Topic: [XMR] Monero - A secure, private, untraceable cryptocurrency - page 1606. (Read 4670622 times)

OMG: Read this blog post by Vitalik Buterin (one of the main dudes behind Etherium): https://blog.ethereum.org/2014/07/22/launching-the-ether-sale/

Some of his points made:

- The price of ether is initially set to a discounted price of 2000 ETH per BTC, and will stay this way for 14 days before linearly declining to a final rate of 1337 ETH per BTC. The sale will last 42 days, concluding at 23:59 Zug time September 2.

- The annual issuance rate is 0.26x the initial quantity of ether sold, reduced from the 0.50x that had been proposed in January. [...] We make absolutely no promises of this, except that the issuance rate will not exceed 26.00% per annum of the quantity of ether sold in the Genesis Sale.

- We reserve the right to use up to 5000 BTC from the pre-sale while the pre-sale is running in order to speed up development.

This reads like a birthday party for the devs. Bring all your BTC and we start OUR party. You get some totally weird coins/promises in return. WTF! Also, the shortcut, ETH, is funny, because it relates to the well-known university in Zurich/Switzerland which has nothing to do with the whole thing. To me, the Etherium project seems more than odd. (In addition, check out this Etherium related website www.ursium.com, yet another site without any real content or information.)

ADD1: Honestly, I hoped Etherium becomes something good (I would have liked to invest), but now I feel like Alice in Weirdo Land.

ADD2: Just found this statement on the official Etherium website: "EthSuisse will not place a cap on the number of ETH that can be purchased by the community." WTF!

ADD3: "EthSuisse will restrict any single entity, person, corporation, or group from controlling more than 12.5% of the total ETH sold by the end of the Genesis Sale." WTF!!

EDIT: OK, I stop here. I can't take it anymore. Etherium could be (become) one of the biggest ripoffs in the crypto history... without me.

One thing I will say is that the ethereum team really knows how to engage, market, and create awareness, along with being very strong technically. Very impressed with their technical achievements, but also equally impressed with their website and ability to market and make the currency easy for the average non techie to purchase. One of the most professional websites I've seen for any alt coin project as well.

For that reason alone, they are likely to get a lot of attention, and attention equals dollars, and dollars equals hiring more devs. Pretty virtous cycle that XMR should have but doesn't seem able to make happen. They have already sold over 1 million USD worth.

Whats a better investment, a bowling ball or a ham sandwich?

They are all fundamentally different things. I don't think etherium is attempting to build a tax haven in the cloud and I don't think monero is trying to build a consensus based turing complete distributed virtual machine.

Be careful with etheirum though. Huge amounts of hype and many wild promises, little evidence that they will be able to deliver on those promises, and with the sorts of valuation they are obtaining i think its questionable whether it would be a good value even if they do deliver on those promises. The thing about open source code is that it can be copied. Of course there are network effects to make the largest network more valuable. But with something like a virtual machine thats being run in parallel on a huge number of computers, its very questionable to what extent that can be scaled. If it cant be scaled well than their first mover advantage may offer little benefit beyond a certain threshold.

Maybe that's about the right time to look into another direction: Etherium (ETH)

The Ether guys just started the pre-sale, and I'm wondering how you all think about this new coin and its presale. Some quick questions/points from me side:

- Will ETH be a threat to Monero?
- Is the presale (2000ETH per BTC right now) a reasonable investment chance? (I couldn't find an upper bound on the coin supply for the presale.)
- Is there a chance that ETH will make it against Mastercoin and Counterparty?
- Would Bitshares-X (similarly Bitshares-PTS) be a better investment? (ETH and Bitshares seem to share some goals, e.g., decentralized organisations/companies, etc.)

Regards.

You are welcome to participate in this thread at any time as long as it is focused on topics directly relevant to Monero. (You are also welcome to not participate, if that is your choice, of course.)

That includes the proof-of-work. If you can identify a specific vulnerability, post a proof of concept (even pseudo code). Voluminous abstract philosophical discussions of proof-of-work design are not directly relevant to Monero.

If you want to call that censorship, so be it. I'd rather be accused of censorship than have the thread filled with pages and pages of discussion not of interest to most of the Monero user community.

And for one last time, I never said that ASICs aren't a threat. I said that the approach of "1000 copies" of a straightforward implementation of the algorithm on a chip will not work. The Cryptonote people claim that the algorithm is ASIC-resistant generally. They may be right or they may be wrong, but I certainly will never mislead anyone that this is just a claim from some anonymous source. I don't know what background work they have done (if any) to support the ASIC-resistant claim, so I can't meaningfully evaluate it.

Some degree of GPU-resistance has been demonstrated however, so one of their claims has now been weakly validated.

Pot meet kettle.

The proof-of-work algorithm is absolutely essentially to crypto-currency. It is the fundamental building block upon which nearly everything else of the coin hinges.

Thanks for not appreciating me trying to help you while you still have the chance to fix what is broken.

But that is fine, go ahead and leave it broken. You will learn the hard way. And with your attitude, now you know why I wouldn't participate in developing for your design by consensus. It is abject failure.

And remember this discussion started because I corrected you when you gave a user the factually incorrect answer, leading him to believe that ASICs are not a realistic threat.

Okay I will abide by your desire to censor this thread. I will not reply unless someone makes a very serious critique of what I wrote that requires a response.

He implied "validate" includes the time to wait on propagation before validation can be started (part of the process of validation).


His valid implied point is it is Monero-specific when combined with Monero's short block period and the higher potential for DDoS due to the slow proof-of-proof validation.


I was allowing for the possibility that you were not misinterpreting and instead if Monero doesn't transmit the transactions when the block is solved, then your response would have been correct. I didn't have time to go learn what is the current status on Monero on that design point.

In fact he said "longer to validate" not "longer to propagate." That is good because the former is not a Monero-specific issue at all so it doesn't belong on this thread.

BTW, if you "don't know if ... Monero  has implemented" something, please don't bring it up here (except, perhaps, once to ask if Monero has implemented it, if you are unable to determine that yourself by consulting the source code). This is not a thread for general discussion of coin design topics that apply to virtually every coin.

I don't know if CryptoNote or Monero has implemented a strategy of eliminating the need to transmit (not validate) the entire block when a block is solved, but if not then you missed his point. He is talking about how block size impacts propagation time which impacts orphan rate. See my cited footnotes.

Lucid explanation. Yes it impacts the tradeoff between decentralization vs. block period (transaction delay). And it also impacts something much more critically important about anonymity which is currently not published. In short, you won't get real NSA-proof anonymity without a fast proof-of-work hash. You will know why when it is published.

Your perspective is lacking depth of understanding.


On further thought, I remember why I had dismissed the genre of parameters CryptoNote chose ("1MB/16B table with 128-bit, i.e. 16B, elements with 1M writes"), because it doesn't stop the lookup-gap strategy I outlined. The reason is because if the random access is uniformly distributed (and if it isn't you have other attack vectors), then after each quantity of random r/w accesses that exceed ~2X the number elements in your memory table (for the case of reducing the storage by a factor of 2), then the lookup 'values' table can be pruned, because older entries are no longer directly pointed to by any latter entry that corresponds to an entry in the 'elements' table.

Thus the CryptoNote parameters chosen don't necessarily defeat the strategy for trading computation for smaller cache requirement. They do make the proof-of-work much slower than it needs to be.

---

Also I noticed you ignored my upthread point about cache set associativity and the TLB. When we know all the accesses are 128-bit aligned and they do not span a larger space in main memory, then the ASIC can do optimizations on the design of the cache making faster and or use less logic gates. The CPU's cache is generalized. ASICs can always kick butt because they take advantage of specialized optimizations.

Another approach is for pools to limit the number (per time interval) of new addresses from which they will accept connections (and/or shares or blocks) at all. A DDOS as you described would lock out new users until countermeasures were deployed but existing users and the existing network would be unaffected.

Poloniex reports that they have worked with the Monero devs to improve transaction speeds for deposits and withdrawals.

Any idea what improvements are to be expected?

I've never transacted XMR on Poloniex, actually I tried to withdraw once and it didn't happen as they had an issue.

Today I finished my purchases of XMR on Poloniex and will start withdrawing a significant part.

Thanks, I'd assumed the block validation time was directly related to the number of txes involved, so I see that wouldnt actually be a significant factor.

As I read it most of the arguments for a shorter block time seem to be commercial, e.g. "faster tx validation", whereas the justifications for longer block time are generally technical. I don't really see Monero being used in the future for the sort of transactions where fast confirmation is an important requirement, so I'm not sure there is much to debate. Others may well disagree of course

This is very interesting. If you are right though it should be too terribly disruptive to hard fork away from cryptonight (if i remember correctly that is what the hashing function for the pow is called) POW and into something less taxing to verify.

*edit* is anyone here particularly committed to cryptonight? would anyone care if we had to switch to scrypt or something similar?

Mr X is female, and her name is Eve (because she's "evil").  Just sayin'

Actually as far as I can tell, they delivered what you claim you were attempting to design. You have delivered no work product at all. No code. No white papers. Nothing. Except maybe delivered to yourself, which does not count. It is all hot air.

At this point I would ask that you take this discussion elsewhere. There may well be (theoretical, unidentified and undemonstrated) cryptographic or other issues with Cryptonight, but that is a tiny subset of topics of general interest to the user base and potential user base of Monero. Now we have the past several pages of this thread being taken over by the discussion, and the way the last few exchanges have gone, every appearance this back-and-forth will continue for several more pages. That is inappropriate. Please stop, or just go ahead and create your own thread focused on that particular subtopic.

Your post makes some good points and these issues are definitely being looked it. There is wide agreement that the one minute block time was a mistake absent other changes in the design of the block chain (such as GHOST or similar ideas).

One minor technical correction though:


As things stand today larger blocks don't take much longer to validate. The PoW hash is performed not directly on the entire block but on a much faster hash of the block, so it is essentially independent of the block size. The transactions within a block also need to be validated, but currently that is much faster than the PoW. That could change if database lookups are required. Note that if the dominant portion of block validation time is database lookups, then the speed of the PoW becomes unimportant to validation speed.