ShadowCash is mathematically broken. I urge all SDC supporters to join Monero. - page 3.

erok

hero member

Activity: 896

Merit: 1000

Avatars are overrated.

Quote from: iCEBREAKER on February 12, 2016, 06:22:42 PM

Quote from: erok on February 12, 2016, 05:53:27 PM

You here to mock or contribute? It is catagorized as FUD (by me) because of the collaborative dedicated post (this) along with a reddit post and a dedicated blog all while multiple "dev" accounts actively attacked the main SDC bitcointalk thread (simultaneously). This wasn't merely a bug bounty being collected on. There was no proof, there was just a PR FUD push that makes Monero devs look horrible.

Damn bro, are you mad? You sound mad. Grin

The mere fact an ongoing investigation was initiated demonstrates Shen deserves to be awarded the bug finder bounty.

What's the point of offering bug bounties if when they are reported the response is to deflect, spin, and prevaricate in order to avoid admitting fault and the need to reward the bounty hunter?

Furthermore, the bug bounties should be paid in Bitcoin, not BrokenCoin. Who wants ShadowTrash when it's being dumped?

Now this post solidifies the idea that it is a solid troll campaign. And no bug bounties arent handed out to people with ideas, they are handed out to people that demonstrate the ideas through proofs. And usually people don't create blogs and PR campaigns dedicated to bugs they think they found. But I have nothing to do with that so really this whole post is a troll filled non-sequitur.

But damn "bro", I am only disappointed in Monero's community and punk bitches like you. Grow the fuck up. Pulling out the "umadbro" LOL what year is it? Grin

I just ate a snickers, so I'm good now.

CONFIRMS MY TROLLING THEORY: Shen Noether has now created 3 reddit posts in 3 different subs today dedicated to this TROLLFUD. Your dev team is so professional! 100% TROLL PR. What a community of Monero trash. Can't wait for the pump and dump you are in to pull the trigger on the dumpfest. I will take losses to fuel Monero's crash and laugh the entire way down.

iCEBREAKER

legendary

Activity: 2156

Merit: 1072

Crypto is the separation of Power and State.

Quote from: erok on February 12, 2016, 05:53:27 PM

You here to mock or contribute? It is catagorized as FUD (by me) because of the collaborative dedicated post (this) along with a reddit post and a dedicated blog all while multiple "dev" accounts actively attacked the main SDC bitcointalk thread (simultaneously). This wasn't merely a bug bounty being collected on. There was no proof, there was just a PR FUD push that makes Monero devs look horrible.

Damn bro, are you mad? You sound mad. Grin

The mere fact an ongoing investigation was initiated demonstrates Shen deserves to be awarded the bug finder bounty.

What's the point of offering bug bounties if when they are reported the response is to deflect, spin, and prevaricate in order to avoid admitting fault and the need to reward the bounty hunter?

Furthermore, the bug bounties should be paid in Bitcoin, not BrokenCoin. Who wants ShadowTrash when it's being dumped?

erok

hero member

Activity: 896

Merit: 1000

Avatars are overrated.

Quote from: iCEBREAKER on February 12, 2016, 05:37:18 PM

Quote from: erok on February 12, 2016, 05:32:35 PM

Go right ahead then. De-anon something.

It's not about the ability to de-anon "something."

The problem is that *everything* (ie all ShadowTrash transactions) are not really anon.

I hope you didn't spend your fake anon coins on anything naughty! Wink

That's because you can't. Also I invest in technology, I am not in this for drugs like you probably are. I am here to help technology go forward. I myself am a HUGE fan of dual-key blockchain tech fundamentally. Which is why I was also invested in Monero and Aeon before all of this FUD (not anymore though). Best of luck but this PR FUD campaign is crap and has been handled as poorly as possible. Was good insight into the Monero community for me.

Quote from: pandher on February 12, 2016, 05:48:53 PM

Even if i am not sure about the claims made here, i find replies from apparent sdc holders hilarious. I think they do not understand software or math. Bugs do not mean the end of everything. People do not 'FUD' Bitcoin if they find a bug. This activity deserves applause and reward. But Shens claim that sdc had been public for the past year is a question on its existence

Glad I can amuse. You here to mock or contribute? It is catagorized as FUD (by me) because of the collaborative dedicated post (this) along with a reddit post and a dedicated blog all while multiple "dev" accounts actively attacked the main SDC bitcointalk thread (simultaneously). This wasn't merely a bug bounty being collected on. There was no proof, there was just a PR FUD push that makes Monero devs look horrible.

pandher

legendary

Activity: 952

Merit: 1000

Stagnation is Death

Even if i am not sure about the claims made here, i find replies from apparent sdc holders hilarious. I think they do not understand software or math. Bugs do not mean the end of everything. People do not 'FUD' Bitcoin if they find a bug. This activity deserves applause and reward. But Shens claim that sdc had been public for the past year is a question on its existence

iCEBREAKER

legendary

Activity: 2156

Merit: 1072

Crypto is the separation of Power and State.

Quote from: erok on February 12, 2016, 05:32:35 PM

Go right ahead then. De-anon something.

It's not about the ability to de-anon "something."

The problem is that *everything* (ie all ShadowTrash transactions) are not really anon.

I hope you didn't spend your fake anon coins on anything naughty! Wink

erok

hero member

Activity: 896

Merit: 1000

Avatars are overrated.

Quote from: iCEBREAKER on February 12, 2016, 05:29:22 PM

Quote from: erok on February 12, 2016, 05:21:21 PM

Quote from: iCEBREAKER on February 12, 2016, 05:06:56 PM

Quote from: ArticMine on February 12, 2016, 05:01:44 PM

Personally I believe this thread should be locked until there is a clear cut answer as to whether or not there is a fatal cryptographic flaw in Shadow Cash.

Here's your clear cut answer:

https://botbot.me/freenode/bitcoin-wizards/2016-02-11/?msg=59856660&page=3

Quote

MRL-Relay | [shen] I mean, for this one, the past year of transactions on sdc are de-anonymized, it's not like that's fixable no matter what they do now
MRL-Relay | [shen] that's the problem with having a public blockchain

That isn't proof at all. That is the guy flinging the crap reiterating the crap he "thinks". Gotta hand it to you guys though, your PR sure is organized when malicious. Too bad your community didn't try this hard for your last update.

AM asked for a "clear cut answer" not "proof."

But since you brought it up, here you go:

Quote

De-anonymizing Shadowcash

https://gist.github.com/ShenNoether/3686113566bc23bf836f

Code:

Shadow-cash

https://github.com/shadowproject/shadow/blob/682891e656b5be2c2b819aa4977aa3b7e9f3f464/src/ringsig.cpp

static int hashToEC(const uint8_t *p, uint32_t len, BIGNUM *bnTmp, EC_POINT *ptRet)
{
   // - bn(hash(data)) * G

   uint256 pkHash = Hash(p, p + len);

   if (!bnTmp || !(BN_bin2bn(pkHash.begin(), EC_SECRET_SIZE, bnTmp)))
   {
   LogPrintf("hashToEC(): BN_bin2bn failed.\n");
   return 1;
   };

   if (!ptRet
   || !EC_POINT_mul(ecGrp, ptRet, bnTmp, NULL, NULL, bnCtx))
   {
   LogPrintf("hashToEC() EC_POINT_mul failed.\n");
   return 1;
   };

   return 0;
};

https://github.com/shadowproject/shadow/blob/master/src/ringsig.cpp#L136
int generateKeyImage(ec_point &publicKey, ec_secret secret, ec_point &keyImage)
{
   // - keyImage = secret * hash(publicKey) * G

   if (publicKey.size() != EC_COMPRESSED_SIZE)
   return errorN(1, "%s Invalid publicKey.", __func__);

   int rv = 0;
   BN_CTX_start(bnCtx);
   BIGNUM *bnTmp = BN_CTX_get(bnCtx);
   BIGNUM *bnSec = BN_CTX_get(bnCtx);
   EC_POINT *hG = NULL;

   if (!(hG = EC_POINT_new(ecGrp)))
   {
   LogPrintf("%s: EC_POINT_new failed.\n", __func__);
   rv = 1; goto End;
   };

   if (hashToEC(&publicKey[0], publicKey.size(), bnTmp, hG) != 0)
   {
   LogPrintf("%s: hashToEC failed.\n", __func__);
   rv = 1; goto End;
   };

   if (!bnSec || !(BN_bin2bn(&secret.e[0], EC_SECRET_SIZE, bnSec)))
   {
   LogPrintf("%s: BN_bin2bn failed.\n", __func__);
   rv = 1; goto End;
   };

Go right ahead then. De-anon something.

LOOK WHAT I CAN DO!

Code:

Line 42: if (!(hG = EC_POINT_new(ecGrp))) //generates new generator.
Line: 48: if (hashToEC(&publicKey[0], publicKey.size(), bnTmp, hG) != 0) //passes new hG to hashToEC.
Which should result in the usage of a random new point if the code strictly does what's described here: Line 8: // - bn(hash(data)) * G

BTW I realize that this now is going to be a positive thing for shadow no matter how it ends (forkfix or not). Even though your team's PR has been dismissive of all the work SDC devs have put in and mostly derogative, the attention you have brought SDC has been fantastic. The more eyes on at this point the better. By far SDC leads through the SDT function as well as the dectralized application platform and marketplace. Thanks doods!

iCEBREAKER

legendary

Activity: 2156

Merit: 1072

Crypto is the separation of Power and State.

Quote from: erok on February 12, 2016, 05:21:21 PM

Quote from: iCEBREAKER on February 12, 2016, 05:06:56 PM

Quote from: ArticMine on February 12, 2016, 05:01:44 PM

Personally I believe this thread should be locked until there is a clear cut answer as to whether or not there is a fatal cryptographic flaw in Shadow Cash.

Here's your clear cut answer:

https://botbot.me/freenode/bitcoin-wizards/2016-02-11/?msg=59856660&page=3

Quote

MRL-Relay | [shen] I mean, for this one, the past year of transactions on sdc are de-anonymized, it's not like that's fixable no matter what they do now
MRL-Relay | [shen] that's the problem with having a public blockchain

That isn't proof at all. That is the guy flinging the crap reiterating the crap he "thinks". Gotta hand it to you guys though, your PR sure is organized when malicious. Too bad your community didn't try this hard for your last update.

AM asked for a "clear cut answer" not "proof."

But since you brought it up, here you go:

Quote

De-anonymizing Shadowcash

https://gist.github.com/ShenNoether/3686113566bc23bf836f

Code:

Shadow-cash

https://github.com/shadowproject/shadow/blob/682891e656b5be2c2b819aa4977aa3b7e9f3f464/src/ringsig.cpp

static int hashToEC(const uint8_t *p, uint32_t len, BIGNUM *bnTmp, EC_POINT *ptRet)
{
// - bn(hash(data)) * G

uint256 pkHash = Hash(p, p + len);

if (!bnTmp || !(BN_bin2bn(pkHash.begin(), EC_SECRET_SIZE, bnTmp)))
{
LogPrintf("hashToEC(): BN_bin2bn failed.\n");
return 1;
};

if (!ptRet
|| !EC_POINT_mul(ecGrp, ptRet, bnTmp, NULL, NULL, bnCtx))
{
LogPrintf("hashToEC() EC_POINT_mul failed.\n");
return 1;
};

return 0;
};

https://github.com/shadowproject/shadow/blob/master/src/ringsig.cpp#L136
int generateKeyImage(ec_point &publicKey, ec_secret secret, ec_point &keyImage)
{
// - keyImage = secret * hash(publicKey) * G

if (publicKey.size() != EC_COMPRESSED_SIZE)
return errorN(1, "%s Invalid publicKey.", __func__);

int rv = 0;
BN_CTX_start(bnCtx);
BIGNUM *bnTmp = BN_CTX_get(bnCtx);
BIGNUM *bnSec = BN_CTX_get(bnCtx);
EC_POINT *hG = NULL;

if (!(hG = EC_POINT_new(ecGrp)))
{
LogPrintf("%s: EC_POINT_new failed.\n", __func__);
rv = 1; goto End;
};

if (hashToEC(&publicKey[0], publicKey.size(), bnTmp, hG) != 0)
{
LogPrintf("%s: hashToEC failed.\n", __func__);
rv = 1; goto End;
};

if (!bnSec || !(BN_bin2bn(&secret.e[0], EC_SECRET_SIZE, bnSec)))
{
LogPrintf("%s: BN_bin2bn failed.\n", __func__);
rv = 1; goto End;
};

erok

hero member

Activity: 896

Merit: 1000

Avatars are overrated.

Quote from: generalizethis on February 12, 2016, 04:44:38 PM

Quote from: erok on February 12, 2016, 04:27:43 PM

Quote from: americanpegasus on February 12, 2016, 03:54:16 PM

I don't see what's wrong with the topic title. Based on what I can see, SDC is mathematically broken. And I urge all SDC supporters to join Monero.

Nothing malicious or hateful about that. Just an invitation to bring their talents over into our camp.

Keep telling yourself that. Ever seen the movie "Experimenter" http://www.imdb.com/title/tt3726704/ ? The human mind can convince it's self that it's actions/decisions are justified in even the most transparent situations which from an outsider's perspective could easily be translated into malicious intent/complacency of malicious acts. It's on Netflix. Recommended viewing and applicable to you/your community's actions and high road justification to the PR blasts associated with your incorrect theory.

I would apply the same concept to your claim that it is an "incorrect" theory. Shen is hardly a slouch when it comes to cryptography, so if Shen uses math to show a flaw, you better be able to disprove his claim mathematically, not with rhetoric. Not sure why there is such a do or die mentality taken by XMR or SDC supporters; if Shen is correct, then the flaw can be fixed, SDC Devs should give him a bounty, and then go about fixing it--it won't destroy the coin the way a flaw in one of the 11 algos used in Dash could, but it will leave transactions before the fix traceable. Hardly end of the world stuff.

You better prove it before anyone gives a damn. This cross reddit-dedicatedthread-sdcthread-monerothread trolling is insane even if it wasn't already proven to be a lie. You just look like children digging in the mud.

Quote from: iCEBREAKER on February 12, 2016, 05:06:56 PM

Quote from: ArticMine on February 12, 2016, 05:01:44 PM

Personally I believe this thread should be locked until there is a clear cut answer as to whether or not there is a fatal cryptographic flaw in Shadow Cash.

Here's your clear cut answer:

https://botbot.me/freenode/bitcoin-wizards/2016-02-11/?msg=59856660&page=3

Quote

MRL-Relay | [shen] I mean, for this one, the past year of transactions on sdc are de-anonymized, it's not like that's fixable no matter what they do now
MRL-Relay | [shen] that's the problem with having a public blockchain

That isn't proof at all. That is the guy flinging the crap reiterating the crap he "thinks". Gotta hand it to you guys though, your PR sure is organized when malicious. Too bad your community didn't try this hard for your last update.

iCEBREAKER

legendary

Activity: 2156

Merit: 1072

Crypto is the separation of Power and State.

Quote from: ArticMine on February 12, 2016, 05:01:44 PM

Personally I believe this thread should be locked until there is a clear cut answer as to whether or not there is a fatal cryptographic flaw in Shadow Cash.

Here's your clear cut answer:

https://botbot.me/freenode/bitcoin-wizards/2016-02-11/?msg=59856660&page=3

Quote

MRL-Relay | [shen] I mean, for this one, the past year of transactions on sdc are de-anonymized, it's not like that's fixable no matter what they do now
MRL-Relay | [shen] that's the problem with having a public blockchain

ArticMine

legendary

Activity: 2282

Merit: 1050

Monero Core Team

Personally I believe this thread should be locked until there is a clear cut answer as to whether or not there is a fatal cryptographic flaw in Shadow Cash.

americanpegasus

hero member

Activity: 770

Merit: 504

Quote from: GTO911 on February 12, 2016, 04:30:44 PM

Lock the thread AP, they are not interested

It's true, quite a vitriolic response to a pretty genuine offer, but whatever. I'll consider locking the thread 24 hours from now in order to give them time to say their peace.

generalizethis

legendary

Activity: 1750

Merit: 1036

Facts are more efficient than fud

Quote from: erok on February 12, 2016, 04:27:43 PM

Quote from: americanpegasus on February 12, 2016, 03:54:16 PM

I don't see what's wrong with the topic title. Based on what I can see, SDC is mathematically broken. And I urge all SDC supporters to join Monero.

Nothing malicious or hateful about that. Just an invitation to bring their talents over into our camp.

Keep telling yourself that. Ever seen the movie "Experimenter" http://www.imdb.com/title/tt3726704/ ? The human mind can convince it's self that it's actions/decisions are justified in even the most transparent situations which from an outsider's perspective could easily be translated into malicious intent/complacency of malicious acts. It's on Netflix. Recommended viewing and applicable to you/your community's actions and high road justification to the PR blasts associated with your incorrect theory.

I would apply the same concept to your claim that it is an "incorrect" theory. Shen is hardly a slouch when it comes to cryptography, so if Shen uses math to show a flaw, you better be able to disprove his claim mathematically, not with rhetoric. Not sure why there is such a do or die mentality taken by XMR or SDC supporters; if Shen is correct, then the flaw can be fixed, SDC Devs should give him a bounty, and then go about fixing it--it won't destroy the coin the way a flaw in one of the 11 algos used in Dash could, but it will leave transactions before the fix traceable. Hardly end of the world stuff.

GTO911

hero member

Activity: 672

Merit: 500

Lock the thread AP, they are not interested

erok

hero member

Activity: 896

Merit: 1000

Avatars are overrated.

Quote from: americanpegasus on February 12, 2016, 03:54:16 PM

I don't see what's wrong with the topic title. Based on what I can see, SDC is mathematically broken. And I urge all SDC supporters to join Monero.

Nothing malicious or hateful about that. Just an invitation to bring their talents over into our camp.

Keep telling yourself that. Ever seen the movie "Experimenter" http://www.imdb.com/title/tt3726704/ ? The human mind can convince it's self that it's actions/decisions are justified in even the most transparent situations which from an outsider's perspective could easily be translated into malicious intent/complacency of malicious acts. It's on Netflix. Recommended viewing and applicable to you/your community's actions and high road justification to the PR blasts associated with your incorrect theory.

americanpegasus

hero member

Activity: 770

Merit: 504

I don't see what's wrong with the topic title. Based on what I can see, SDC is mathematically broken. And I urge all SDC supporters to join Monero.

Nothing malicious or hateful about that. Just an invitation to bring their talents over into our camp.

erok

hero member

Activity: 896

Merit: 1000

Avatars are overrated.

Quote from: americanpegasus on February 12, 2016, 02:08:34 PM

It's interesting that there are those who would choose to automatically assume when I said 'Monero doesn't appreciate scams' that I was talking about SDC.

I went out of my way in the OP to state that there are many people, including devs, who are honest programmers involved with SDC and they are merely misguided. No, when I refer to scams I mean things like VanillaCoin, and I am damn glad we have made it clear such scamming nonsense will not be tolerated in this community.

Generalizethis wonders why even extend an open invitation to SDC at all, and it's because this: when I was coming over from Bitcoin many currencies looked similar, and SDC honestly had some very cool marketing and promises. I can see how honest and upstanding enthusiasts might have gotten involved with it but this shouldn't be a "choose wisely or die" scenario. Monero is the best digital currency today and the intention isn't to be smug about it, it's to show there's no hard feelings and our fellow colleagues are always welcome in this house.

You do realize that you titled this thread "ShadowCash is mathematically broken. I urge all SDC supporters to join Monero." right? It's too late to take the high road punk. You already tainted yourself and your project.

Gillette

hero member

Activity: 744

Merit: 500

Munero assholes have failed as failed their PR campaign to promote munero Grin

americanpegasus

hero member

Activity: 770

Merit: 504

It's interesting that there are those who would choose to automatically assume when I said 'Monero doesn't appreciate scams' that I was talking about SDC.

I went out of my way in the OP to state that there are many people, including devs, who are honest programmers involved with SDC and they are merely misguided. No, when I refer to scams I mean things like VanillaCoin, and I am damn glad we have made it clear such scamming nonsense will not be tolerated in this community.

Generalizethis wonders why even extend an open invitation to SDC at all, and it's because this: when I was coming over from Bitcoin many currencies looked similar, and SDC honestly had some very cool marketing and promises. I can see how honest and upstanding enthusiasts might have gotten involved with it but this shouldn't be a "choose wisely or die" scenario. Monero is the best digital currency today and the intention isn't to be smug about it, it's to show there's no hard feelings and our fellow colleagues are always welcome in this house.

bangomatic

legendary

Activity: 1246

Merit: 1000

ARK Team likes to ban and delete posts in reddit.

Quote from: Wheatclove on February 12, 2016, 11:01:55 AM

Nobody has been able to use the aforementioned "faulty code" to deanonymize an actual transaction.

Don't hold your breath.

^^ Although the SDC Dev Team is taking this seriously, and testing is still ongoing.

Whether or not a bug is found, scrutiny only makes the SDC stronger and better. So thank you for that!

erok

hero member

Activity: 896

Merit: 1000

Avatars are overrated.

Quote from: iCEBREAKER on February 12, 2016, 01:34:45 PM

Quote from: GTO911 on February 12, 2016, 09:49:43 AM

I dont think sdc guys are fit for Monero, they wouldnt have chosen a shit project in the first place.

Let's be nice and assume at least some of the SDC guys are just ignorant, greedy children/teens/undergrads.

They can learn from this teachable moment, where SDC's bad crypto was broken by Monero's mysterious master of cryptography.

In the best cases, former ShadowCoiners will be inspired to take a lifelong interest in better ascertaining what distinguishes legitimate coins from shit projects.

We have plenty of room for everyone on Monero Mountain. As long they're not DashHoles. Cheesy

That first line: Is incredibly presumptuous and insulting... which is delicious to me. You stink of desperation.
Second carriage returned line (lols): A flat out lie.
Third line: You are confused and I will let that go. Noone has been affected by your dev's fud.
Fourth line: I completely agree with except you Moonero'ers are just as bad if not worse and it's amazing you don't see it.

Topic: ShadowCash is mathematically broken. I urge all SDC supporters to join Monero. - page 3. (Read 7970 times)