Topic: [XMR] Monero - A secure, private, untraceable cryptocurrency - page 1594. (Read 4670622 times)

Because optional transparency is required against corruption.

Take the dev fund for example, dont you want to know what we received? This is a must have...

why not just sell into bitcoin if you want traceability/transparency?

Yes if you want to pay your bank or your taxes or run a business ect.. than i think it follows that you need transparent transaction. However it doesnt necessarily follow that one needs to be able to do these things with monero. That would be a matter of opinion.

A lack of knowledge is the natural state of man, nothing to be embarassed about. -- Gregory Maxwell

Honestly its a little bit embarrassing but some aspects of cryptonote go over my head. The last community i really got active in was nxt and it was great because i really was able to understand everything about how it worked down to a detailed level (on a level that very few other people do infact) and write about it and explain it to people. When it comes to nxt, since i truly understand how the mechanics work, my suggestions have value. Here i dont really feel that i understand cryptonote well enough to give valuable input. Hopefully through discussion i will understand it better and will be able to offer valuable suggestions that do help to work out problems like the one mentioned above.

Anon136, I understand that you are person with substantial vested interest in XMR and that you are providing your input here in this thread.  Excellent.  What I wonder is: How are you helping the process of getting that "mess all figured out?"  I ask with complete sincerity, without contempt.  I imagine that you donate funds of some kind to the dev team, and if so, that is also excellent.  I pose the question because it seems to me that those of us with interest in the success of XMR could possibly better organize and collaborate our efforts toward the common goal.  So, you seem to be a good person to discuss this with.

I apologize if all this has been hashed out already in this thread, but with 500+ pages and daily activity, subjects are somewhat easily lost in here!

I think part of the idea was simply to create more transactions at least during a transition period when the volume of transactions is low.

Surprisingly, the volume of Monero transactions is already not that low. It is about 3% of Bitcoin.

http://monerochain.info/charts/transactions
http://blockchain.info/charts/n-transactions

I guess this is consistent with Monero now being #3 or #4 in exchange volume and a huge portion of all coin usage (especially altcoins) being exchange trading. http://www.coingecko.com/

The big decrease in the Monero transaction volume to early July was due to the pool dust bug getting fixed. We now seem to slowly be trending upward from that low.

EDIT: We are about 20-30% of LTC by transactions/day
http://ltc.block-explorer.com/charts

^This is not needed and will bloat the blockchain. In Monero a transaction is mixed with past transactions from the blockchain, so an empty block with just one transaction don't compromise the unlinkability at any way.

Just brainstorming here:
Would it be possible on protocol side to artificially add random transactions (with random amount) to each block to ensure a certain fill grade?

In the future, when the blocks are filled more than now, then some transparency transactions will not compromise the other anonymous transactions.

It already does - baked into the protocol is the ability to reveal the one-time key for a transaction in such a way that you will be able to confirm the amount and recipient for someone. What that will look like in practice remains to be seen, and we are looking at ways of doing this (such as a signed message for that tx) that literally can be made public without a reduction in the anonymity set.

What are you on about .. ?

This is why we have a view key, which can be used as a simple proof of payment. We've literally mentioned it probably hundreds of times in this thread alone

You have the ability to choose to use multiple wallets, where you can use one to pay taxes, business, buy houses .. etc .. and then share the view key, or at least come up with some form of proof of payment.

You have the ability to choose to use one for your doctor, tickets, gifts etc .. and not share your key.

I think the devs are also working on additional ways to assist you with these efforts, but the point is that what you want is already addressed.

IMPORTANT

Monero must provide the ability for transparent transactions.

IF NOT then it will never be easily accepted as a transaction medium for important (not casual) payments, for B2B transactions or transactions between the public and the state.


IF i want to pay my dept to the bank with monero I want a transparent transaction!

IF I pay my taxes the same!

IF I run a business and pay my suppliers the same!

IF I buy a house from john doe, the same!



If I pay for subscription to a news paper (online or not), or I pay for my doctor, or I pay for my tickets, or I purchase a gift for me or my family, even If i invest in some stocks or bonds I want noone to know about then I want anonymity!

I guess the important point here is that there is not really any way to stop people from revealing information about their transactions if they chose to. So the devs may as well operate under the assumption that some people will. Hopefully we can at the very least create a social stigma against it and apply social pressure to help prevent people from doing that.

Based on some of the points you made up there, it bring up the point that perhaps we should encourage blocks to always be full. It would be a simple task. Just remove the minimum transaction fee and people would begin to use the blockchain for increasingly marginal purposes. Eventually the demand for space will overtake the supply of space and a market for space will appear. Just like that. Granted there is some pressure towards having some amount of fee or else it isnt worth it to miners to take the risk of getting their block orphaned, but none the less the argument remains just as valid even given this consideration.

*edit* im sure someone is going to point out that right now we are having to load the entire blockchain in ram so if anything, for the time being, the fee should probably be increased. But perhaps this will make more sense in the future when you guys get all of that mess figured out.

It can't have no effect. The nature of mixing is that you are hiding a needle in a haystack. The haystack is the combinatorial explosion of other potential paths that could point to you. (The animated graphic on the cryptonite site is helpful.) If the haystack gets smaller -- either because of people identifying their transactions, or because they aren't using the coin at all -- then it obviously becomes easier to find the needle (i.e. you).

We are working on various ways of making the process of finding the needle harder. Whether it is then "hard enough" for useful privacy will depend on various factors that are hard to quantify right now, including what people consider to be "useful," how much usage there is in the coin generally, and the nature of that usage. Arguably, for some use cases, it is already good enough. For other use cases it will become good enough once improved. For still others it may not be good enough until there are further improvements and/or much greater usage. Finally there may be some use cases for which it may never be good enough. I also think it is possible the latter case may not occur, since combinatorial explosions can be quite large (as in provably infeasible to untangle), but we don't know this yet.

In fact, they could even reveal their private key on live TV if they wanted - as has happened with Bitcoin before:)

To your second question: the general consensus is that it has a relatively small effect. Here's a dump from a short discussion that was on IRC about the matter the other day:

smooth:    it is similar to a sybil attack
smooth:    let's say a lot of people post their information publically, that is the same to an observer as the observer launching a sybil attack with all those third parties as owned identities

There are solutions we are theorising at present that will reduce the effect of this, but please understand this is such an edge-case that we're taking about protection from an extremely sophisticated attacker with extremely large access to resources. Even in its current form with no edge-cases ruled out, Monero has a level of privacy heretofore unknown to "ordinary" persons who use Bitcoin. Sure, accessibility is an issue, and that is a long-term goal, but don't forget that Monero has an interesting value-proposition already.

We will close the final gates and reduce risks to privacy as time progresses; we do not have to solve everything now. Our dedication and commitment to doing so transcends price fluctuations, FUD from those unfamiliar with the matter, or snide remarks on social networks. Let's not try solve every apparent problem now, but let's work towards solving these as a group and as a community:)

Yes I read the whitepaper. Of course i would be lying if i said that i understood all of it. I do think I understood it well enough to see the value in cryptonote especially as compared to other proposed anonymity schemes. I was also aware that there is technically no way to prevent people from revealing this information. People could reveal every single bit of information about their transactions except for their private key if they wanted.

So here is a question. Is your position that people who are trying to act transparently in the manner you have outlined have no effect what so ever on the privacy of individuals who are concerned about privacy. Or is your position that it has a very small or relatively small effect. If it is the latter than by what mechanism is the privacy of other individuals effected.

That's not the way it works. The "reveal" does not reveal which transaction it is, it reveals that they were involved in a transaction (this we could deduce already) and the exact amount (ie. let's ignore spurious outputs / change outputs), so it's not the same as revealing the one-time private key for a transaction. What we're talking about is a reveal that is no different to a screenshot of a person transacting (as has been posted in this thread) that contains full details of their transaction (destination address, amount, mixin count, payment ID). How exactly would you prevent that information from being revealed? You can't.

Monero is meant to solve that exact problem - what happens if we know the address of the recipient? Can we do anything with it? It's a stealth address, so good luck getting anything out of that. Ring signatures are an additional layer on top of that, and they exist to protect you when a transaction is compromised. They're a level of ambiguity, not a level of anonymity. Privacy is accorded by the stealth addresses, ambiguity gives you plausible deniability in the event that someone else in in the signature group for a particular input is compromised.

Edit: just to add, this stuff is inherent in the protocol. We're not suggesting changes, we're telling you what is already there. Reading the whitepaper is probably a good starting point to understanding why this exists in the protocol:)

Yes this is what I am thinking. This talk worries me greatly.

Actually it isn't, if you want a high degree of anonymity. The more transparent transactions you have, the more you undermine the anonymity of the non-transparent transactions.