatclove on February 12, 2016, 04:19:29 PM

Who gives a fuck bro? It's being worked on. Stop grasping at straws.

The headline bro, it's misleading. I sure hope you wont have to edit it in a few days from Nope to Yup.

Wheatclove

hero member

Activity: 606

Merit: 500

Quote from: child_harold on February 12, 2016, 04:07:37 PM

The following quote shows this matter is unresolved:

Quote

Today showed us that public security reports can cause panic and FUD (fear, uncertainty and doubt) among our users, while in fact, the issue at hand might be easily solved by our team members or not be an issue at all.

The word might is hardly re-assuring or one oft used by mathematicians.

So isn't the headline Deanonymize Shadow? Nope. misleading when the matter is still unresolved?

Also this discussion https://github.com/shadowproject/shadow/issues/25 is an exchange between kewde (code i guess - who is not a crytographer) and ShenNoether. Ryno's only comment is to say he doesnt know who runs the bounty (and he adds a ty) and no comments at all from the elusive tecnovert (SDC's heralded crytopgrapher whom nobody save ryno knows iirc).

Who gives a fuck bro? It's being worked on. Stop grasping at straws.

child_harold

hero member

Activity: 812

Merit: 1000

The following quote shows this matter is unresolved:

Quote

Today showed us that public security reports can cause panic and FUD (fear, uncertainty and doubt) among our users, while in fact, the issue at hand might be easily solved by our team members or not be an issue at all.

The word "might" is hardly re-assuring or one oft used by mathematicians.

So isn't the headline Deanonymize Shadow? Nope. misleading when the matter is still unresolved?

Also this discussion https://github.com/shadowproject/shadow/issues/25 is an exchange between kewde (code i guess - who is not a crytographer) and ShenNoether. Ryno's only comment is to say he doesnt know who runs the bounty (and he adds a ty) and no comments at all from the elusive tecnovert (SDC's heralded crytopgrapher whom nobody save ryno knows iirc).

Perhaps I should add that, as I understand it, ShenNoether is some kinda academic/crytographer/mathematician who presumably knows his stuff. Describing him as a "user" in the Research Labs struck me as odd.

LiteBit

legendary

Activity: 1133

Merit: 1050

Quote from: Wheatclove on February 12, 2016, 03:56:55 PM

Quote from: child_harold on February 12, 2016, 03:48:59 PM

Am I the only one who thinks more investigation is needed?

They're still testing it. Can't answer your other questions.

The github issue is still "open" https://github.com/shadowproject/shadow/issues/25

Quote from: blog.shadowproject.io

We will of course keep looking into the claim and come up with a detailed report as soon as possible.

official word still not issued

Wheatclove

hero member

Activity: 606

Merit: 500

Quote from: child_harold on February 12, 2016, 03:48:59 PM

Quote from: Wheatclove on February 12, 2016, 09:16:59 AM

https://blog.shadowproject.io/2016/02/12/deanonymize-shadow-nope/

If anyone from the Monero camp wishes to help attempt to deanonymize an actual transaction, feel free.

I just read through this and am slightly confused. It's not clear to me whether a problem exists or not.
All Im getting is:
a) we couldn't de-anon a tx using the vulnerability published after trying for 10 hours. This does not seem exhaustive and the blog shows no fancy maths to prove everything is OK
b) Your NOT gonna award the bounty cause he declared it publicly first.

Am I the only one who thinks more investigation is needed?

They're still testing it. Can't answer your other questions.

Topic: [SDC] ShadowCash | Welcome to the UMBRA - page 105. (Read 1289644 times)