Pages:
Author

Topic: Which currency should I use to stay anonymous? (Read 3419 times)

member
Activity: 101
Merit: 10
January 29, 2016, 05:01:30 AM
#52
Bitcoin.

There are helpfull mixing services to move coins privately. Some guy from the US is currently checking out how to move 13000 BTC and getting away with that.
I saw reports that the 13,000 bitcoins were not moved for abut 2 years. It is quite strange. Somebody should build a good mixer for that.
sr. member
Activity: 308
Merit: 250
Same question bothering me !
Communities leaders are fighting among themselves..
SDC or MONERO or DASH or?
legendary
Activity: 3500
Merit: 6981
Top Crypto Casino
Bitcoin.

There are helpfull mixing services to move coins privately. Some guy from the US is currently checking out how to move 13000 BTC and getting away with that.
This.  Plus in person cash money is always a good way to stay anonymous (at least from government eyes, and even then only most of the time).  If you need to buy something over the internet, definitely cryptocurrency.
sr. member
Activity: 420
Merit: 262
Other than the prior post, the Zerocash forum has begun removing and censoring my posts. So yet another attempt to pull the wool over speculator eyes and not open source on factual discussion.

So many deluded folks in crypto who get offended when they realize they aren't even close to understanding all the issues I understand about crypto currency, and the ramnifications that their projects are ill-focused and not ready for prime time.
sr. member
Activity: 420
Merit: 262
I have made the following post to create the thread entitled "Fundamental Challenges?" at the Zerocash forum which is currently hidden there awaiting approval from the forum moderator:


Quote from: myself
I am Shelby Moore III, also known as "AnonyMint" at the Bitcointalk.org (BCT) forum where I was an early proponent of anonymity in 2013. My analysis is watched by many 100s if not 1000s of readers at the BCT forum. My current username there is "TPTB_need_war". I have invented some zero knowledge cryptography (combining Cryptonote one-time ring signatures with the Compact Confidential Transactions for homomorphic value hiding). Roughly a couple of months ago, I abandoned that invention and proclaimed that all anonymity designs were future[futile] except for Zerocash, because the meta-data correlation problem was insoluble (impractical for mere mortals to work around on a regular basis).

However, I still see fundamental problems in the Zerocash direction and I am proposing at least one solution. I would urge the developers to read the following threads (especially from the linked posts forward) and please respond here or there to the major issues discussed.

https://bitcointalksearch.org/topic/m.13619905

https://bitcointalksearch.org/topic/m.13619903

I presume you know how to click the quotes in posts to venture off to the source threads from whence they originated in order to find all the discussion that has transpired today.

Note there are even legal criticims of the conjectured ROI model of Zerocash (z.cash). Hopefully you can address those as well.

Be forewarned you are will descend into a hornet's nest of ad hominem and speculator turf battles noise interleaved with attempts to stay on technical focus.
sr. member
Activity: 420
Merit: 262
One more point I considered in my holistic analysis is that for most transactions we can't be anonymous. Thus anonymity is more suited to those who want to receive some payment anonymously and hide the funds there and extract them only to public funds in small morsels or to spend in other rare anonymous transactions (e.g. buying some gold bars from someone you trust won't reveal your identity).

In that case one might think you can just use Stealth Addresses (unlinkability) and run a full node to confirm receipt of funds anonymously. No need for Cryptonote, RingCT, nor ZeroCash. But the problem is the payer can be identified and be pressured to reveal your identity.

So this is why we need Zerocash to make the untraceability impervious to meta-data correlation.

But the problem with my proposal for ephemeral Zerocash mixers is that when we take the coins out of the mixer they can now be correlated to our meta-data (e.g. IP address, etc). So thus it seems to hide large funds and only take out small portions publicly as needed, will incur risk of losing those coins in my proposal, but at least they will be provably anonymous.

Anonymity is a clusterfuck. If we can't make trusted hardware, then anonymity is unprovable. Period.

So just give up on anonymity, or get busy trying to make hardware we can trust?

(or if Zerocash has developed a provably secure way to generate a master public key, which I doubt)
sr. member
Activity: 476
Merit: 250
This is tricky question?!
Did anyone compare those coins , speed , stability of network, inflation, best annon system..Can we have here consensus?
Voting? Which coin is better?
sr. member
Activity: 420
Merit: 262
A for-profit coin company, i dont care what they make, iwill never trust them.

Agreed that is the opportunity to beat them by open sourcing their code. But you will also need my block chain technology to make the big win.

moreover RingCT will move Monero closer to Zcash

Sorry no. It is still not immune to meta-data and the theoretical combinatorial analysis. Not reliable. Not realistic.

We need to move forward. It is up to you, I know my thinking and priorities on this matter.


A for profit company with closed source code controlling the initial key for a zerocash like currency is a regulatory nightmare.

No closed source. The key would be produced publicly at a ceremony.



Would this metadata and combinatorial analysis hold even if mixin 10 was a default on all tx's?

The meta-data (e.g. IP address, browser cookie, timing analysis and location of connection, what you said in facebook or on the phone, etc) correlation problem isn't likely impacted no matter how many times or inputs you ring mix. It is very difficult for mere mortals to cover their tracks on all the possible meta-data correlations. It is unfathomably difficult. Don't fool yourself into thinking it isn't.

The combinatorial analysis flaw (which I introduced to smooth during the BCX incident and hence followed up in debate with Shen-noether) is very theoretical and may or may not be plausible. In my thinking, it comes more into play if combined with meta-data breakdown of the anonymity systemically. Mixing more may help somewhat, but it can also make it worse because it is the excessive overlapping in mixes that causes the combinatorial unmasking.

In short, it is a clusterfuck (not a clean, clear, provable solution) and that is why I abandoned it.



...
All miners will have to register as money transmitters under FinCEN regulations, same as the issue for Dash masternodes. There has seriously bad implications in their investment strategy. But their code and developers are valuable. The investors can probably recover their money on the initial IPO. They should IPO the damn thing and do it legally and not mess with this "master of the universe" idea above.

I am contemplating contacting them, but I need to think through their economic options. It may be impossible to get them to do the right thing.

But they could definitely benefit from my endorsement in an IPO. A legal IPO! As well, they could benefit from my block chain tech.
...

Miners do not have to register as MSBs. Please read the guidance. https://www.fincen.gov/news_room/rp/rulings/html/FIN-2014-R001.html The jury is very much out on Dash masternodes. How will the investors recover the funds from an IPO? If it is by emission then the IPO company is an MSB in the United States.

My interpretation of FinCEN guidance is miners would have to register as MSBs if they are forced to transfer some of the coinbase to some other party. Just because it is enforced by the protocol, doesn't absolve the miner from (the legal culpability of) creating the block which created new supply and transferred it to a third party.

Disclaimer: IANAL.



I hate when n00bs make me repeat the same shit over and over and over again. Do you think my time is free?

The masterkey has to be produced in a way that no one knows it. The proposals had been to use a public ceremony and a computer examined by everyone attending, to be sure the masterkey is unknown to anyone.

Note if the masterkey is known, that person can create coins out-of-thin-air, but he can't unmask the anonymity. That is a crucial distinction.

This is why I proposed the idea of using Zerocash as a mixer that eventually times out, so that we can be sure the mixer hasn't created any new coins. Everyone going into the mixer takes the risk that they may not be able to come out of the mixer if the attacker has already created coins. Then we could have many of these mixers in a free market, and users would decide which mixers they trust. Again anonymity is never compromised and the run on the bank can only be a loss to participants, not to the entire ecosystem. I am pretty sure this solves the problem and this is why we can take their open source and beat them.

I am loaded with ideas and designs to solve real problems in crypto. Hopefully some smart devs are going to realize they are better off working with me.

I am aware of that. However, for an stand-alone altcoin creating coins out-of-thin-air is just as detrimental as unmasking the anonymity, because both will likely result in the coin dying.

I already proposed a solution in my prior reply to you that is using their technology in ephemeral mixers, which thus avoids systemic risk and reveals which mixers are compromised (which is likely to be quite rare because participants will learn to judge which masterkeys were generated correctly at ceremony).

Free markets always work best as long as systemic risk is avoided.


RingCT has the same problem. I explained in I believe both the chess thread and my Zero Knowledge Transactions thread. This is another reason I abandoned it (in addition to the inability to get reliable anonymity since it doesn't hide meta-data the way Zerocash/Zcash does).


No it doesn't, because coinbase transactions are mixin = 0 in Monero and therefore you can check if the total supply hasn't been tampered with.

Wrong! Wrong! Wrong! Exemplifies that you are a n00b who should STFU.

If there is a flaw in the cryptography for proving the homomorphic sums (and that is new cryptography), then indeed the attacker can create new value out-of-thin-air and not be detected. I am not going to explain the examples and math again. I already did in the past. Go ask Shen-noether.

You should have paid attention the last time I explained this! You always want to use me but then you don't respect me enough to reward me[1] and then you expect me to correct for your inability to study and remember my posts carefully.

I don't think you should bet against them, because Zerocash has anonymity and nothing else does! The community will make sure it is peer reviewed. We must. You had better start figuring out how to transition and pronto.

I don't say I do. eb3f stated on reddit the following: "Monero uses ring signatures, as you may know, which is battle-tested and well-understood in the cryptography world and in practice". Even with community review it will take a long time to get to this state. I also don't agree with bolded here, but I won't go on a back-and-forth discussion with you over that.

Again my point is that you could have the safest snot in the world, but if people can't use snot for anything, then they are going to put their energies into perfecting and peer reviewing what they need.

Seems you all often miss the points entirely. They fly right over your heads.

I do agree that the new cryptography for Zerocash and zk-snarks is more complex than the new cryptography for homomorphic proof-of-sums for RingCT (or my ZKT), but I don't think that helps given the meta-data problem for RingCT/ZKT/Cryptonote (and every anonymity technology other than Zerocash). What is the point of pursuing a direction which is known to be unreliable and fundamentally flawed (in a way that can never be fixed), when we can pursue a direction that fixes the meta-data problem and is a matter of convincing whether the technology is sound with much peer review. Certainly the peer review can be done over time, and probably incentivized if the technology has a popular application.

I'll let others which are more knowledgeable comment on the metadata.

Please don't tell me I will have to waste more of my time defending an obvious point (for anyone who has the slightest technological understanding).

I am frustrated how much fucking time we waste. You all have been convincing yourselves in your little delusions for years of what ever circle jerk bubbles you prefer to be in (which often include ridiculing/dismissing me).

Edit: correction:

[1] I was rewarded by smooth, jl777, and rpietila. Big thanks to them. Very much so. I am just frustrated because I need a viable financial direction and we need to work smart and find a way that we can make these matters work in our favor. And I am trying to find people who value me and find a way to get it done.



...

No closed source. The key would be produced publicly at a ceremony.
...

Using what operating system and firmware?

Of course they will need to convince the public the master key is sound. Or use my idea above of having multiple mixers and timing them out. I believe there is a solution, yet I will agree the current organization of their plans seems legally and structurally flawed.

That is why I say we can transition and beat them. But the technology is real anonymity. If you want real anonymity, you have to find a way to use their technology. Period. (and I have been studying this for a long time)

This does not answer my question which is cut and dry and goes to the heart of the trust issue.

If you apply that line of thinking, then every anonymity is insecure because operating systems and computers are never 100% secure.

I already proposed how to spread the risk out and make it non-systemic.

Note that Monero (Cryptonote one-time rings and every other kind of anonymity technology) also has systemic risk due to combinatorial analysis cascade as more and more users are unmasked with meta-data and overlapping mixes.



...

No closed source. The key would be produced publicly at a ceremony.
...

Using what operating system and firmware?

Of course they will need to convince the public the master key is sound. Or use my idea above of having multiple mixers and timing them out. I believe there is a solution, yet I will agree the current organization of their plans seems legally and structurally flawed.

That is why I say we can transition and beat them. But the technology is real anonymity. If you want real anonymity, you have to find a way to use their technology. Period. (and I have been studying this for a long time)

This does not answer my question which is cut and dry and goes to the heart of the trust issue.

If you apply that line of thinking, then every anonymity is insecure because operating systems and computers are never 100% secure.

I already proposed how to spread the risk out and make it non-systemic.

Note that Monero (Cryptonote one-time rings and every other kind of anonymity technology) also has systemic risk due to combinatorial analysis cascade as more and more users are unmasked with meta-data and overlapping mixes.

Proprietary software solutions have by their very nature a centralized systemic risk that Free Libre Open Source software solutions do not. The type of risks you describe in Monero are trivial compared to the risk of the DRM in the operating system used to generate master key in a centralized proprietary solution such as the one you propose. Furthermore I still do not have an answer to what is a straight forward yes or no question.  

The masterkey is generated once and only the public key is retained. As long as no one saw nor can recover the private key before it was discarded, then there is nothing proprietary remaining in the use of the Zerocash open source. The Zerocash open source code requires a public key to be pasted in. It is the public (ceremony) generation of that key, which determines whether anyone had access to the private key when the public key was created.

DRM has nothing to do with it all. Thus I assume you don't understand the issue.

The only issue is whether the public key can be computed at a public ceremony and the private key was securely discarded. So for example, they could use any computer, encase it in lead before running the computation, and no external connection to the computer other than the screen which reads out the public key.

Then slide the computer into a barrel of acid so that it is permanently destroyed. All done at a public ceremony so there can be no cheating.

Of course one could envision elaborate/exotic means of cheating, such as using radio waves to communicate the private key out to external actor, but again that is why I wrote encase it in lead. There is the issue of how to destroy it while not momentarily removing it from its communication barrier. But I am confident these physics issues can be worked out to a sufficient level of trust.

As for trust, not even the Elliptic Curve Cryptography and other math we use for crypto can be 100% trusted. So if you start arguing silly about 100% trust, then it is safe to ignore as loony.

...
I am imagining that the type of people designing such a technology would do better than generate a masterkey on Windows et al. I'm actually imagining purpose-built, auditable software and maybe even hardware.

Auditable by whom?

It comes down to Free Software vs Proprietary software. The same is true for the hardware. There is a reason why my question is being avoided here.

By the attendees of said masterkey-generation ceremony.

Actually by anyone who uses the currency. The role of the attendees is to verify that all the software has not changed between what was used and what is released to the public.

Edit: The minute one tries to protect "intellectual property" at any level the trust is gone.

FUD. The ceremony is only to computer a public key, nothing else. No other software has to be audited. Only need to confirm that the private key was not communicated from the computer to any one. Period.



...
FUD. The ceremony is only to computer a public key, nothing else. No other software has to be audited. Only need to confirm that the private key was not communicated from the computer to any one. Period.

How do you know that the public key you see on the screen is the one that was computed and not one that was pre computed before the computer was "placed in lead"?

Edit: DRM in the OS has everything to do with this since it is the perfect place to hide the private key. That is what DRM is designed to do hide private keys.

The hardware has to be audited. But we also have to audit our hardware that we use to run Cryptonote. If Intel is planting spies in the hardware, then we are screwed.

100% trust is impossible. And this is another reason I deprioritized anonymity. It is a clusterfuck.

Also I think perhaps Zerocash was working on a way to generate the public key decentralized, but I haven't kept up with progress on that.

Indeed Zerocash could end up being a Trojan Horse (a way to get fiat in the back door) and that is why I made my proposal to use them only as ephemeral mixes that die periodically, so then we will know if the key was compromised or not.

The result of my proposal is:

  • Stolen coins isn't systemic to the overall coin (same as losing some coins to Mt. Gox and Cryptsy isn't), and at least participants get ongoing ceremonies to get better and better at auditing the hardware.
  • No anonymity is ever lost.
  • No NET coin supply is ever created out-of-thin-air (instead some people lose coins if they chose an insecure mixer that had a compromised key), which is also the case for both Zerocash and RIngCT where coin supply could be created out of thin air and we would never know it due to a bug in cryptography.

That will kick ass on Monero, because if I pass through the mixer, I know my anonymity is provable and I know I didn't lose my coins. It is only people who still sitting inside the mixer who risk losing coins. Everything has a risk. I would much rather the microscopic risk of a compromised key (causing me to lose some coins) to the sure risk of meta-data correlation in Monero which can send me to jail! Surely I would be judicious about not mixing all my coins at the same time and not all in the same mixer.



TPTB said that not even math can be trusted 100%, then how can we put 100% trust on any device for fair start of a trustless currency

If can't trust the math, throw Monero in the garbage can too.

My point is that nothing is 100%. We have to weigh the reasonable risks and benefits.



Quote
But I am confident these physics issues can be worked out to a sufficient level of trust.

Only need to confirm that the private key was not communicated from the computer to any one.

I find this kinda weak against your general absolutism. "So Simple Yet So Complex".


After all, what stops all 3 letter agencies, who can own blockchains and can do analysis and attacks etc, to stage the whole thing? Will i be allowed to check that computer?

I mean, i have near to zero understanding of cryptography, but your search for the perfect/ideal solution looks like making you ready to take a huge and dangerous bet.  

I proposed ephemeral mixers based on Zerocash technology. They will be ferreted out if they are doing this, because it will be known that the key was compromised when the mixer expires and everyone has to cash out of the mixer back into the public coin. The bastards can't keep doing it over and over again. The participants will get wise as to the methods the attackers are using.

I am not absolutist. Rather I think correctly and realistically when I weigh marketing, tradeoffs, and delusion as follows:

That will kick ass on Monero, because if I pass through the mixer, I know my anonymity is provable and I know I didn't lose my coins. It is only people who still sitting inside the mixer who risk losing coins. Everything has a risk. I would much rather the microscopic risk of a compromised key (causing me to lose some coins) to the sure risk of meta-data correlation in Monero which can send me to jail! Surely I would be judicious about not mixing all my coins at the same time and not all in the same mixer.

Marketing and design are holistically joined at the hip. Those fools who said the marketing can come later are clueless.



DRM has nothing to do with it all. Thus I assume you don't understand the issue.

You are not giving him due credit. (AM is not a typical BTCT slouch.)  It is an allusion to "reflections on trusting trust" https://www.ece.cmu.edu/~ganger/712.fall02/papers/p761-thompson.pdf

I think I did correct my myopia in the subsequent reply to him. And I think the points reached sort of a stalemate. I don't dismiss his point, but if that white paper above is our concern, then none of the software we use is trustworthy. Okay I understand the point that doing something once and we all have to rely on that, is different than we all each download our software and run diverse hardware. But is it? Seems we all are running the hardware made by Intel and all the download links run through routers controlled by TPTB.

So all-in-all, I accepted his point. I think anonymity is a clusterfuck. Given the way Zerocash's forum treated me (they removed all my posts after they realized I was explaining serious flaws and challenges), I don't expect any success from them either.

I'd like to move on away from anonymity. Maybe one day in the future we could make some mixers based on Zerocash (long after their effort has faded into the dust) and maybe use it for some few esoteric uses for anonymity. But reliable anonymity on a widescale is unfortunately a delusion that even I had to finally come to grips with. Sad to say.

As for unreliable anonymity, I can do that now with Bitcoin. I just go use an unregistered wireless network connection. Eventually that will be impossible, but for now it is available in some jurisdictions.

If someone could identify a use for ring mixing that applied to businesses who don't mind if the NSA is tracking their privacy, then perhaps I could be convinced there is a market. But as I wrote before, the NSA has employees and those employees can't be trusted to not sell your privacy to your competitors. Corruption is the rule, not the exception. A mouse will always eat the cheese.

I start to comprehend now how it might be true when Martin Armstrong says we might descend into a Dark Age.

The only way I can think to fight back now is go for popularity and control in the hands of the people. Win the political war.



Is there a better alternative for anonymous transactions currently working and available?

There is nothing available for reliable anonymous transactions. For unreliable anonymity, I might as well just use Bitcoin and jump over to my local McDonalds on the unregistered WiFi connection. So yes there is a better alternative, Bitcoin. And it is more widely accepted.

I would not entrust not receiving jail time on the assumption my meta-data can't be correlated, neither with Monero nor Bitcoin. The only anonymous things I would do would be legal things I want to hide from for example the public, but not from the NSA (and the employees of the NSA). In that case, I can do this reasonably well using Bitcoin.

I can't make the sources of my transaction untraceable with Bitcoin (unless I use some unreliable mixer, CoinJoin, or CoinShuffle), i.e. if someone wanted to premine and then make it impossible to connect them to the premined coins. So maybe we can argue that Cryptonote/Monero would help people who want to create scams. But decentralized exchanges might accomplish the same (not sure about that yet, still analyzing them).

In short, I just can't see what is the large market for this unreliable anonymity in Cryptonote as compared to the unreliable anonymity in Bitcoin?

Hey I am not happy it worked out that way. As much as I don't like the boastfulness of some Monero's community (not all the devs), I still would prefer if anonymity was realistic. I am saddened. And especially pissed off to have expended so much effort on anonymity and not have realized sooner.

Actually the market for Monero might be criminals. They may have the incentive to study how to guard their meta-data and willing to take the risk on the combinatorial unmasking (since a criminal mind seems to ignore the prospect of jail time). But they need to be mixed with regular users, otherwise their anonymity sets may not be large enough. I don't want to be in a project who sole main use case is criminals.

Please confine yourself to that question.

Hitler claiming to support Libertarian principles (e.g. anonymity).  Cheesy

Have you ever heard of the concept of respecting the freedom of others. I am flabberghast that you think you can tell me what I can write about. Do I tell you what you can write about.
sr. member
Activity: 420
Merit: 262

Okay so this is not http://z.cash (which is the inferior zerocoin) and apparently is the real Zerocash! Wow. I am happy to see this in open source. Real progress at last. Maybe this is the reason for the dump of Monero?

I am happy to see this because I want to use something like this and also because I do not expect them to get the details correct on mining (no one has yet!). So there will be an opportunity to integrate this open source into a better block chain.

Major opportunities right now in crypto. Pick who you want to work with and pick carefully. I am looking for a few good men.

Okay so this is not http://z.cash (which is the inferior zerocoin) and apparently is the real Zerocash!

They are the same

Quote
The Zerocash protocol is being developed into a full-fledged digital currency, Zcash.

I don't know what happened. Last time I thought I loaded that page, I was looking at two young developers one of which was Asian. I need to sort out my confusion. I am very perplexed as to what I accidentally loaded last time.




This is what I had seen before and I have no idea why the wires in my brain crossed and throught it was z.cash I had recently view before (perhaps I am just overloaded with so many technical issues in my mind at the moment and I just woke up). Apologies for the unnecessary noise due to my error.

Zerocoin implementation that is supposed to launch early this year:
http://moneta.cash/technology.html
https://github.com/MonetaOfficial/moneta

I think it is basically a rebranded version of Zerovert, which was a closed-source implementation released last year. One of the creators is one of Matthew Green's former students.

That is Zerocoin, not Zerocash. Zerocoin is a mixer only for sending coins to your self and delinking, thus it is subject to all metadata correlation breakage the same as for Monero (Cryptonote coins and ShadowCash and everything else!).

Only Zerocash hides everything and thus is immune to metadata correlation. Zerocash mints zerocoins (which are not the same as the coins in Zerocoin). Zerocoin was created by some of the same people who created Zerocash, but they are totally different technologies. Zerocash is much more powerful anonymity because all the coins and all the actions (e.g. transfer payment to another) are totally hidden in one big blob.

With that being said, it's still unproven technology, and I think there are some issues with launching the currency in a trustless manner, so for now Monero is probably most bestest.

It is not even clear if Zerocash will work in a real world implementation for scalability and DDoS reasons (and maybe other issues).

But none of that absolves the fact that Monero is fundamentally (mostly) useless for the reasons I stated upthread.



A for-profit coin company, i dont care what they make, iwill never trust them.

Agreed that is the opportunity to beat them by open sourcing their code. But you will also need my block chain technology to make the big win.

moreover RingCT will move Monero closer to Zcash

Sorry no. It is still not immune to meta-data and the theoretical combinatorial analysis. Not reliable. Not realistic.

We need to move forward. It is up to you, I know my thinking and priorities on this matter.
hero member
Activity: 770
Merit: 504
@rusty, if shadow succeeds it will be in spite of better tech from Monero and a better distribution method. 
 
So it will be due to auxiliary programming (mobile apps) and hyper-slick marketing.  Those are both things we could use over in the Cryotonote camp, which is why I've entreated the Shadow kids to come and play at our house. 
 
I haven't written shadow off as a coin, but I have written it off as a serious long term solution.  It will take a Herculean effort to supplant Bitcoin, and the crypto enthusiasts of the world cannot afford to be bickering about which particular anon solution is the best - uniting to strengthen the best implementation (Cryptonote) is the best way forward. 
 
Why are people involved with ShadowCash?  They want to early adopt and get rich?  Well that's us. 
You are an idealist who wants to bring the future of advanced private money to the Internet?  Well that's us: we just don't have the same slick branding (yet). 
 
There is no reason for ego to cloud the issue - the talent in this space must come together behind Cryotonote tech in order to position it as a global standard.  Hopefully in time other altcoin devs and enthusiasts will agree.
legendary
Activity: 1624
Merit: 1000
https://bata.io
Check this out:

https://minkiz.co/dashboard/anoncoins


Then research the various methods of Anonymity.

I wonder if there ever has been a test to prove which is the best decentralized way of staying anonymous.

When all else fails in authoritarian countries, like China, as one chinese person stated, I2P does not.
legendary
Activity: 2968
Merit: 1198
Shadow has a similar level of anonymity as cryptonote coins without the bloat and scaling problems that they have.

That's second part is nonsense. It uses the same methods and has the same bloat and scaling problems (assuming they are actually problems that aren't solved by ongoing improvements to technology), albeit with reduction in signature size by a bit less than a factor of two.


Is it?  Shadow blockchain is about 400mb.  How does that compare to Monero and Aeon?  

The difference is all about usage. There is no scaling/bloat advantage to Shadowcash other than the LLW signatures that are less than a fixed factor of two smaller on large mix factors.

EDIT: Oh and I forgot, Shadow uses 1235 denominations instead of 123456789 so there are more signatures needed for most payments. That should somewhat offset the LLW and leave the two almost identical in size.

So for the same size tx Shadow will have a larger mixing set size giving it better anonymity.

No. The LLW signatures reduce the tx size but the reduced denomination set increases it. Probably ends up the same or larger.

Quote
And how large is the Monero blockchain?

2-3 GB I think. The difference is accounted for by higher usage, not any difference in the technology.


Is that higher usage in Monero is mainly made up of small mining tx or dust?

There is a combination. I don't know what they are necessarily (and it wouldn't be a very anonymous coin if I did!).

Realistically Monero has been a top 20 coin for almost its entire lifetime and has had a good volume of trading on multiple exchanges (current daily volume $71000) along with some other activity, so it isn't surprising that it would have much more transaction activity than SDC (currently #55, daily volume $824). Seems obvious to me.

There was also a bug in the pool that was fixed in 2014 and spammed some crap on the chain, but that doesn't matter going forward.

Quote
Monero 2-3 GB vs Shadows 400MB.  I would think that it is a difference in technology as to why Shadows blockchain is so much smaller, POS rather than POW, without even taking into account of the reduced ring sig size by a factor two.

As I already explained the ring size does not yield a significant size benefit because it is offset by the small set of denominations, so you need more signatures even if each is smaller. That does not explain the difference in chain size.
hero member
Activity: 725
Merit: 501
Boycott Qatar 2022
Shadow has a similar level of anonymity as cryptonote coins without the bloat and scaling problems that they have.

That's second part is nonsense. It uses the same methods and has the same bloat and scaling problems (assuming they are actually problems that aren't solved by ongoing improvements to technology), albeit with reduction in signature size by a bit less than a factor of two.


Is it?  Shadow blockchain is about 400mb.  How does that compare to Monero and Aeon?  

The difference is all about usage. There is no scaling/bloat advantage to Shadowcash other than the LLW signatures that are less than a fixed factor of two smaller on large mix factors.

EDIT: Oh and I forgot, Shadow uses 1235 denominations instead of 123456789 so there are more signatures needed for most payments. That should somewhat offset the LLW and leave the two almost identical in size.

So for the same size tx Shadow will have a larger mixing set size giving it better anonymity.

No. The LLW signatures reduce the tx size but the reduced denomination set increases it. Probably ends up the same or larger.

Quote
And how large is the Monero blockchain?

2-3 GB I think. The difference is accounted for by higher usage, not any difference in the technology.


Is that higher usage in Monero is mainly made up of small mining tx or dust?  Monero 2-3 GB vs Shadows 400MB.  I would think that it is a difference in technology as to why Shadows blockchain is so much smaller, POS rather than POW, without even taking into account of the reduced ring sig size by a factor two.
legendary
Activity: 2968
Merit: 1198
Shadow has a similar level of anonymity as cryptonote coins without the bloat and scaling problems that they have.

That's second part is nonsense. It uses the same methods and has the same bloat and scaling problems (assuming they are actually problems that aren't solved by ongoing improvements to technology), albeit with reduction in signature size by a bit less than a factor of two.


Is it?  Shadow blockchain is about 400mb.  How does that compare to Monero and Aeon? 

The difference is all about usage. There is no scaling/bloat advantage to Shadowcash other than the LLW signatures that are less than a fixed factor of two smaller on large mix factors.

EDIT: Oh and I forgot, Shadow uses 1235 denominations instead of 123456789 so there are more signatures needed for most payments. That should somewhat offset the LLW and leave the two almost identical in size.

So for the same size tx Shadow will have a larger mixing set size giving it better anonymity.

No. The LLW signatures reduce the tx size but the reduced denomination set increases it. Probably ends up the same or larger.

Quote
And how large is the Monero blockchain?

2.4 GB. The difference is accounted for by higher usage, not any difference in the technology.
hero member
Activity: 725
Merit: 501
Boycott Qatar 2022
Shadow has a similar level of anonymity as cryptonote coins without the bloat and scaling problems that they have.

That's second part is nonsense. It uses the same methods and has the same bloat and scaling problems (assuming they are actually problems that aren't solved by ongoing improvements to technology), albeit with reduction in signature size by a bit less than a factor of two.


Is it?  Shadow blockchain is about 400mb.  How does that compare to Monero and Aeon?  

The difference is all about usage. There is no scaling/bloat advantage to Shadowcash other than the LLW signatures that are less than a fixed factor of two smaller on large mix factors.

EDIT: Oh and I forgot, Shadow uses 1235 denominations instead of 123456789 so there are more signatures needed for most payments. That should somewhat offset the LLW and leave the two almost identical in size.

So for the same size tx Shadow will have a larger mixing set size giving it better anonymity.

And how large is the Monero blockchain?
legendary
Activity: 2968
Merit: 1198
Shadow has a similar level of anonymity as cryptonote coins without the bloat and scaling problems that they have.

That's second part is nonsense. It uses the same methods and has the same bloat and scaling problems (assuming they are actually problems that aren't solved by ongoing improvements to technology), albeit with reduction in signature size by a bit less than a factor of two.


Is it?  Shadow blockchain is about 400mb.  How does that compare to Monero and Aeon?  

The difference is all about usage. There is no scaling/bloat advantage to Shadowcash other than the LLW signatures that are less than a fixed factor of two smaller on large mix factors.

EDIT: Oh and I forgot, Shadow uses 1235 denominations instead of 123456789 so there are more signatures needed for most payments. That should somewhat offset the LLW and leave the two almost identical in size.
hero member
Activity: 725
Merit: 501
Boycott Qatar 2022
Shadow has a similar level of anonymity as cryptonote coins without the bloat and scaling problems that they have.

That's second part is nonsense. It uses the same methods and has the same bloat and scaling problems (assuming they are actually problems that aren't solved by ongoing improvements to technology), albeit with reduction in signature size by a bit less than a factor of two.


Is it?  Shadow blockchain is about 400mb.  How does that compare to Monero and Aeon? 

So while Monero investors are waiting on new technology to be invented the Shadow project will continue powering ahead.  Its too bad that the Monero devs are better at writing in forums than writing actual code.


@americanpegasus
While I agree with a lot that you have said earlier and I admire your enthusiasm and vision, I wouldn't be so quick to write Shadowcash off.
legendary
Activity: 2968
Merit: 1198
Shadow has a similar level of anonymity as cryptonote coins without the bloat and scaling problems that they have.

That's second part is nonsense. It uses the same methods and has the same bloat and scaling problems (assuming they are actually problems that aren't solved by ongoing improvements to technology), albeit with reduction in signature size by a bit less than a factor of two.

full member
Activity: 212
Merit: 100
It doesn't matter what most people prefer; the sheep follow the shepherd, and the shepherds follow the wisemen.  
  
Privacy isn't some add-in feature of money; it's a primary requirement.  Bitcoin is not digital cash - it is a large public ledger, but not true digital cash.  The world will need true digital cash, and its usage will slowly leak into the real world until the leak becomes a stream, and the stream becomes a deluge.  
  
The 'sheep' will use cryptocurrency once it becomes a baked-in, easy to use feature of their smart phones.  They tolerate Facebook because Facebook is not their life; don't be a dolt.  Facebook is a carefully curated portrait of their life they use to advertise how happy and intelligent they are (well some do - others just whine).  The point is that if all the other activity of these people's lives were being broadcast onto Facebook along with their careful facade they would most *certainly* care.  
  
Bobby sure as hell doesn't want the world to know he is cheating on his spouse and buying presents for his sidechick at Victoria's Secret.  
Joe doesn't want the world to know he subscribes to a lesbian peeing website.  
John is transitioning to be a girl and doesn't want his family to know he makes extra money as a crossdressing cam girl.  
  
Humanity is basically a nest of taboo and dirty secrets - and those secrets need privacy to protected.  The shiny photos of a couple on vacation smiling is just once side of a very complex life cube.    
  
But think it's just about dirty secrets?  Think again.  Everyone demands some measure of privacy, and requires private space: both personal and financial.  You can see the push-back against Windows 10 as Microsoft collects mass data even for supposedly benign purposes.  The geeks might not be the mainstream, but they sure as hell influence which products ascend to the mainstream, and a DOA solution won't be the one that gets the nod.  As always, those same people that happily don't care who browses their Facebook data still would flip their shit if their friends could browse their credit card transactions. 
 
It gets bigger though, and as Monero and Aeon get large enough for corporate and government use, these factors will come into play as well.  
  
IBM doesn't want Google to know what companies it is ordering quantum computing components from.  
The USA doesn't want Saudi Arabia to know it has struck a secret oil contract with Iran.  
Goldman Sachs doesn't want Chase to know it has placed a hefty market bet against oil futures either.  
  
And all these people: Joe, Bobby, John, IBM, and the USA... they won't use "ShadowCash".  
  
So Shadowcash will have a maximum market 'cap' of perhaps a handful of million dollars.  Maybe it can grow to be a billion dollar crypto if the rest of the cryptouniverse succeeds.  But the real growth and opportunity?  That's in Aeon and Monero.    
  
Superior technology leads to speculation.  Successful speculation leads to goods and services being offered natively.  That leads to a functioning economy.  And once that reaches a certain size, institutional reserves become a factor.  
  
Shadowcash cannot climb this ladder, and without the potential to climb this ladder it is DOA.  
  
It is time for the Shadowcash camp to join the actual currency of the future: Cryptonote based blockchains.

Agreed.

Monero and Aeon.
hero member
Activity: 770
Merit: 504
It doesn't matter what most people prefer; the sheep follow the shepherd, and the shepherds follow the wisemen.  
  
Privacy isn't some add-in feature of money; it's a primary requirement.  Bitcoin is not digital cash - it is a large public ledger, but not true digital cash.  The world will need true digital cash, and its usage will slowly leak into the real world until the leak becomes a stream, and the stream becomes a deluge.  
  
The 'sheep' will use cryptocurrency once it becomes a baked-in, easy to use feature of their smart phones.  They tolerate Facebook because Facebook is not their life; don't be a dolt.  Facebook is a carefully curated portrait of their life they use to advertise how happy and intelligent they are (well some do - others just whine).  The point is that if all the other activity of these people's lives were being broadcast onto Facebook along with their careful facade they would most *certainly* care.  
  
Bobby sure as hell doesn't want the world to know he is cheating on his spouse and buying presents for his sidechick at Victoria's Secret.  
Joe doesn't want the world to know he subscribes to a lesbian peeing website.  
John is transitioning to be a girl and doesn't want his family to know he makes extra money as a crossdressing cam girl.  
  
Humanity is basically a nest of taboo and dirty secrets - and those secrets need privacy to protected.  The shiny photos of a couple on vacation smiling is just once side of a very complex life cube.    
  
But think it's just about dirty secrets?  Think again.  Everyone demands some measure of privacy, and requires private space: both personal and financial.  You can see the push-back against Windows 10 as Microsoft collects mass data even for supposedly benign purposes.  The geeks might not be the mainstream, but they sure as hell influence which products ascend to the mainstream, and a DOA solution won't be the one that gets the nod.  As always, those same people that happily don't care who browses their Facebook data still would flip their shit if their friends could browse their credit card transactions. 
 
It gets bigger though, and as Monero and Aeon get large enough for corporate and government use, these factors will come into play as well.  
  
IBM doesn't want Google to know what companies it is ordering quantum computing components from.  
The USA doesn't want Saudi Arabia to know it has struck a secret oil contract with Iran.  
Goldman Sachs doesn't want Chase to know it has placed a hefty market bet against oil futures either.  
  
And all these people: Joe, Bobby, John, IBM, and the USA... they won't use "ShadowCash".  
  
So Shadowcash will have a maximum market 'cap' of perhaps a handful of million dollars.  Maybe it can grow to be a billion dollar crypto if the rest of the cryptouniverse succeeds.  But the real growth and opportunity?  That's in Aeon and Monero.    
  
Superior technology leads to speculation.  Successful speculation leads to goods and services being offered natively.  That leads to a functioning economy.  And once that reaches a certain size, institutional reserves become a factor.  
  
Shadowcash cannot climb this ladder, and without the potential to climb this ladder it is DOA.  
  
It is time for the Shadowcash camp to join the actual currency of the future: Cryptonote based blockchains.
Pages:
Jump to: