Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [3:25:44 PM] disgruntled gyroscope: hey
- [3:28:11 PM] The Alty: hi gnome
- [3:28:17 PM] Shazzy (dasource): hey
- [3:28:28 PM] The Alty: is everyone here?
- [3:29:01 PM] Ciara Cloak: Ciara Cloak is here
- [3:29:09 PM] The Alty: Jo?
- [3:29:27 PM] The Alty: Ok
- [3:29:30 PM] The Alty: so...
- [3:29:34 PM] Joseph: Joseph yes
- [3:29:44 PM] The Alty: we were prepping the coin to integrate a solution
- [3:29:52 PM] The Alty: Gnomes seemed like the best at the time
- [3:30:03 PM] disgruntled gyroscope: okay
- [3:30:06 PM] The Alty: it's got holes in it
- [3:30:08 PM] The Alty: as expected
- [3:30:11 PM] The Alty: this is not easy
- [3:30:55 PM] disgruntled gyroscope: Yeah. We need obfuscation. Other coins accomplish this with mixing. I don't like that solution but it is taking me time to work up another.
- [3:31:23 PM] disgruntled gyroscope: Other than that the biggest flaws identified have been in mitigating malicious node behaviour and recurrance
- [3:32:09 PM] disgruntled gyroscope: nothing I've seen or thought of is going to stop the "silent recorder" though. That's the person who allows transactions to occur, but silently records all participants and transaction data - and farms this data
- [3:32:13 PM] disgruntled gyroscope: The way a government might
- [3:32:46 PM] The Alty: right so there likes the biggest problem
- [3:33:12 PM] The Alty: everything we come up with has a positive and negative
- [3:33:22 PM] The Alty: it's knowing how to mitigate the downside
- [3:33:30 PM] disgruntled gyroscope: Yes
- [3:33:45 PM] disgruntled gyroscope: If we're going to err between trustless and anonymous
- [3:33:50 PM] disgruntled gyroscope: It's goign to have to be on the side of trustless
- [3:33:56 PM] disgruntled gyroscope: or else we have problems with theft
- [3:34:09 PM] The Alty: yep...
- [3:34:27 PM] The Alty: so back to the question can we provide true anon with such a solution?
- [3:34:28 PM] disgruntled gyroscope: Right now our solution does that. It errs on the side of trustless.
- [3:34:37 PM] disgruntled gyroscope: it isn't obfuscated enough. It breaks coin history
- [3:34:39 PM] The Alty: trustless we have in normal tx
- [3:34:43 PM] disgruntled gyroscope: But is vulnrable to corelation attacks
- [3:34:47 PM] disgruntled gyroscope: Yes
- [3:34:47 PM] The Alty: ok
- [3:35:05 PM] The Alty: Can somebody else step in with our next best so far
- [3:35:28 PM] disgruntled gyroscope: Right now I'm working on an option which take my 3 wallet transaction and chains them together in a chain
- [3:35:42 PM] disgruntled gyroscope: the sender is along this chain and the chain acts as obfuscation
- [3:36:02 PM] disgruntled gyroscope: each segment of the chains 3 links can eb deanonymized without deanonmizging the whole chain
- [3:36:20 PM] Shazzy (dasource): gnome i think with time your solution could be great ... but this is going to a. take a lot of time and b. require months of testing ... (think DRK RC1 --> RC5 again) ...
- [3:36:51 PM] disgruntled gyroscope: Yes I think almost any solution will.
- [3:36:57 PM] Shazzy (dasource): what we need is a simpler solution (i know that sounds easy, which it is not) ...
- [3:37:05 PM] disgruntled gyroscope: Though dark is very trusty and not evena little trustless
- [3:37:07 PM] Shazzy (dasource): so we have been mulling over an alternative
- [3:37:16 PM] Shazzy (dasource): true ^^
- [3:37:16 PM] disgruntled gyroscope: Any ideas?
- [3:37:19 PM] Shazzy (dasource): yeah
- [3:37:43 PM] Shazzy (dasource): so in short (and ciara can clarify) ...
- [3:38:09 PM] Shazzy (dasource): we use a mix of multisig (trustless) with steath address (anon) ... with some of the old posa messaging platform
- [3:38:16 PM] Shazzy (dasource): messaging/broadcasting
- [3:38:29 PM] disgruntled gyroscope: I've never seena trustless multisig
- [3:38:34 PM] disgruntled gyroscope: Can you show me what that looks like?
- [3:38:37 PM] disgruntled gyroscope: Mine are trusty
- [3:38:37 PM] Shazzy (dasource): stick with me ...
- [3:38:51 PM] Shazzy (dasource): the problem with "generic" multisig is
- [3:39:09 PM] Shazzy (dasource): it is not anon by nature
- [3:39:22 PM] disgruntled gyroscope: No, there's nothing specificly anonymous abou tit
- [3:39:25 PM] disgruntled gyroscope: It's just an address
- [3:39:38 PM] Shazzy (dasource): dont type ... wait till i finish please :D
- [3:39:41 PM] disgruntled gyroscope: sorry.
- [3:40:01 PM] Shazzy (dasource): so its not anon because usually there is 1TX in --> 1 TX out ...
- [3:40:07 PM] Shazzy (dasource): the idea here is that
- [3:40:22 PM] Shazzy (dasource): say you want 50 CLOAK "cloaked"
- [3:40:54 PM] Shazzy (dasource): you broadcast a message saying "hey here is my multisig address, send me 10 cloak and i will send you 10.1"
- [3:41:05 PM] Shazzy (dasource): you send this to say 6 nodes
- [3:41:15 PM] Shazzy (dasource): 7-10 however many we decide
- [3:41:43 PM] Shazzy (dasource): so right now the multisig input has say 7-10 inputs from different addresses....
- [3:42:11 PM] Shazzy (dasource): at the same time we use posa to request a steath address (we implement steath addresses into cloak)
- [3:42:26 PM] Shazzy (dasource): so the "script" will store the steath addresses for the output of the multisig
- [3:42:48 PM] Shazzy (dasource): we complete the multisig and it acts as a "mixer" ....
- [3:43:02 PM] Shazzy (dasource): we use the cloaking mechnism to repeat this over and over for however many cloaked coins we need
- [3:43:22 PM] Shazzy (dasource): if you inspect the multisig TX
- [3:43:31 PM] Shazzy (dasource): all you will see is 10x address sent 10 CLOAK
- [3:43:41 PM] Shazzy (dasource): and 10x addresses (new pub keys) got 10 CLOAK back
- [3:43:53 PM] Shazzy (dasource): its not possible to work out who was the user who set this up
- [3:43:56 PM] disgruntled gyroscope: Yes it is.
- [3:44:00 PM] disgruntled gyroscope: And it's also not trustless.
- [3:44:16 PM] disgruntled gyroscope: Stealth addresses are also vulnerable to corelation attacks
- [3:44:33 PM] disgruntled gyroscope: They will at some point down the blockchain be spent with original wallet addreesses
- [3:44:42 PM] disgruntled gyroscope: This corelation is visibble, and as a function of time deanonmizes
- [3:44:57 PM] Ciara Cloak: How will they be spent with original wallet addresses?
- [3:45:12 PM] disgruntled gyroscope: Because they have the same owenr, ro a corelatable owenr tot he original transaction
- [3:45:36 PM] Shazzy (dasource): "not if we mark these coins as "cloaked" and they are only uses for anon TXs"
- [3:45:50 PM] disgruntled gyroscope: So, if I have 10 cloak. And we trade 5 cloak, so now I have 5 claok in a stealth address that you don't know belongs to me. Whne I go to spend 6 cloak, you know it's me.
- [3:46:26 PM] Ciara Cloak: This is only true if you combine stealth and non-stealth inputs.
- [3:46:30 PM] disgruntled gyroscope: Even if you stealth every coin before, those coins are all still going to be spent together unless you spend in the exact denomination you recieve to each addy
- [3:46:48 PM] disgruntled gyroscope: because at some point change addresses have to be combined
- [3:46:52 PM] disgruntled gyroscope: and spent together
- [3:47:07 PM] disgruntled gyroscope: This, and I don't understand the trustless part.
- [3:47:40 PM] disgruntled gyroscope: In terms of anonmitiy, it would be a start to see this mixer algorithm that isn't coinjoin developed
- [3:47:50 PM] Ciara Cloak: Multi-sig transactions are trustless because they are validated by the network and not a central trusted node or nodes.
- [3:48:01 PM] disgruntled gyroscope: Who unlocks the multi-signature transaction
- [3:48:16 PM] disgruntled gyroscope: or is there a script which isn't unlocked at all
- [3:48:27 PM] disgruntled gyroscope: It's hard to comment with so few details
- [3:50:36 PM] disgruntled gyroscope: I think if there is a faster solution here that is brilliant news
- [3:50:51 PM] disgruntled gyroscope: We should put it on paper and get it infront of me and noobsticks and anyone else who wants to give it the run down
- [3:51:29 PM] disgruntled gyroscope: Everyone went from lots to say to not much.
- [3:51:56 PM] The Alty: Yep I think so.. because if we commit a great deal of time to commit to PoR but it's not flawless we can commit less time to something that is workable. Let's be honest anon and trustless as we said before seems mathmatically impossible
- [3:52:14 PM] disgruntled gyroscope: Right, you need to do something like what PoR does and switch between the two
- [3:52:18 PM] disgruntled gyroscope: Or just ignore one completely
- [3:53:37 PM] The Alty: everyone is in deep thought
- [3:55:16 PM] disgruntled gyroscope: At ti's core, poR is just a shitty trusty anon system like everything else we have described - I cover it up with "tettle"
- [3:55:20 PM] disgruntled gyroscope: *tattle
- [3:55:27 PM] Shazzy (dasource): correlation account is not difficult to solve as ciara said we prevent mixing of stealth/non-stteath inputs i.e. have a cloaked balance
- [3:55:36 PM] disgruntled gyroscope: That's possible because people can identify the others int he transaction and rat them out
- [3:55:58 PM] disgruntled gyroscope: Shazzy okay. Can I see the mixing algorithm?
- [3:56:27 PM] disgruntled gyroscope: Because if coinjoin and every other mixer implimented so far is tracable, I'm wondering what kind of implimentation we can jsut allude to and impliment in a week
- [3:56:38 PM] disgruntled gyroscope: That's pretty irresponsible, saying we could launch something in a week
- [3:56:45 PM] Ciara Cloak: Not really.
- [3:57:00 PM] The Alty: I did say beta Gnome
- [3:57:03 PM] The Alty: not launch
- [3:57:28 PM] disgruntled gyroscope: Alright
- [3:57:36 PM] disgruntled gyroscope: Well, you dow hat you're going to do.
- [3:57:52 PM] disgruntled gyroscope: I do not feel like this is a productive development environment.
- [3:58:01 PM] disgruntled gyroscope: Ideas are never thought to completion befor ejumping to implimentation
- [3:58:05 PM] disgruntled gyroscope: Shortcuts at every chance
- [3:58:13 PM] Ciara Cloak: All you can identify in the transaction is "some" participant
- [3:58:19 PM] disgruntled gyroscope: I disagree
- [3:58:26 PM] disgruntled gyroscope: and when you show me the full spec maybe I can show you
- [3:58:54 PM] Ciara Cloak: I don't know how you can sit there and talk about shortcuts at every chance, and then turn around with some rube goldberg contraption
- [3:59:01 PM] The Alty: lol
- [3:59:15 PM] disgruntled gyroscope: So because you can't wrap your head around a given development decision it's ribe goldberg esque?
- [3:59:16 PM] Ciara Cloak: Adding needless complexity is no better than "shortcuts"
- [3:59:29 PM] disgruntled gyroscope: Identify needless complexity, we'll eliminate it
- [3:59:45 PM] Ciara Cloak: God you are so arrogant
- [3:59:51 PM] disgruntled gyroscope: You have written down NOTHING.
- [3:59:57 PM] disgruntled gyroscope: Spec or shut up
- [4:00:15 PM] disgruntled gyroscope: You are the reason why we are here ciara tkae some damn responsibility
- [4:00:16 PM] *** The Alty removed disgruntled gyroscope from this conversation. ***
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement