Topic: XMR vs DRK - page 2. (Read 69755 times)

I think it's reasonable. I'm not sure "XMR vs. DRK vs Zerocash" makes sense given the obvious "which one of these does not belong" problem. However, I would certainly be in favor of everyone including OP agreeing that discussing Zerocash is on topic as it relates directly to both of these projects and to some of the cryptography discussions earlier in the thread.

no.

where exactly is your zerocash?

@OP

I would be interested in adding to the discussion thread header:

XMR vs DRK vs Zerocash

I appreciate that this is a self moderated thread. I also appreciate the risk that there might be a bias towards XMR.

However, Zerocash, while currently not alive, adds an interesting dimension to all existing anon projects.

I am obviously inviting a critique of DRKs anon credentials from XMR supporters by using the words 'anon', but I hope we can see past that for a second to discuss the implications of a valid launch of Zerocash and what that would mean for XMR, DASH and all anon projects.

It may mean nothing, or might be significant.

My wish to introduce Zerocash into the equation is that it poses, in theory, a credible threat to both projects. So a discussion about XMR vs. DRK might be irrelevant in the not too distant future.

If there is no desire to discuss it here, perhaps I might start another thread at some point.

confirmed funny

( bahleted )

thought it was funny, but really don't want to fan the flames.

Let's go!

Bump, nerds.

Got mah new outfit on and everything!

If an attacker starts out controlling 80% of the outputs and performs 80% of the transactions, then the attacker will maintain 80% share of the outputs going forward (assuming constant outputs/transaction).

An attacker controlling 80% of outputs doesn't make it impossible to conduct untraceable transactions, but it does make it difficult, since you need a much higher mix factor to have a high degree of confidence that the attacker doesn't control all of them. This sort of sybil/flooding attack works against any form of mixing, and is controlled (i.e. made to have >0 cost) by having unavoidable fees. Such unavoidable fees exist in Cryptonote because to maintain a high block size even miners need to forgo reward (via the penalty). Thus even miners can't spam transactions at no cost. I'm not sure if they exist in other systems where attackers may include (or operate in collusion with) miners and mixer operators who don't face such a cost (since they get fees back as revenue)

The issue raised by MRL-0001 is that if mix factors of 2 (one real plus one fake) or less are frequently used on the network then the attacker doesn't need to make any transactions at all to maintain a constant share of the outputs forever. We consider that a failure since it allows continued attacking at no cost. Thus the proposed solution in MRL-0004 is to require a minimum of 3. There is also a proposed increase in that minimum in a few years because simply put, "higher is better" (further increases the cost to an attacker) but that is more of a trade off against resource usage as opposed to an actual failure.

So if the attacker controlling 80% of the coins also conducts 80% of the transactions among wallets under the attacker's control then the attack will work.

That's not exactly right, the recommendations assume a distribution of usage that is reasonable. Even a starting concentration of say 80% will still eventually burn out, but it will take a very long time. On the other hand if someone controls both 80% of the coins and also conducts 80% of the transactions (say using their own exchange off in Estonia or something), then it won't work.

One simple way to get an indication of distribution is take the ratio of the 24 hour volume to market capitalization. The results for Dash, Monero and Bytecoin speak volumes. From http://coinmarketcap.com/

Dash       $ 17,240,322    $ 187,208         Ratio 1.09%   Good
Monero    $ 5,684,312      $ 68,593          Ratio 1.21%   Good
Bytecoin  $ 4,013,438      $ 909               Ratio 0.02%   Extremely Poor

For Monero and Dash this figure is over 1% indicative of a healthy distribution. For Bytecoin on the other hand the figure is 0.02%. The latter is indicative of an extremely tightly held coin and provides very strong support to the massive premine theory.

By the way this issue is not limited to cryptonote, a similar attack is possible against coinjoin. For example if someone were to create a clone of Dash and release it with an 82% premine disguised as a ninjamine the same attack would be possible.

Edit: The recommendations in MRL004 implicitly assume a reasonable distribution, not a premine of over 80% of the emission. They apply to Monero but not to Bytecoin.

That is addressed in MRL-0004 and will be implemented in a future update. At the moment there is no particular reason to believe that any one entity holds e.g. 80% of Monero. I guess its possible that Poloniex does, but I doubt it.

Also, remember this only affects traceability not linkability (so, loosely speaking "half" of anonymity).

I think it's been quiet because almost everything that possibly could be said has already been said from every possible angle.

Although the matter of having to trust that no single entity (or entities collaborating) holds too many XMR's to deanonymize the transactions hasn't been talked about yet, unless I missed it.

Triptych of Garden of Earthly Delights
by HIERONYMUS BOSC

Good one! CHAOS!!!



https://www.youtube.com/watch?v=JmzuRXLzqKk

@Hue or maybe DRKers are quiet because the end is nigh:

Both coins seems to gain value lately.

Nope.

I'll sum it up for you so you don't have to read those walls of text.

illodin pulled a red herring that was argued for a few pages and then a bet was made on a carefully crafted sentence that was semantically vague which derailed the thread for pages.

Then the consensus is that he was indeed correct so I think he and the drk crew are being quite because it is the one and only time in this thread where they have come out on top. So I would guess they are being intelligent enough to take their small victory and run off as there is no way they can ever win on the merits of the topic.

As a note Joshuar's statement was correct as well. But illodin pulled  bait and switch on the terminology of the bet.

So in essence I have no clue who won the bet but I was arguing the semantics on the wrong side and was corrected by Fluffy and Smooth both and was to stupid to realize it as I have linked to in my sig.

I think thats about the last 4 or 5 pages or so.

I see this thread is still going strong! Anything non stupid i have missed in the latest 20 pages? I am not sure i cant read all this stuff!

^^ Wow, a new account just for trolling D-coin. That's dedication to the cause.

Where have all the darktards gone?  Have they conceded defeat?