What is the Decentralized Ether Mixer Smart Contract ...

The Privacy Coin Guide Part 1

As interest picks up in crypto again, I want to share this post I made on privacy coins again to just give the basics of their evolution. This is only part 1, and parts 2 and 3 are not available in this format, but this part is informative and basic.
If you’re looking for a quick and easy way to assess what the best privacy coin in the current space is, which has the best features, or which is most likely to give high returns, then this is not that guide. My goal is to give you the power to make your own decisions, to clearly state my biases, and educate. I really wanted to understand this niche of the crypto-space due to my background and current loyalties[1], and grasp the nuances of the features, origins and timelines of technologies used in privacy coins, while not being anything close to a developer myself. This is going to be a 3-part series, starting with an overview and basic review of the technology, then looking at its implications, and ending with why I like a specific project. It might be mildly interesting or delightfully educational. Cryptocurrencies are young and existing privacy coins are deploying technology that is a work in progress. This series assumes a basic understanding of how blockchains work, specifically as used in cryptocurrencies. If you don’t have that understanding, might I suggest that you get it? [2],[3],[4] Because cryptocurrencies have a long way to go before reaching their end-game: when the world relies on the technology without understanding it. So, shall we do a deep dive into the privacy coin space?

FIRST THERE WAS BITCOIN

Cryptocurrencies allow you to tokenize value and track its exchange between hands over time, with transaction information verified by a distributed network of users. The most famous version of a cryptocurrency in use is Bitcoin, defined as peer-to-peer electronic cash. [5] Posted anonymously in 2008, the whitepaper seemed to be in direct response to the global financial meltdown and public distrust of the conventional banking and financing systems. Although cryptographic techniques are used in Bitcoin to ensure that (i) only the owner of a specific wallet has the authority to spend funds from that wallet, (ii) the public address is linked but cannot be traced by a third party to the private address (iii) the information is stored via cryptographic hashing in a merkle tree structure to ensure data integrity, the actual transaction information is publicly visible on the blockchain and can be traced back to the individual through chain analysis.[6] This has raised fears of possible financial censorship or the metaphorical tainting of money due to its origination point, as demonstrated in the Silk Road marketplace disaster.[7] This can happen because fiat money is usually exchanged for cryptocurrency at some point, as crypto-enthusiasts are born in the real world and inevitably cash out. There are already chain analysis firms and software that are increasingly efficient at tracking transactions on the Bitcoin blockchain.[8] This lack of privacy is one of the limitations of Bitcoin that has resulted in the creation of altcoins that experiment with the different features a cryptocurrency can have. Privacy coins are figuring out how to introduce privacy in addition to the payment network. The goal is to make the cryptocurrency fungible, each unit able to be exchanged for equal value without knowledge of its transaction history – like cash, while being publicly verifiable on a decentralized network. In other words, anyone can add the math up without being able to see the full details. Some privacy solutions and protocols have popped up as a result:

CRYPTONOTE – RING SIGNATURES AND STEALTH ADDRESSES

Used in: Monero and Particl as its successor RING-CT, Bytecoin
In December 2012, CryptoNote introduced the use of ring signatures and stealth addresses (along with other notable features such as its own codebase) to improve cryptocurrency privacy.[9] An updated CryptoNote version 2 came in October 2013 [10](though there is some dispute over this timeline [11]), also authored under the name Nicolas van Saberhagen. Ring signatures hide sender information by having the sender sign a transaction using a signature that could belong to multiple users. This makes a transaction untraceable. Stealth addresses allow a receiver to give a single address which generates a different public address for funds to be received at each time funds are sent to it. That makes a transaction unlinkable. In terms of privacy, CryptoNote gave us a protocol for untraceable and unlinkable transactions. The first implementation of CryptoNote technology was Bytecoin in March 2014 (timeline disputed [12]), which spawned many children (forks) in subsequent years, a notable example being Monero, based on CryptoNote v2 in April 2014.
RING SIGNATURES and STEALTH ADDRESSES

PROS

– Provides sender and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume
-Does not hide transaction information if not combined with another protocol.

COINJOIN

Used in: Dash
Bitcoin developer Gregory Maxwell proposed a set of solutions to bring privacy to Bitcoin and cryptocurrencies, the first being CoinJoin (January 28 – Aug 22, 2013).[13],[14] CoinJoin (sometimes called CoinSwap) allows multiple users to combine their transactions into a single transaction, by receiving inputs from multiple users, and then sending their outputs to the multiple users, irrespective of who in the group the inputs came from. So, the receiver will get whatever output amount they were supposed to, but it cannot be directly traced to its origination input. Similar proposals include Coinshuffle in 2014 and Tumblebit in 2016, building on CoinJoin but not terribly popular [15],[16]. They fixed the need for a trusted third party to ‘mix’ the transactions. There are CoinJoin implementations that are being actively worked on but are not the most popular privacy solutions of today. A notable coin that uses CoinJoin technology is Dash, launched in January 2014, with masternodes in place of a trusted party.
COINJOIN

PROS

– Provides sender and receiver privacy
– Easy to implement on any cryptocurrency
– Lightweight
– Greater scalability with bulletproofs
– Mature technology

CONS

– Least anonymous privacy solution. Transaction amounts can be calculated
– Even without third-party mixer, depends on wealth centralization of masternodes

ZEROCOIN

Used in: Zcoin, PIVX
In May 2013, the Zerocoin protocol was introduced by John Hopkins University professor Matthew D. Green and his graduate students Ian Miers and Christina Garman.[17] In response to the need for use of a third party to do CoinJoin, the Zerocoin proposal allowed for a coin to be destroyed and remade in order to erase its history whenever it is spent. Zero-knowledge cryptography and zero-knowledge proofs are used to prove that the new coins for spending are being appropriately made. A zero-knowledge proof allows one party to prove to another that they know specific information, without revealing any information about it, other than the fact that they know it. Zerocoin was not accepted by the Bitcoin community as an implementation to be added to Bitcoin, so a new cryptocurrency had to be formed. Zcoin was the first cryptocurrency to implement the Zerocoin protocol in 2016. [18]
ZEROCOIN

PROS

– Provides sender and receiver privacy
– Supply can be audited
– Relatively mature technology
– Does not require a third-party

CONS

– Requires trusted setup (May not be required with Sigma protocol)
– Large proof sizes (not lightweight)
– Does not provide full privacy for transaction amounts

ZEROCASH

Used in: Zcash, Horizen, Komodo, Zclassic, Bitcoin Private
In May 2014, the current successor to the Zerocoin protocol, Zerocash, was created, also by Matthew Green and others (Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza).[19] It improved upon the Zerocoin concept by taking advantage of zero-knowledge proofs called zk-snarks (zero knowledge succinct non-interactive arguments of knowledge). Unlike Zerocoin, which hid coin origins and payment history, Zerocash was faster, with smaller transaction sizes, and hides transaction information on the sender, receiver and amount. Zcash is the first cryptocurrency to implement the Zerocash protocol in 2016. [20]
ZEROCASH

PROS

– Provides full anonymity. Sender, receiver and amount hidden.
– Privacy can be default?
– Fast due to small proof sizes.
– Payment amount can be optionally disclosed for auditing
– Does not require any third-party

CONS

– Requires trusted setup. (May be improved with zt-starks technology)
– Supply cannot be audited. And coins can potentially be forged without proper implementation.
– Private transactions computationally intensive (improved with Sapling upgrade)

CONFIDENTIAL TRANSACTIONS

Used in: Monero and Particl with Ring Signatures as RING-CT
The next proposal from Maxwell was that of confidential transactions, proposed in June 2015 as part of the Sidechain Elements project from Blockstream, where Maxwell was Chief Technical Officer.[21],[22] It proposed to hide the transaction amount and asset type (e.g. deposits, currencies, shares), so that only the sender and receiver are aware of the amount, unless they choose to make the amount public. It uses homomorphic encryption[23] to encrypt the inputs and outputs by using blinding factors and a kind of ring signature in a commitment scheme, so the amount can be ‘committed’ to, without the amount actually being known. I’m terribly sorry if you now have the urge to go and research exactly what that means. The takeaway is that the transaction amount can be hidden from outsiders while being verifiable.
CONFIDENTIAL TRANSACTIONS

PROS

– Hides transaction amounts
– Privacy can be default
– Mature technology
– Does not require any third-party

CONS

– Only provides transaction amount privacy when used alone

RING-CT

Used in: Monero, Particl
Then came Ring Confidential transactions, proposed by Shen-Noether of Monero Research Labs in October 2015.[24] RingCT combines the use of ring signatures for hiding sender information, with the use of confidential transactions (which also uses ring signatures) for hiding amounts. The proposal described a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature which “allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation”.[25] RingCT was implemented in Monero in January 2017 and made mandatory after September 2017.
RING -CONFIDENTIAL TRANSACTIONS

PROS

– Provides full anonymity. Hides transaction amounts and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume

MIMBLEWIMBLE

Used in: Grin
Mimblewimble was proposed in July 2016 by pseudonymous contributor Tom Elvis Jedusorand further developed in October 2016 by Andrew Poelstra.[26],[27] Mimblewimble is a “privacy and fungibility focused cryptocoin transaction structure proposal”.[28] The key words are transaction structure proposal, so the way the blockchain is built is different, in order to accommodate privacy and fungibility features. Mimblewimble uses the concept of Confidential transactions to keep amounts hidden, looks at private keys and transaction information to prove ownership of funds rather than using addresses, and bundles transactions together instead of listing them separately on the blockchain. It also introduces a novel method of pruning the blockchain. Grin is a cryptocurrency in development that is applying Mimblewimble. Mimblewimble is early in development and you can understand it more here [29].
MIMBLEWIMBLE

PROS

– Hides transaction amounts and receiver privacy
– Privacy is on by default
– Lightweight
– No public addresses?

CONS

– Privacy not very effective without high volume
– Sender and receiver must both be online
– Relatively new technology

ZEXE

Fresh off the minds of brilliant cryptographers (Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu), in October 2018 Zexe proposed a new cryptographic primitive called ‘decentralized private computation.[30] It allows users of a decentralized ledger to “execute offline computations that result in transactions”[31], but also keeps transaction amounts hidden and allows transaction validation to happen at any time regardless of computations being done online. This can have far reaching implications for privacy coins in the future. Consider cases where transactions need to be automatic and private, without both parties being present.

NETWORK PRIVACY

Privacy technologies that look at network privacy as nodes communicate with each other on the network are important considerations, rather than just looking at privacy on the blockchain itself. Anonymous layers encrypt and/or reroute data as it moves among peers, so it is not obvious who they originate from on the network. They are used to protect against surveillance or censorship from ISPs and governments. The Invisible Internet Project (I2P) is an anonymous network layer that uses end to end encryption for peers on a network to communicate with each other.[32] Its history dates back to 2003. Kovri is a Monero created implementation of I2P.[33] The Onion Router (Tor) is another anonymity layer [34]) that Verge is a privacy cryptocurrency that uses. But its historical link to the US government may be is concerning to some[35]. Dandelion transaction relay is also an upcoming Bitcoin improvement proposal (BIP) that scrambles IP data that will provide network privacy for Bitcoin as transaction and other information is transmitted.[36],[37],[38]

UPCOMING

Monero completed bulletproofs protocol updates that reduce RINGCT transaction sizes and thus transaction fee costs. (Bulletproofs are a replacement for range proofs used in confidential transactions that aid in encrypting inputs and outputs by making sure they add to zero).
Sigma Protocol – being actively researched by Zcoin team as of 2018 to replace Zerocoin protocol so that a trusted setup is not required.[39] There is a possible replacement for zk-snarks, called zk-starks, another form of zero-knowledge proof technology, that may make a trusted set-up unnecessary for zero-knowledege proof coins.[40]

PART 1 CONCLUSION OF THE PRIVACY COIN GUIDE ON THE TECHNOLOGY BEHIND PRIVACY COINS

Although Bitcoin is still a groundbreaking technology that gives us a trust-less transaction system, it has failed to live up to its expectations of privacy. Over time, new privacy technologies have arrived and are arriving with innovative and exciting solutions for Bitcoin’s lack of fungibility. It is important to note that these technologies are built on prior research and application, but we are considering their use in cryptocurrencies. Protocols are proposed based on cryptographic concepts that show how they would work, and then developers actually implement them. Please note that I did not include the possibility of improper implementation as a disadvantage, and the advantages assume that the technical development is well done. A very important point is that coins can also adapt new privacy technologies as their merits become obvious, even as they start with a specific privacy protocol. Furthermore, I am, unfortunately, positive that this is not an exhaustive overview and I am only covering publicized solutions. Next, we’ll talk more about the pros and cons and give an idea of how the coins can be compared.

There's a video version that can be watched, and you can find out how to get the second two parts if you want on my website (video link on the page): https://cryptoramble.com/guide-on-privacy-coins/
submitted by CryptoRamble to ethereum [link] [comments]

The Privacy Coin Guide Part 1

As interest picks up in crypto again, I want to share this post I made on privacy coins again to just give the basics of their evolution. This is only part 1, and parts 2 and 3 are not available in this format, but this part is informative and basic.
If you’re looking for a quick and easy way to assess what the best privacy coin in the current space is, which has the best features, or which is most likely to give high returns, then this is not that guide. My goal is to give you the power to make your own decisions, to clearly state my biases, and educate. I really wanted to understand this niche of the crypto-space due to my background and current loyalties[1], and grasp the nuances of the features, origins and timelines of technologies used in privacy coins, while not being anything close to a developer myself. This is going to be a 3-part series, starting with an overview and basic review of the technology, then looking at its implications, and ending with why I like a specific project. It might be mildly interesting or delightfully educational. Cryptocurrencies are young and existing privacy coins are deploying technology that is a work in progress. This series assumes a basic understanding of how blockchains work, specifically as used in cryptocurrencies. If you don’t have that understanding, might I suggest that you get it? [2],[3],[4] Because cryptocurrencies have a long way to go before reaching their end-game: when the world relies on the technology without understanding it. So, shall we do a deep dive into the privacy coin space?

FIRST THERE WAS BITCOIN

Cryptocurrencies allow you to tokenize value and track its exchange between hands over time, with transaction information verified by a distributed network of users. The most famous version of a cryptocurrency in use is Bitcoin, defined as peer-to-peer electronic cash. [5] Posted anonymously in 2008, the whitepaper seemed to be in direct response to the global financial meltdown and public distrust of the conventional banking and financing systems. Although cryptographic techniques are used in Bitcoin to ensure that (i) only the owner of a specific wallet has the authority to spend funds from that wallet, (ii) the public address is linked but cannot be traced by a third party to the private address (iii) the information is stored via cryptographic hashing in a merkle tree structure to ensure data integrity, the actual transaction information is publicly visible on the blockchain and can be traced back to the individual through chain analysis.[6] This has raised fears of possible financial censorship or the metaphorical tainting of money due to its origination point, as demonstrated in the Silk Road marketplace disaster.[7] This can happen because fiat money is usually exchanged for cryptocurrency at some point, as crypto-enthusiasts are born in the real world and inevitably cash out. There are already chain analysis firms and software that are increasingly efficient at tracking transactions on the Bitcoin blockchain.[8] This lack of privacy is one of the limitations of Bitcoin that has resulted in the creation of altcoins that experiment with the different features a cryptocurrency can have. Privacy coins are figuring out how to introduce privacy in addition to the payment network. The goal is to make the cryptocurrency fungible, each unit able to be exchanged for equal value without knowledge of its transaction history – like cash, while being publicly verifiable on a decentralized network. In other words, anyone can add the math up without being able to see the full details. Some privacy solutions and protocols have popped up as a result:

CRYPTONOTE – RING SIGNATURES AND STEALTH ADDRESSES

Used in: Monero and Particl as its successor RING-CT, Bytecoin
In December 2012, CryptoNote introduced the use of ring signatures and stealth addresses (along with other notable features such as its own codebase) to improve cryptocurrency privacy.[9] An updated CryptoNote version 2 came in October 2013 [10](though there is some dispute over this timeline [11]), also authored under the name Nicolas van Saberhagen. Ring signatures hide sender information by having the sender sign a transaction using a signature that could belong to multiple users. This makes a transaction untraceable. Stealth addresses allow a receiver to give a single address which generates a different public address for funds to be received at each time funds are sent to it. That makes a transaction unlinkable. In terms of privacy, CryptoNote gave us a protocol for untraceable and unlinkable transactions. The first implementation of CryptoNote technology was Bytecoin in March 2014 (timeline disputed [12]), which spawned many children (forks) in subsequent years, a notable example being Monero, based on CryptoNote v2 in April 2014.
RING SIGNATURES and STEALTH ADDRESSES

PROS

– Provides sender and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume
-Does not hide transaction information if not combined with another protocol.

COINJOIN

Used in: Dash
Bitcoin developer Gregory Maxwell proposed a set of solutions to bring privacy to Bitcoin and cryptocurrencies, the first being CoinJoin (January 28 – Aug 22, 2013).[13],[14] CoinJoin (sometimes called CoinSwap) allows multiple users to combine their transactions into a single transaction, by receiving inputs from multiple users, and then sending their outputs to the multiple users, irrespective of who in the group the inputs came from. So, the receiver will get whatever output amount they were supposed to, but it cannot be directly traced to its origination input. Similar proposals include Coinshuffle in 2014 and Tumblebit in 2016, building on CoinJoin but not terribly popular [15],[16]. They fixed the need for a trusted third party to ‘mix’ the transactions. There are CoinJoin implementations that are being actively worked on but are not the most popular privacy solutions of today. A notable coin that uses CoinJoin technology is Dash, launched in January 2014, with masternodes in place of a trusted party.
COINJOIN

PROS

– Provides sender and receiver privacy
– Easy to implement on any cryptocurrency
– Lightweight
– Greater scalability with bulletproofs
– Mature technology

CONS

– Least anonymous privacy solution. Transaction amounts can be calculated
– Even without third-party mixer, depends on wealth centralization of masternodes

ZEROCOIN

Used in: Zcoin, PIVX
In May 2013, the Zerocoin protocol was introduced by John Hopkins University professor Matthew D. Green and his graduate students Ian Miers and Christina Garman.[17] In response to the need for use of a third party to do CoinJoin, the Zerocoin proposal allowed for a coin to be destroyed and remade in order to erase its history whenever it is spent. Zero-knowledge cryptography and zero-knowledge proofs are used to prove that the new coins for spending are being appropriately made. A zero-knowledge proof allows one party to prove to another that they know specific information, without revealing any information about it, other than the fact that they know it. Zerocoin was not accepted by the Bitcoin community as an implementation to be added to Bitcoin, so a new cryptocurrency had to be formed. Zcoin was the first cryptocurrency to implement the Zerocoin protocol in 2016. [18]
ZEROCOIN

PROS

– Provides sender and receiver privacy
– Supply can be audited
– Relatively mature technology
– Does not require a third-party

CONS

– Requires trusted setup (May not be required with Sigma protocol)
– Large proof sizes (not lightweight)
– Does not provide full privacy for transaction amounts

ZEROCASH

Used in: Zcash, Horizen, Komodo, Zclassic, Bitcoin Private
In May 2014, the current successor to the Zerocoin protocol, Zerocash, was created, also by Matthew Green and others (Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza).[19] It improved upon the Zerocoin concept by taking advantage of zero-knowledge proofs called zk-snarks (zero knowledge succinct non-interactive arguments of knowledge). Unlike Zerocoin, which hid coin origins and payment history, Zerocash was faster, with smaller transaction sizes, and hides transaction information on the sender, receiver and amount. Zcash is the first cryptocurrency to implement the Zerocash protocol in 2016. [20]
ZEROCASH

PROS

– Provides full anonymity. Sender, receiver and amount hidden.
– Privacy can be default?
– Fast due to small proof sizes.
– Payment amount can be optionally disclosed for auditing
– Does not require any third-party

CONS

– Requires trusted setup. (May be improved with zt-starks technology)
– Supply cannot be audited. And coins can potentially be forged without proper implementation.
– Private transactions computationally intensive (improved with Sapling upgrade)

CONFIDENTIAL TRANSACTIONS

Used in: Monero and Particl with Ring Signatures as RING-CT
The next proposal from Maxwell was that of confidential transactions, proposed in June 2015 as part of the Sidechain Elements project from Blockstream, where Maxwell was Chief Technical Officer.[21],[22] It proposed to hide the transaction amount and asset type (e.g. deposits, currencies, shares), so that only the sender and receiver are aware of the amount, unless they choose to make the amount public. It uses homomorphic encryption[23] to encrypt the inputs and outputs by using blinding factors and a kind of ring signature in a commitment scheme, so the amount can be ‘committed’ to, without the amount actually being known. I’m terribly sorry if you now have the urge to go and research exactly what that means. The takeaway is that the transaction amount can be hidden from outsiders while being verifiable.
CONFIDENTIAL TRANSACTIONS

PROS

– Hides transaction amounts
– Privacy can be default
– Mature technology
– Does not require any third-party

CONS

– Only provides transaction amount privacy when used alone

RING-CT

Used in: Monero, Particl
Then came Ring Confidential transactions, proposed by Shen-Noether of Monero Research Labs in October 2015.[24] RingCT combines the use of ring signatures for hiding sender information, with the use of confidential transactions (which also uses ring signatures) for hiding amounts. The proposal described a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature which “allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation”.[25] RingCT was implemented in Monero in January 2017 and made mandatory after September 2017.
RING -CONFIDENTIAL TRANSACTIONS

PROS

– Provides full anonymity. Hides transaction amounts and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume

MIMBLEWIMBLE

Used in: Grin
Mimblewimble was proposed in July 2016 by pseudonymous contributor Tom Elvis Jedusorand further developed in October 2016 by Andrew Poelstra.[26],[27] Mimblewimble is a “privacy and fungibility focused cryptocoin transaction structure proposal”.[28] The key words are transaction structure proposal, so the way the blockchain is built is different, in order to accommodate privacy and fungibility features. Mimblewimble uses the concept of Confidential transactions to keep amounts hidden, looks at private keys and transaction information to prove ownership of funds rather than using addresses, and bundles transactions together instead of listing them separately on the blockchain. It also introduces a novel method of pruning the blockchain. Grin is a cryptocurrency in development that is applying Mimblewimble. Mimblewimble is early in development and you can understand it more here [29].
MIMBLEWIMBLE

PROS

– Hides transaction amounts and receiver privacy
– Privacy is on by default
– Lightweight
– No public addresses?

CONS

– Privacy not very effective without high volume
– Sender and receiver must both be online
– Relatively new technology

ZEXE

Fresh off the minds of brilliant cryptographers (Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu), in October 2018 Zexe proposed a new cryptographic primitive called ‘decentralized private computation.[30] It allows users of a decentralized ledger to “execute offline computations that result in transactions”[31], but also keeps transaction amounts hidden and allows transaction validation to happen at any time regardless of computations being done online. This can have far reaching implications for privacy coins in the future. Consider cases where transactions need to be automatic and private, without both parties being present.

NETWORK PRIVACY

Privacy technologies that look at network privacy as nodes communicate with each other on the network are important considerations, rather than just looking at privacy on the blockchain itself. Anonymous layers encrypt and/or reroute data as it moves among peers, so it is not obvious who they originate from on the network. They are used to protect against surveillance or censorship from ISPs and governments. The Invisible Internet Project (I2P) is an anonymous network layer that uses end to end encryption for peers on a network to communicate with each other.[32] Its history dates back to 2003. Kovri is a Monero created implementation of I2P.[33] The Onion Router (Tor) is another anonymity layer [34]) that Verge is a privacy cryptocurrency that uses. But its historical link to the US government may be is concerning to some[35]. Dandelion transaction relay is also an upcoming Bitcoin improvement proposal (BIP) that scrambles IP data that will provide network privacy for Bitcoin as transaction and other information is transmitted.[36],[37],[38]

UPCOMING

Monero completed bulletproofs protocol updates that reduce RINGCT transaction sizes and thus transaction fee costs. (Bulletproofs are a replacement for range proofs used in confidential transactions that aid in encrypting inputs and outputs by making sure they add to zero).
Sigma Protocol – being actively researched by Zcoin team as of 2018 to replace Zerocoin protocol so that a trusted setup is not required.[39] There is a possible replacement for zk-snarks, called zk-starks, another form of zero-knowledge proof technology, that may make a trusted set-up unnecessary for zero-knowledege proof coins.[40]

PART 1 CONCLUSION OF THE PRIVACY COIN GUIDE ON THE TECHNOLOGY BEHIND PRIVACY COINS

Although Bitcoin is still a groundbreaking technology that gives us a trust-less transaction system, it has failed to live up to its expectations of privacy. Over time, new privacy technologies have arrived and are arriving with innovative and exciting solutions for Bitcoin’s lack of fungibility. It is important to note that these technologies are built on prior research and application, but we are considering their use in cryptocurrencies. Protocols are proposed based on cryptographic concepts that show how they would work, and then developers actually implement them. Please note that I did not include the possibility of improper implementation as a disadvantage, and the advantages assume that the technical development is well done. A very important point is that coins can also adapt new privacy technologies as their merits become obvious, even as they start with a specific privacy protocol. Furthermore, I am, unfortunately, positive that this is not an exhaustive overview and I am only covering publicized solutions. Next, we’ll talk more about the pros and cons and give an idea of how the coins can be compared.

There's a video version that can be watched, and you can find out how to get the second two parts if you want on my website (video link on the page): https://cryptoramble.com/guide-on-privacy-coins/
submitted by CryptoRamble to privacycoins [link] [comments]

The Privacy Coin Guide Part 1

As interest picks up in crypto again, I want to share this post I made on privacy coins again to just give the basics of their evolution. This is only part 1, and parts 2 and 3 are not available in this format, but this part is informative and basic.
If you’re looking for a quick and easy way to assess what the best privacy coin in the current space is, which has the best features, or which is most likely to give high returns, then this is not that guide. My goal is to give you the power to make your own decisions, to clearly state my biases, and educate. I really wanted to understand this niche of the crypto-space due to my background and current loyalties[1], and grasp the nuances of the features, origins and timelines of technologies used in privacy coins, while not being anything close to a developer myself. This is going to be a 3-part series, starting with an overview and basic review of the technology, then looking at its implications, and ending with why I like a specific project. It might be mildly interesting or delightfully educational. Cryptocurrencies are young and existing privacy coins are deploying technology that is a work in progress. This series assumes a basic understanding of how blockchains work, specifically as used in cryptocurrencies. If you don’t have that understanding, might I suggest that you get it? [2],[3],[4] Because cryptocurrencies have a long way to go before reaching their end-game: when the world relies on the technology without understanding it. So, shall we do a deep dive into the privacy coin space?

FIRST THERE WAS BITCOIN

Cryptocurrencies allow you to tokenize value and track its exchange between hands over time, with transaction information verified by a distributed network of users. The most famous version of a cryptocurrency in use is Bitcoin, defined as peer-to-peer electronic cash. [5] Posted anonymously in 2008, the whitepaper seemed to be in direct response to the global financial meltdown and public distrust of the conventional banking and financing systems. Although cryptographic techniques are used in Bitcoin to ensure that (i) only the owner of a specific wallet has the authority to spend funds from that wallet, (ii) the public address is linked but cannot be traced by a third party to the private address (iii) the information is stored via cryptographic hashing in a merkle tree structure to ensure data integrity, the actual transaction information is publicly visible on the blockchain and can be traced back to the individual through chain analysis.[6] This has raised fears of possible financial censorship or the metaphorical tainting of money due to its origination point, as demonstrated in the Silk Road marketplace disaster.[7] This can happen because fiat money is usually exchanged for cryptocurrency at some point, as crypto-enthusiasts are born in the real world and inevitably cash out. There are already chain analysis firms and software that are increasingly efficient at tracking transactions on the Bitcoin blockchain.[8] This lack of privacy is one of the limitations of Bitcoin that has resulted in the creation of altcoins that experiment with the different features a cryptocurrency can have. Privacy coins are figuring out how to introduce privacy in addition to the payment network. The goal is to make the cryptocurrency fungible, each unit able to be exchanged for equal value without knowledge of its transaction history – like cash, while being publicly verifiable on a decentralized network. In other words, anyone can add the math up without being able to see the full details. Some privacy solutions and protocols have popped up as a result:

CRYPTONOTE – RING SIGNATURES AND STEALTH ADDRESSES

Used in: Monero and Particl as its successor RING-CT, Bytecoin
In December 2012, CryptoNote introduced the use of ring signatures and stealth addresses (along with other notable features such as its own codebase) to improve cryptocurrency privacy.[9] An updated CryptoNote version 2 came in October 2013 [10](though there is some dispute over this timeline [11]), also authored under the name Nicolas van Saberhagen. Ring signatures hide sender information by having the sender sign a transaction using a signature that could belong to multiple users. This makes a transaction untraceable. Stealth addresses allow a receiver to give a single address which generates a different public address for funds to be received at each time funds are sent to it. That makes a transaction unlinkable. In terms of privacy, CryptoNote gave us a protocol for untraceable and unlinkable transactions. The first implementation of CryptoNote technology was Bytecoin in March 2014 (timeline disputed [12]), which spawned many children (forks) in subsequent years, a notable example being Monero, based on CryptoNote v2 in April 2014.
RING SIGNATURES and STEALTH ADDRESSES

PROS

– Provides sender and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume
-Does not hide transaction information if not combined with another protocol.

COINJOIN

Used in: Dash
Bitcoin developer Gregory Maxwell proposed a set of solutions to bring privacy to Bitcoin and cryptocurrencies, the first being CoinJoin (January 28 – Aug 22, 2013).[13],[14] CoinJoin (sometimes called CoinSwap) allows multiple users to combine their transactions into a single transaction, by receiving inputs from multiple users, and then sending their outputs to the multiple users, irrespective of who in the group the inputs came from. So, the receiver will get whatever output amount they were supposed to, but it cannot be directly traced to its origination input. Similar proposals include Coinshuffle in 2014 and Tumblebit in 2016, building on CoinJoin but not terribly popular [15],[16]. They fixed the need for a trusted third party to ‘mix’ the transactions. There are CoinJoin implementations that are being actively worked on but are not the most popular privacy solutions of today. A notable coin that uses CoinJoin technology is Dash, launched in January 2014, with masternodes in place of a trusted party.
COINJOIN

PROS

– Provides sender and receiver privacy
– Easy to implement on any cryptocurrency
– Lightweight
– Greater scalability with bulletproofs
– Mature technology

CONS

– Least anonymous privacy solution. Transaction amounts can be calculated
– Even without third-party mixer, depends on wealth centralization of masternodes

ZEROCOIN

Used in: Zcoin, PIVX
In May 2013, the Zerocoin protocol was introduced by John Hopkins University professor Matthew D. Green and his graduate students Ian Miers and Christina Garman.[17] In response to the need for use of a third party to do CoinJoin, the Zerocoin proposal allowed for a coin to be destroyed and remade in order to erase its history whenever it is spent. Zero-knowledge cryptography and zero-knowledge proofs are used to prove that the new coins for spending are being appropriately made. A zero-knowledge proof allows one party to prove to another that they know specific information, without revealing any information about it, other than the fact that they know it. Zerocoin was not accepted by the Bitcoin community as an implementation to be added to Bitcoin, so a new cryptocurrency had to be formed. Zcoin was the first cryptocurrency to implement the Zerocoin protocol in 2016. [18]
ZEROCOIN

PROS

– Provides sender and receiver privacy
– Supply can be audited
– Relatively mature technology
– Does not require a third-party

CONS

– Requires trusted setup (May not be required with Sigma protocol)
– Large proof sizes (not lightweight)
– Does not provide full privacy for transaction amounts

ZEROCASH

Used in: Zcash, Horizen, Komodo, Zclassic, Bitcoin Private
In May 2014, the current successor to the Zerocoin protocol, Zerocash, was created, also by Matthew Green and others (Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza).[19] It improved upon the Zerocoin concept by taking advantage of zero-knowledge proofs called zk-snarks (zero knowledge succinct non-interactive arguments of knowledge). Unlike Zerocoin, which hid coin origins and payment history, Zerocash was faster, with smaller transaction sizes, and hides transaction information on the sender, receiver and amount. Zcash is the first cryptocurrency to implement the Zerocash protocol in 2016. [20]
ZEROCASH

PROS

– Provides full anonymity. Sender, receiver and amount hidden.
– Privacy can be default?
– Fast due to small proof sizes.
– Payment amount can be optionally disclosed for auditing
– Does not require any third-party

CONS

– Requires trusted setup. (May be improved with zt-starks technology)
– Supply cannot be audited. And coins can potentially be forged without proper implementation.
– Private transactions computationally intensive (improved with Sapling upgrade)

CONFIDENTIAL TRANSACTIONS

Used in: Monero and Particl with Ring Signatures as RING-CT
The next proposal from Maxwell was that of confidential transactions, proposed in June 2015 as part of the Sidechain Elements project from Blockstream, where Maxwell was Chief Technical Officer.[21],[22] It proposed to hide the transaction amount and asset type (e.g. deposits, currencies, shares), so that only the sender and receiver are aware of the amount, unless they choose to make the amount public. It uses homomorphic encryption[23] to encrypt the inputs and outputs by using blinding factors and a kind of ring signature in a commitment scheme, so the amount can be ‘committed’ to, without the amount actually being known. I’m terribly sorry if you now have the urge to go and research exactly what that means. The takeaway is that the transaction amount can be hidden from outsiders while being verifiable.
CONFIDENTIAL TRANSACTIONS

PROS

– Hides transaction amounts
– Privacy can be default
– Mature technology
– Does not require any third-party

CONS

– Only provides transaction amount privacy when used alone

RING-CT

Used in: Monero, Particl
Then came Ring Confidential transactions, proposed by Shen-Noether of Monero Research Labs in October 2015.[24] RingCT combines the use of ring signatures for hiding sender information, with the use of confidential transactions (which also uses ring signatures) for hiding amounts. The proposal described a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature which “allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation”.[25] RingCT was implemented in Monero in January 2017 and made mandatory after September 2017.
RING -CONFIDENTIAL TRANSACTIONS

PROS

– Provides full anonymity. Hides transaction amounts and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume

MIMBLEWIMBLE

Used in: Grin
Mimblewimble was proposed in July 2016 by pseudonymous contributor Tom Elvis Jedusorand further developed in October 2016 by Andrew Poelstra.[26],[27] Mimblewimble is a “privacy and fungibility focused cryptocoin transaction structure proposal”.[28] The key words are transaction structure proposal, so the way the blockchain is built is different, in order to accommodate privacy and fungibility features. Mimblewimble uses the concept of Confidential transactions to keep amounts hidden, looks at private keys and transaction information to prove ownership of funds rather than using addresses, and bundles transactions together instead of listing them separately on the blockchain. It also introduces a novel method of pruning the blockchain. Grin is a cryptocurrency in development that is applying Mimblewimble. Mimblewimble is early in development and you can understand it more here [29].
MIMBLEWIMBLE

PROS

– Hides transaction amounts and receiver privacy
– Privacy is on by default
– Lightweight
– No public addresses?

CONS

– Privacy not very effective without high volume
– Sender and receiver must both be online
– Relatively new technology

ZEXE

Fresh off the minds of brilliant cryptographers (Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu), in October 2018 Zexe proposed a new cryptographic primitive called ‘decentralized private computation.[30] It allows users of a decentralized ledger to “execute offline computations that result in transactions”[31], but also keeps transaction amounts hidden and allows transaction validation to happen at any time regardless of computations being done online. This can have far reaching implications for privacy coins in the future. Consider cases where transactions need to be automatic and private, without both parties being present.

NETWORK PRIVACY

Privacy technologies that look at network privacy as nodes communicate with each other on the network are important considerations, rather than just looking at privacy on the blockchain itself. Anonymous layers encrypt and/or reroute data as it moves among peers, so it is not obvious who they originate from on the network. They are used to protect against surveillance or censorship from ISPs and governments. The Invisible Internet Project (I2P) is an anonymous network layer that uses end to end encryption for peers on a network to communicate with each other.[32] Its history dates back to 2003. Kovri is a Monero created implementation of I2P.[33] The Onion Router (Tor) is another anonymity layer [34]) that Verge is a privacy cryptocurrency that uses. But its historical link to the US government may be is concerning to some[35]. Dandelion transaction relay is also an upcoming Bitcoin improvement proposal (BIP) that scrambles IP data that will provide network privacy for Bitcoin as transaction and other information is transmitted.[36],[37],[38]

UPCOMING

Monero completed bulletproofs protocol updates that reduce RINGCT transaction sizes and thus transaction fee costs. (Bulletproofs are a replacement for range proofs used in confidential transactions that aid in encrypting inputs and outputs by making sure they add to zero).
Sigma Protocol – being actively researched by Zcoin team as of 2018 to replace Zerocoin protocol so that a trusted setup is not required.[39] There is a possible replacement for zk-snarks, called zk-starks, another form of zero-knowledge proof technology, that may make a trusted set-up unnecessary for zero-knowledege proof coins.[40]

PART 1 CONCLUSION OF THE PRIVACY COIN GUIDE ON THE TECHNOLOGY BEHIND PRIVACY COINS

Although Bitcoin is still a groundbreaking technology that gives us a trust-less transaction system, it has failed to live up to its expectations of privacy. Over time, new privacy technologies have arrived and are arriving with innovative and exciting solutions for Bitcoin’s lack of fungibility. It is important to note that these technologies are built on prior research and application, but we are considering their use in cryptocurrencies. Protocols are proposed based on cryptographic concepts that show how they would work, and then developers actually implement them. Please note that I did not include the possibility of improper implementation as a disadvantage, and the advantages assume that the technical development is well done. A very important point is that coins can also adapt new privacy technologies as their merits become obvious, even as they start with a specific privacy protocol. Furthermore, I am, unfortunately, positive that this is not an exhaustive overview and I am only covering publicized solutions. Next, we’ll talk more about the pros and cons and give an idea of how the coins can be compared.

There's a video version that can be watched, and you can find out how to get the second two parts if you want on my website (video link on the page): https://cryptoramble.com/guide-on-privacy-coins/
submitted by CryptoRamble to ethtrader [link] [comments]

The Privacy Coin Guide Part 1

As interest picks up in crypto again, I want to share this post I made on privacy coins again to just give the basics of their evolution. This is only part 1, and parts 2 and 3 are not available in this format, but this part is informative and basic.
If you’re looking for a quick and easy way to assess what the best privacy coin in the current space is, which has the best features, or which is most likely to give high returns, then this is not that guide. My goal is to give you the power to make your own decisions, to clearly state my biases, and educate. I really wanted to understand this niche of the crypto-space due to my background and current loyalties[1], and grasp the nuances of the features, origins and timelines of technologies used in privacy coins, while not being anything close to a developer myself. This is going to be a 3-part series, starting with an overview and basic review of the technology, then looking at its implications, and ending with why I like a specific project. It might be mildly interesting or delightfully educational. Cryptocurrencies are young and existing privacy coins are deploying technology that is a work in progress. This series assumes a basic understanding of how blockchains work, specifically as used in cryptocurrencies. If you don’t have that understanding, might I suggest that you get it? [2],[3],[4] Because cryptocurrencies have a long way to go before reaching their end-game: when the world relies on the technology without understanding it. So, shall we do a deep dive into the privacy coin space?

FIRST THERE WAS BITCOIN

Cryptocurrencies allow you to tokenize value and track its exchange between hands over time, with transaction information verified by a distributed network of users. The most famous version of a cryptocurrency in use is Bitcoin, defined as peer-to-peer electronic cash. [5] Posted anonymously in 2008, the whitepaper seemed to be in direct response to the global financial meltdown and public distrust of the conventional banking and financing systems. Although cryptographic techniques are used in Bitcoin to ensure that (i) only the owner of a specific wallet has the authority to spend funds from that wallet, (ii) the public address is linked but cannot be traced by a third party to the private address (iii) the information is stored via cryptographic hashing in a merkle tree structure to ensure data integrity, the actual transaction information is publicly visible on the blockchain and can be traced back to the individual through chain analysis.[6] This has raised fears of possible financial censorship or the metaphorical tainting of money due to its origination point, as demonstrated in the Silk Road marketplace disaster.[7] This can happen because fiat money is usually exchanged for cryptocurrency at some point, as crypto-enthusiasts are born in the real world and inevitably cash out. There are already chain analysis firms and software that are increasingly efficient at tracking transactions on the Bitcoin blockchain.[8] This lack of privacy is one of the limitations of Bitcoin that has resulted in the creation of altcoins that experiment with the different features a cryptocurrency can have. Privacy coins are figuring out how to introduce privacy in addition to the payment network. The goal is to make the cryptocurrency fungible, each unit able to be exchanged for equal value without knowledge of its transaction history – like cash, while being publicly verifiable on a decentralized network. In other words, anyone can add the math up without being able to see the full details. Some privacy solutions and protocols have popped up as a result:

CRYPTONOTE – RING SIGNATURES AND STEALTH ADDRESSES

Used in: Monero and Particl as its successor RING-CT, Bytecoin
In December 2012, CryptoNote introduced the use of ring signatures and stealth addresses (along with other notable features such as its own codebase) to improve cryptocurrency privacy.[9] An updated CryptoNote version 2 came in October 2013 [10](though there is some dispute over this timeline [11]), also authored under the name Nicolas van Saberhagen. Ring signatures hide sender information by having the sender sign a transaction using a signature that could belong to multiple users. This makes a transaction untraceable. Stealth addresses allow a receiver to give a single address which generates a different public address for funds to be received at each time funds are sent to it. That makes a transaction unlinkable. In terms of privacy, CryptoNote gave us a protocol for untraceable and unlinkable transactions. The first implementation of CryptoNote technology was Bytecoin in March 2014 (timeline disputed [12]), which spawned many children (forks) in subsequent years, a notable example being Monero, based on CryptoNote v2 in April 2014.
RING SIGNATURES and STEALTH ADDRESSES

PROS

– Provides sender and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume
-Does not hide transaction information if not combined with another protocol.

COINJOIN

Used in: Dash
Bitcoin developer Gregory Maxwell proposed a set of solutions to bring privacy to Bitcoin and cryptocurrencies, the first being CoinJoin (January 28 – Aug 22, 2013).[13],[14] CoinJoin (sometimes called CoinSwap) allows multiple users to combine their transactions into a single transaction, by receiving inputs from multiple users, and then sending their outputs to the multiple users, irrespective of who in the group the inputs came from. So, the receiver will get whatever output amount they were supposed to, but it cannot be directly traced to its origination input. Similar proposals include Coinshuffle in 2014 and Tumblebit in 2016, building on CoinJoin but not terribly popular [15],[16]. They fixed the need for a trusted third party to ‘mix’ the transactions. There are CoinJoin implementations that are being actively worked on but are not the most popular privacy solutions of today. A notable coin that uses CoinJoin technology is Dash, launched in January 2014, with masternodes in place of a trusted party.
COINJOIN

PROS

– Provides sender and receiver privacy
– Easy to implement on any cryptocurrency
– Lightweight
– Greater scalability with bulletproofs
– Mature technology

CONS

– Least anonymous privacy solution. Transaction amounts can be calculated
– Even without third-party mixer, depends on wealth centralization of masternodes

ZEROCOIN

Used in: Zcoin, PIVX
In May 2013, the Zerocoin protocol was introduced by John Hopkins University professor Matthew D. Green and his graduate students Ian Miers and Christina Garman.[17] In response to the need for use of a third party to do CoinJoin, the Zerocoin proposal allowed for a coin to be destroyed and remade in order to erase its history whenever it is spent. Zero-knowledge cryptography and zero-knowledge proofs are used to prove that the new coins for spending are being appropriately made. A zero-knowledge proof allows one party to prove to another that they know specific information, without revealing any information about it, other than the fact that they know it. Zerocoin was not accepted by the Bitcoin community as an implementation to be added to Bitcoin, so a new cryptocurrency had to be formed. Zcoin was the first cryptocurrency to implement the Zerocoin protocol in 2016. [18]
ZEROCOIN

PROS

– Provides sender and receiver privacy
– Supply can be audited
– Relatively mature technology
– Does not require a third-party

CONS

– Requires trusted setup (May not be required with Sigma protocol)
– Large proof sizes (not lightweight)
– Does not provide full privacy for transaction amounts

ZEROCASH

Used in: Zcash, Horizen, Komodo, Zclassic, Bitcoin Private
In May 2014, the current successor to the Zerocoin protocol, Zerocash, was created, also by Matthew Green and others (Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza).[19] It improved upon the Zerocoin concept by taking advantage of zero-knowledge proofs called zk-snarks (zero knowledge succinct non-interactive arguments of knowledge). Unlike Zerocoin, which hid coin origins and payment history, Zerocash was faster, with smaller transaction sizes, and hides transaction information on the sender, receiver and amount. Zcash is the first cryptocurrency to implement the Zerocash protocol in 2016. [20]
ZEROCASH

PROS

– Provides full anonymity. Sender, receiver and amount hidden.
– Privacy can be default?
– Fast due to small proof sizes.
– Payment amount can be optionally disclosed for auditing
– Does not require any third-party

CONS

– Requires trusted setup. (May be improved with zt-starks technology)
– Supply cannot be audited. And coins can potentially be forged without proper implementation.
– Private transactions computationally intensive (improved with Sapling upgrade)

CONFIDENTIAL TRANSACTIONS

Used in: Monero and Particl with Ring Signatures as RING-CT
The next proposal from Maxwell was that of confidential transactions, proposed in June 2015 as part of the Sidechain Elements project from Blockstream, where Maxwell was Chief Technical Officer.[21],[22] It proposed to hide the transaction amount and asset type (e.g. deposits, currencies, shares), so that only the sender and receiver are aware of the amount, unless they choose to make the amount public. It uses homomorphic encryption[23] to encrypt the inputs and outputs by using blinding factors and a kind of ring signature in a commitment scheme, so the amount can be ‘committed’ to, without the amount actually being known. I’m terribly sorry if you now have the urge to go and research exactly what that means. The takeaway is that the transaction amount can be hidden from outsiders while being verifiable.
CONFIDENTIAL TRANSACTIONS

PROS

– Hides transaction amounts
– Privacy can be default
– Mature technology
– Does not require any third-party

CONS

– Only provides transaction amount privacy when used alone

RING-CT

Used in: Monero, Particl
Then came Ring Confidential transactions, proposed by Shen-Noether of Monero Research Labs in October 2015.[24] RingCT combines the use of ring signatures for hiding sender information, with the use of confidential transactions (which also uses ring signatures) for hiding amounts. The proposal described a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature which “allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation”.[25] RingCT was implemented in Monero in January 2017 and made mandatory after September 2017.
RING -CONFIDENTIAL TRANSACTIONS

PROS

– Provides full anonymity. Hides transaction amounts and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume

MIMBLEWIMBLE

Used in: Grin
Mimblewimble was proposed in July 2016 by pseudonymous contributor Tom Elvis Jedusorand further developed in October 2016 by Andrew Poelstra.[26],[27] Mimblewimble is a “privacy and fungibility focused cryptocoin transaction structure proposal”.[28] The key words are transaction structure proposal, so the way the blockchain is built is different, in order to accommodate privacy and fungibility features. Mimblewimble uses the concept of Confidential transactions to keep amounts hidden, looks at private keys and transaction information to prove ownership of funds rather than using addresses, and bundles transactions together instead of listing them separately on the blockchain. It also introduces a novel method of pruning the blockchain. Grin is a cryptocurrency in development that is applying Mimblewimble. Mimblewimble is early in development and you can understand it more here [29].
MIMBLEWIMBLE

PROS

– Hides transaction amounts and receiver privacy
– Privacy is on by default
– Lightweight
– No public addresses?

CONS

– Privacy not very effective without high volume
– Sender and receiver must both be online
– Relatively new technology

ZEXE

Fresh off the minds of brilliant cryptographers (Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu), in October 2018 Zexe proposed a new cryptographic primitive called ‘decentralized private computation.[30] It allows users of a decentralized ledger to “execute offline computations that result in transactions”[31], but also keeps transaction amounts hidden and allows transaction validation to happen at any time regardless of computations being done online. This can have far reaching implications for privacy coins in the future. Consider cases where transactions need to be automatic and private, without both parties being present.

NETWORK PRIVACY

Privacy technologies that look at network privacy as nodes communicate with each other on the network are important considerations, rather than just looking at privacy on the blockchain itself. Anonymous layers encrypt and/or reroute data as it moves among peers, so it is not obvious who they originate from on the network. They are used to protect against surveillance or censorship from ISPs and governments. The Invisible Internet Project (I2P) is an anonymous network layer that uses end to end encryption for peers on a network to communicate with each other.[32] Its history dates back to 2003. Kovri is a Monero created implementation of I2P.[33] The Onion Router (Tor) is another anonymity layer [34]) that Verge is a privacy cryptocurrency that uses. But its historical link to the US government may be is concerning to some[35]. Dandelion transaction relay is also an upcoming Bitcoin improvement proposal (BIP) that scrambles IP data that will provide network privacy for Bitcoin as transaction and other information is transmitted.[36],[37],[38]

UPCOMING

Monero completed bulletproofs protocol updates that reduce RINGCT transaction sizes and thus transaction fee costs. (Bulletproofs are a replacement for range proofs used in confidential transactions that aid in encrypting inputs and outputs by making sure they add to zero).
Sigma Protocol – being actively researched by Zcoin team as of 2018 to replace Zerocoin protocol so that a trusted setup is not required.[39] There is a possible replacement for zk-snarks, called zk-starks, another form of zero-knowledge proof technology, that may make a trusted set-up unnecessary for zero-knowledege proof coins.[40]

PART 1 CONCLUSION OF THE PRIVACY COIN GUIDE ON THE TECHNOLOGY BEHIND PRIVACY COINS

Although Bitcoin is still a groundbreaking technology that gives us a trust-less transaction system, it has failed to live up to its expectations of privacy. Over time, new privacy technologies have arrived and are arriving with innovative and exciting solutions for Bitcoin’s lack of fungibility. It is important to note that these technologies are built on prior research and application, but we are considering their use in cryptocurrencies. Protocols are proposed based on cryptographic concepts that show how they would work, and then developers actually implement them. Please note that I did not include the possibility of improper implementation as a disadvantage, and the advantages assume that the technical development is well done. A very important point is that coins can also adapt new privacy technologies as their merits become obvious, even as they start with a specific privacy protocol. Furthermore, I am, unfortunately, positive that this is not an exhaustive overview and I am only covering publicized solutions. Next, we’ll talk more about the pros and cons and give an idea of how the coins can be compared.

There's a video version that can be watched, and you can find out how to get the second two parts if you want on my website (video link on the page): https://cryptoramble.com/guide-on-privacy-coins/
submitted by CryptoRamble to CryptoCurrencies [link] [comments]

Fifty Years of Cypherpunk: History, Personalities, And Spread of its ideas

In this review, we tell how the ideas of cypherpunk were born, how they influenced cryptocurrencies, and modern technologies, who formed the basis and why its popularity these days has grown again.

From the early days to today: the chronology of key events of the cypherpunk

In the early 1970s, James Ellis of the UK Government Communications Center put forward the concept of public-key cryptography. In the early 1980s, small groups of hackers, mathematicians and cryptographers began working on the realization of this idea. One of them was an American cryptographer, Ph.D. David Chaum, who is sometimes called the godfather of cypherpunk. This new culture has proclaimed computer technology as a means of destroying state power and centralized management systems.Key figure among the cypherpunk of the 80s — Intel specialist Timothy C. May. His dream was to create a global system that allows anonymous exchange of information. He created the concept of the BlackNet system. In September 1988, May wrote The Crypto-Anarchist Manifesto: people themselves, without politicians, manage their lives, use cryptography, use digital currencies, and other decentralized tools.In 1989, David Chaum founded DigiCash an eCash digital money system with its CyberBucks and with the blind digital signature technology.Since 1992, Timothy May, John Gilmore (Electronic Frontier Foundation), and Eric Hughes (University of California) have begun holding secret meetings and regular PGP-encrypted mailing through anonymous remailer servers. And finally, in 1993 Eric Hughes published a fundamental document of the movement — А Cypherpunk's Manifesto. The importance of confidentiality, anonymous transactions, cryptographic protection — all these ideas were subsequently implemented in cryptocurrencies.The term "cypherpunk" was first used by hacker and programmer Jude Milhon to a group of crypto-anarchists.In 1995, Julian Assange, the creator of WikiLeaks, published his first post in cypherpunk mailing.In 1996, John Young and Deborah Natsios created the Cryptome, which published data related to security, privacy, freedom, cryptography. It is here that subsequently will be published data from the famous Edward Snowden.In 1997, cryptographer Dr. Adam Back (you know him as CEO of Blockstream) created Hashcash, a distributed anti-spam mechanism.In 1998, computer engineer Wei Dai published two concepts for creating a b-money digital payment system:
In April 2001, Bram Cohen developed the BitTorrent protocol and application.In 2002, Paul Syverson, Roger Dingledine and Nick Mathewson presented the alpha version of the anonymity network named TOR Project.In 2004, cypherpunk Hal Finney created the Reusable Proof of Work (RPoW) algorithm. It was based on Adam Back's Hashcash but its drawback was centralization.In 2005, cryptographer Nick Szabo, who developed the concept of smart contracts in the 1990s, announced the creation of Bit Gold — a digital collectible and investment item.In October 2008, legendary Satoshi Nakamoto created the manifesto “Bitcoin: A Peer-to-Peer Electronic Cash System”, which refers to the works of the cypherpunk classics Adam Back and Wei Dai.In 2011, Ross William Ulbricht aka Dread Pirate Roberts created the Silk Road, the first major market for illegal goods and services on the darknet.In 2016, Julian Assange released the book "Cypherpunks: Freedom and the future of the Internet."At the beginning of 2018, Pavel Durov, the creator of Telegram, announced the launch of the TON multi-blockchain platform and mentioned his plans to launch TON ICO.In 2019, the Tor Project‌ introduced an open anti-censorship group.

Cypherpunk 2020

Plenty of services, products, and technologies were inspired by cypherpunk: Cryptocurrencies, HD (Hierarchical Deterministic) crypto wallets, Coin Mixers, ECDHM addresses, Privacy Coins. The ideas of distribution and anonymity were also implemented in the torrents and VPN. You can see the embodiment of cybersecurity ideas in the electronic signatures and protected messengers (Telegram, Signal, and many others).Why there were so many talks about cypherpunk this spring? In April 2020, Reddit users suggested that the letter from the famous cypherpunks mailing dated September 19, 1999, was written by Satoshi Nakamoto himself (or someone close to him). This letter is about the functioning of ecash. Anonymous (supposed Satoshi) talks about the "public double-spending database" and Wei Dai's b-money as a possible foundation for ecash.In addition, researchers of the mystery "Who is Satoshi Nakamoto?" periodically make some noise and discover the next "secret" about one or another legendary cypherpunks. So, in May 2020, Adam Back wrote in response to videos and new hype discussions that, despite some coincidences, he is not Satoshi.Other heroes of the scene are not idle too: in April 2020, David Chaum received $9.7 million during the presale of the confidential coin xx, created to encourage venture investors.

Conclusion

As you can see from the Satoshi Nakamoto's mentions and from the stories of DigiCash, Hashcash, RPoW, Bit Gold, the movement of cypherpunk influenced a lot the emergence of cryptocurrencies. As governments and corporations restrict freedom and interfere with confidentiality, cypherpunk ideas will periodically rise in popularity. And this confrontation will not end in the coming decades.
submitted by CoinjoyAssistant to bitcoin_uncensored [link] [comments]

FUD Copy Pastas

**Last updated: May 30, 2018: Updated wallet info with release of Trinity.
This 4 part series from the IOTA foundation covers most of the technical FUD centered at IOTA.
https://blog.iota.org/official-iota-foundation-response-to-the-digital-currency-initiative-at-the-mit-media-lab-part-1-72434583a2
Also the official IOTA faq on iota.org answers nearly all of these questions if you want to hear the answers directly.
Purpose of Writing
Since posting FUD is so ridiculously low-effort in comparison to setting the record straight, I felt it necessary to put a log of copy-pastas together to balance the scales so its just as easy to answer the FUD as it was to generate it. So next time you hear someone say "IOTA is centralized", you no longer have to take an hour out of your day and spin your wheels with someone who likely had an agenda to begin with. You just copy-paste away and move on.
It's also worth mentioning IOTA devs are too damn busy working on the protocol and doing their job to answer FUD. So I felt a semblance of responsibility.
Here they are. These answers are too my understanding so if you see something that doesn't look right let me know! They are divided into the following categories so if you are interested in a specific aspect of IOTA you can scroll to that section.
1) WALLET
2) COMMUNITY
3) INVESTING
4) TECHNICAL

WALLET

IOTA was hacked and users funds were stolen!

First, IOTA was not hacked. The term “hacked” is thrown around way too brazingly nowadays and often used to describe events that weren’t hacks to begin with. Its a symptom of this space growing way too fast creating situations of the blind leading the blind and causing hysteria.
What happened:
Many IOTA users trusted a certain 3rd party website to create their seed for their wallets. This website silently sent copies of all the seeds generated to an email address and waited till it felt it had enough funds, then it took everyones money simultaneously. That was the ”hack”.
https://blog.iota.org/the-secret-to-security-is-secrecy-d32b5b7f25ef
The lesson:
The absolute #1 marketed feature of crypto is that you are your own bank. Of everything that is common knowledge about crypto, this is at the top. But being your own bank means you are responsible for the security of your own funds. There is no safety net or centralized system in place that is going to bail you out.
For those that don’t know (and you really should if you’ve invested in anything crypto), your seed is your username-pw-security question-backup email all rolled into one. Would you trust a no-name 3rd party website to produce your username+pw for your bank account? Because thats essentially what users did.
The fix:
Make your seed offline with the generators in the sidebar or use dice. This is outlined in the “how to generate wallet and seed” directly following.
The trinity and carriota wallets will have seed generators within them upon their release.

How to generate wallet and seed

1) Download official trinity wallet here
2) follow the instructions on the app.
3) Do not run any apps in conjunction with the trinity app. Make sure all other apps are completely closed out on your device.

Are you sure a computer can’t just guess my seed?

An IOTA seed is 81 characters long. There are more IOTA seed combinations than atoms in the universe. All the computers in the world combined would take millions billions of years just to find your randomly generated one that’s located somewhere between the 0th and the 2781st combination. The chance for someone to randomly generate the exact same seed as yours is 1 / (2781).
If you can’t fathom the number 27 ^ 81, this video should help:
https://www.youtube.com/watch?v=p8YIdmwcubc

Why is Trinity wallet taking so long!!??

Trinity is out. https://trinity.iota.org/

COMMUNITY

IOTA introduction video to share with family

https://youtu.be/LyC04NrJ3yA

Tangle visualizers

http://tangle.glumb.de/

How to setup a full node

Download Bolero and run! Bolero is an all-in-one full node install package with the latest IOTA IRI and Nelson all under a one-click install!
https://github.com/SemkoDev/bolero.fun/releases
"If you want to help the network then spam the network. If you really want to help the network then create a full node and let others spam you!"

No questions or concerns get upvoted, only downvoted!

That’s just the nature of this business. Everyone in these communities has money at stake and are extremely incentivized to keep only positive news at the top of the front page. There is nothing you're going to do about that on this subreddit or any crypto subreddit. It's just a reddit fact of life we have to deal with. Everyone has a downvote and everyone has an upvote. But what can be done is just simply answer the questions even if they are downvoted to hell. Yea most people wont' see the answers or discussion but that one person will. every little bit counts.
I will say that there are most certainly answers to nearly every FUD topic out there. Every single one. A lot of the posts I'm seeing as of late especially since the price spike are rehashed from months ago. They are often not answered not because there isn't an answeexplanation, but because regulars who have the answers simply don't see them (for the reason listed above). I can see how it's easy for this to be interpreted (especially by new users) as there not being an answer or "the FUDsters are on to something" but thats just not the case.

Developer's candidness (aka dev's are assholes!)

http://www.reddit.com/Iota/comments/7obyyx/serious_talk_about_pr_system_iota_and_david/ds8ouvc
http://www.reddit.com/Iota/comments/7obyyx/serious_talk_about_pr_system_iota_and_david/ds8rega
http://www.reddit.com/Iota/comments/7oi9g8/why_is_everyone_so_critical_of_david_this_has_to/ds9rtbb
https://i.redd.it/qb0ik4tgny401.jpg
Lastly and to no surprise, David conducts himself very professionally in this interview even when asked several tough questions about the coordinator and MIT criticism.

IOTA Devs do not respond appropriately to criticism

When critiquers provide feedback that is ACTUALLY useful to the devs, then sure they'll be glad to hear it. So far not once has an outside dev brought up something that the IOTA devs found useful. Every single time it ends up being something that was already taken into consideration with the design and if the critiquer did an ounce of research they would know that. Thus you often find the IOTA devs dismissing their opinion as FUD and responding with hostility because all their critique is really doing is sending the message to their supporters that they are not supposed to like IOTA anymore.
Nick Johnson was a perfect example of this. The Ethereum community was co-existing [peacefully]with IOTA’s community (as they do with nearly all alt coins) until Nick wrote his infamous article. Then almost overnight Ethereum decided it didn’t like IOTA anymore and we’ve been dealing with that shit since. As of today, add LTC to that list with Charlie’s (even admitting) ignorant judgement of IOTA.
12/17/2017: Add John McAfee (bitcoin cash) and Peter Todd (bitcoin) to the list of public figures who have posted ignorantly on IOTA.

A lot of crypto communities certainly like to hate on IOTA...

IOTA is disrupting the disrupters. It invented a completely new distributed ledger infrastructure (the tangle) that replaces the blockchain and solves all of its fundamental problems (namely fees and scaling). To give you an idea of this significance, 99% of the cryptocurrencies that exist are built on a block chain. These projects have billions of dollars invested into them meaning everyone in their communities are incentivized to see IOTA fail and spread as much FUD about it as possible. This includes well known organizations, public figures, and brands. Everyone commenting in these subreddits and crypto communities have their own personal money at stake and skin in the game. Misinformation campaigns, paid reddit posters, upvote/downvote bots, and corrupt moderators are all very real in this space.

INVESTING

How do I buy IOTA

https://medium.com/@fuo213/how-to-buy-iota-the-complete-guide-for-crypto-dummies-e63560caf921

What is the IOTA foundation?

IOTA foundation is a non-profit established in Germany and recognized by the European Union. Blog post here: https://blog.iota.org/iota-foundation-fb61937c9a7e

How many companies and organizations are interested, partnered or actively using IOTA?

A lot, and often too many to keep up with.
https://reddit.com/Iota/comments/7f3dmx/list_of_known_iota_partnerships_corporate/

How was IOTA distributed?

All IOTAs that will ever exist were sold at the ICO in 2015. There was no % reserved for development. Devs had to buy in with their personal money. Community donated back 5% of all IOTA so the IOTA foundation could be setup.

No inflation schedule? No additional coins? How is this sustainable?

Interestingly enough, IOTA is actually the only crypto that does not run into any problems with a currency cap and deflationaryism. Because there are zero fees, you will always be able to pay for something for exactly what it's worth using IOTA, no matter how small the value. If by chance in the future a single iota grows so large in value that it no longer allows someone to pay for something in fractions of a penny, the foundation would just add decimal points allowing for a tenth or a hundreth or a thousandth of an iota to be transacted with.
To give you some perspective, if a single IOTA equals 1 penny, IOTA would have a 27 trillion dollar market cap (100x that of Bitcoin's today)

IOTA is not for P2P, only for M2M

With the release of the trinity wallet, it's now dead simple for anyone to use IOTA funds for P2P. Try it out.

Companies technically don’t have to use the IOTA token

Yes they do
Worth clarifying that 0 iota data transactions are perfectly fine and are welcomed since they still provide pow for 2 other transactions and help secure the network. In the early stages, these types of transactions will probably be what give us the tps/pow needed to remove the coordinator and allow the network defend 34% attacks organically.
But... if someone does not want to sell or exchange their data for free (0 IOTA transaction), then Dominic is saying that the IOTA token must be used for that or any exchange in value on the network.
This is inherently healthy for the ecosystem since it provides a neutral and non-profit middle ground that all parties/companies can trust. If one company made their own token it wouldn’t be trusted since companies are incentivized by profits and nothing is stopping them from manipulating their token to make them more money. Thus, the IOTA foundation will not partner with anyone who refuses to take this option off the table.

All these companies are going to influence IOTA development!!

These companies have no influence on the development of IOTA. They either choose to use it or they don’t.

Internet of things is cheap and will stay cheap

Internet of things is one application of IOTA and considered by many to be the 4th industrial revolution. Go do some googling. IOTA having zero fees enables M2M for the first time in history. Also, if a crypto can do M2M it sure as shit can do M2P and P2P. M2M is hard mode.

IOTA surpassing speculation

IOTA, through the data marketplace and [qubic](qubic.iota.org), will be the first crypto to surpass speculation and actually be used in the real world for something. From there, it will branch out into other use cases, such as P2P. Or maybe P2P use of IOTA will grow in parallel with M2M, because why not?
https://blog.iota.org/iota-data-marketplace-cb6be463ac7f
12/19/17 update: Bosch reinforces IOTA's break-out from speculation by buying IOTA tokens for its future use in the data marketplace. https://i.redd.it/8e5b8bi9ov401.png
http://www.bosch-presse.de/pressportal/de/en/robert-bosch-venture-capital-makes-first-investment-in-distributed-ledger-technology-137411.html

Investing in a new project barely off the ground

Investing in a project in its early stages was something typically reserved for wealthy individuals/organizations before ICO’s became a thing. With early investing comes much less hand holding and more responsibility on the user to know what they are doing. If you have a hard time accepting this responsibility, don’t invest and wait for the technology to get easier for you. How many people actually knew how to use and mine bitcoin in 2009 before it had all its gui infrastructure?
IOTA is a tangle, the first of its kind. NOT a copy paste blockchain. As a result wallets and applications for IOTA are the first of their kind and translating the tangle into a nice clean user-friendly blockchain experience for the masses is even more taxing.

Why is the price of my coin falling?!

This may be the most asked question on any crypto subreddit but it's also the easiest to explain. The price typically falls when bad things happen to a coin or media fabricates bad news about a coin and a portion of investors take it seriously. The price increases when good things happen to a coin, such as a new exchange listing or a partnership announced etc.. The one piece that is often forgotten but trumps all these effects is something called "market forces".
Market forces is what happens to your coin when another coin gets a big news hit or a group of other coins get big news hits together. For example, when IOTA data marketplace released, IOTA hit a x5 bull run in a single week. But did you notice all the other alt coins in the red? There are a LOT of traders that are looking at the space as a whole and looking to get in on ANY bull action and will sell their other coins to do so. This effect can also be compounded over a long period of time such as what we witnessed when the bitcoin fork FOMO was going on and alt coins were squeezed continuously to feed it for weeks/months.
These examples really just scratch the surface of market forces but the big takeaway is that your coin or any coin will most certainly fall (or rise) in price at the result of what other coins are doing, with the most well known example being bitcoin’s correlation to every coin on the market. If you don't want to play the market-force game or don't have time for it, then you can never go wrong buying and holding.
It's also important to note that there are layers of investors. There's a top layer of light-stepping investors that are a mixture of day traders and gamblers trying to jump in and jump out to make quick money then look for the next buying (or shorting) opportunity at another coin. There's a middle layer of buyers and holders who did their research, believe in the tech and placing their bets it will win out in the long run. And the bottom layer are the founders and devs that are in it till the bitter end and there to see the vision realized. When a coin goes on a bull run, always expect that any day the top layer is going to pack up and leave to the next coin. But the long game is all about that middle layer. That is the layer that will be giving the bear markets their price-drop resistance. That is why the meme "HODL" is so effective because it very elegantly simplifies this whole concept for the common joe and makes them a part of that middle layer regardless if they understand whats going on or not.

TECHNICAL

How is IOTA free and how does it scale

IOTA is an altruistic system. Proof of work is done in IOTA just like bitcoin. Only a user’s device/phone must do pow for 2 other transactions before issuing one of its own. Therefore no miners and no fees. And the network becomes faster the more transactions are posted. Because of this, spamming the network is encouraged since they provide pow for 2 other transactions and speed up the network.

IOTA is centralized

IOTA is more decentralized than any blockchain crypto that relies on 5 pools of miners, all largely based in China. Furthermore, the coordinator is not a server in the dev’s basement that secretly processes all the transactions. It’s several nodes all around the globe that add milestone transactions to show the direction of the IF’s tangle within the DAG so people don’t accidentally follow a fork from a malicious actor. Anyone with the know-how can fork the tangle right now with a double-spend. But no one would follow their fork because the coordinator reveals which tangle is the legit IF one. If the coordinator wasn’t there (assuming low honest-transaction volume), there would be no way to discern which path to follow especially after the tangle diverges into forks of forks. Once throughout of honest transactions is significant enough, the “honest tangle” will replace the coordinated one and people will know which one to follow simply because it’s the biggest one in the room.
Referencing the coordinator is also optional.
Also, if you research and understand how IOTA intends to work without the coordinator, it’s easier to accept it for now as training wheels. I suggest reading pg 15 and on of the white paper analyzing in great depth how the network will defend different attack scenarios without a coordinator. For the past several months, IOTA foundation has been using St Petersburg college’s super computer to stress test IOTA and learn when they can turn the coordinator off. There will likely be a blog about the results soon.
This is another great read covering double spends on IOTA without a coordinator: www.tangleblog.com/2017/07/10/is-double-spending-possible-with-iota/
This too: http://www.reddit.com/Iota/comments/7eix4a/any_iota_guru_that_can_explain_what_this_guy_is/dq5ijrm
Also this correspondence with Vitalik and Come_from_Beyond https://twitter.com/DavidSonstebo/status/932510087301779456
At the end of the day, outstanding claims require outstanding evidence and folks approaching IOTA with a “I’ll believe it when I see it” attitude is completely understandable. It’s all about your risk tolerance.

Can IOTA defend double spend attacks?

99% of these “but did they think about double spend attacks?” type questions could just be answered if people went and did their own research. Yes of course they thought about that. That’s like crypto101…
www.tangleblog.com/2017/07/10/is-double-spending-possible-with-iota/

Will IOTA have smart contracts?

Yes - qubic.iota.org

Trinary vs binary?

"By using a ternary number system, the amount of devices and cycles can be reduced significantly. In contrast to two-state devices, multistate devices provide better radix economy with the option for further scaling"
https://www.nature.com/articles/srep36652
https://www.reddit.com/CryptoCurrency/comments/6jgbvb/iota_isnt_it_the_perfect_cryptocurrency/dje8os2/

Bitcoin with lightning network will make IOTA obsolete.

If you want lightning network, IOTA already released it. Called flash channels.
https://blog.iota.org/instant-feeless-flash-channels-88572d9a4385

IOTA rolled its own crypto!

https://blog.iota.org/official-iota-foundation-response-to-the-digital-currency-initiative-at-the-mit-media-lab-part-1-72434583a2
This is why: https://blog.iota.org/the-transparency-compendium-26aa5bb8e260
Cybercrypt has been hired to review and audit it. IOTA is currently running SHA-3/KECCAK now until Curl is ready.

MIT said bad things about IOTA

https://blog.iota.org/official-iota-foundation-response-to-the-digital-currency-initiative-at-the-mit-media-lab-part-1-72434583a2
And for official formal closure that MIT was completely wrong:
https://www.reddit.com/CryptoCurrency/comments/7svr8mit_media_lab_dci_allegations_proven_wrong_iotas/
https://blog.iota.org/curl-disclosure-beyond-the-headline-1814048d08ef
https://medium.com/@comefrombeyond/cfbs-comments-on-https-www-media-mit-edu-posts-iota-response-5834c7f8172d

Nick Johnson says IOTA is bad!

Nick Johnson is an ethereum dev who is incentivized to see IOTA fail, see CFBs twitter responses here.
https://mobile.twitter.com/nicksdjohnson/status/912676954184323073?lang=en
And this
https://t.co/1HgfPhg2lP
And this
https://www.reddit.com/Iota/comments/72lly0/comment/dnjk9f5?st=JB2VKUBB&sh=a2892548
And this
https://blog.iota.org/official-iota-foundation-response-to-the-digital-currency-initiative-at-the-mit-media-lab-part-1-72434583a2

IOTA is not private!

Masked authenticated messages exist right now so data can be transferred privately. Very important for businesses.

Coin privacy

Centralized coin mixer is out that foundation runs. Logs are kept so they can collect data and improve it Folks can copy the coin mixer code and run it themselves. Goal is for mixer to be decentralized and ran by any node.

How do nodes scale? How on earth can all that data be stored?

Full nodes store, update and verify from the last snapshot, which happens roughly every month. Its on the roadmap to make snapshotting automatic and up to each full node’s discretion.With automatic snapshots, each full node will act as a partial perma-node and choose when to snapshot its tangle data. If someone wants to keep their tangle data for several months or even years, they could just choose not to snapshot. Or if they are limited on hard drive space, they could snapshot every week.
Perma-nodes would store the entire history of the tangle from the genesis. These are optional and would likely only be created by companies who wish to sell historical access of the tangle as a service or companies who heavily use the tangle for their own data and want to have quick, convenient access to their data’s history.
Swarm nodes are also in development which will ease the burden on full nodes. https://blog.iota.org/iota-development-roadmap-74741f37ed01

Node discovery is manual? Wtf?

Nelson is fixing has fixed this:
https://medium.com/deviota/carriota-nelson-automatic-peer-discovery-for-iota-bdca9b8b8750
https://medium.com/deviota/carriota-nelson-in-a-nutshell-1ee5317d8f19
https://github.com/SemkoDev/nelson.cli

IOTA open source?

https://blog.iota.org/official-iota-foundation-response-to-the-digital-currency-initiative-at-the-mit-media-lab-part-1-72434583a2
IOTA protocol is open source. The coordinator is closed source open source.
https://imgur.com/a/xWQUp

Foundation moved user's funds?

https://blog.iota.org/official-iota-foundation-response-to-the-digital-currency-initiative-at-the-mit-media-lab-part-1-72434583a2
https://blog.iota.org/claims-and-reclaims-finalization-e692844c505a
https://www.reddit.com/Iota/comments/7mmimu/claims_and_reclaims_is_processing/drv63d5/

My IOTA donation address:

9PZFQNPLVDUNGAOYYMMXFWMGNPMNAJWZKTYOOMCYQTZQA9RPVVN9SE9KGOL9HWZFJBXKQGEOY9JJYDXB9TY9FLQPXB
submitted by mufinz2 to Iota [link] [comments]

Bitcoin, Startups, and Suicide: Being an entrepreneur is hard

For over a week now, I’ve been trying to write a year in review piece for Satoshi Forest. The words, which usually just flow like a spigot when I’m passionate about something, seem to just dribble out. And what little eeks by is hardly print worthy. Maybe it’s just writer’s block? Writer’s block happens. Or maybe I’m not as passionate about Satoshi Forest as I used to be?
But, I am passionate about Satoshi Forest, perhaps more than I ever have been. And writer’s block, if it is the culprit, cannot explain why I haven’t responded to Elizabeth Ploshay’s ALS Ice Bucket Challenge, in a timely fashion. I guess I’ll have to donate now. You see it’s not just the Satoshi Forest year in review, it’s everything. Emails from friends I haven’t responded to, phone calls I let go to voicemail, new endeavors at Sean’s Outpost I let sit unannounced (http://blockchain.satoshiforest.com/). And then it hits me. I’ve been here before.
I’m really depressed.
And it seems to be going around.
Since the tragic suicide of Robin Williams, four (4) people close to me have also tried to kill themselves. One succeeded. An anecdotal survey of my friends has seen an equal uptick in the number of people talking about or attempting suicide. It’s been really disturbing.
In the preparations for the Bitcoin in the Beltway conference this past June, I had one of the more surreal conversations of my life. An east coast sales director for Marriott called me wanting to know if bitcoin was linked to suicide. They had heard of the tragic death of Autumn Radtke in March (http://nypost.com/2014/03/06/bitcoin-firm-ceo-jumped-to-her-death-neighbo) and were concerned about hosting a conference for a technology that was making people kill themselves. I was sure he was joking. He was not. The conversation I had with him must have allayed his fears. #BitcoinBeltway went great, can’t wait to do it again next year.
Obviously, bitcoin does not cause suicide. And while we are quick to sticky a “suicide prevention hotline” when the price crashes, bitcoin is not causing depression. What we may want to look into is something that is not bitcoin related, but more something that comes part and parcel with “bitcoiners”.
The woes of entrepreneurship and startup culture.
Being an entrepreneur is fucking hard. Really hard. Most people don’t even attempt it.
It might not feel that way to you, but likely that’s because you surround yourself with other entrepreneurs. Your friends work at startups. Your trips are to startup conferences and conventions. Your news feed is bitcoin and hacker news. You are firmly in the echo chamber.
Most people will never try and build a product or company. So most people will never experience what it is like to fear you won’t make payroll and someone else will not be able to pay their rent because of you.
Most people will never know how difficult it is to raise money. To get someone else to believe in you enough to open their checkbook and support you financially. The hours you spend and the mental strain that comes from hearing “No” again and again and again. And if you get a “Yes” the pressure doesn’t dissipate! It increases! Now it’s your crazy idea and someone elses money you’re responsible for.
Being an entrepreneur is really hard.
And we are really hard on ourselves. We are afraid to show any weakness. Because we’ve been taught being weak or vulnerable is to be shunned. If someone asks you how your company is doing “We’re killing. it.” probably comes off your lips before you’ve even processed the question.
It is statistically impossible for everyone to always be “killing it”.
But ask at your next mixer or meetup and almost everyone will be “killing it”.
And that pressure to succeed, to perform, to win is immense. And I think that pressure may be even worse in bitcoin.
Not to everyone, but to a lot of bitcoin early adopters, and especially to a lot of early bitcoin entrepreneurs, bitcoin is a promise. A glimpse of a better world free from the inequalities brought by our legacy financial system. So if you fail in bitcoin, it is easy to feel that you are failing on that promise too.
I’ve felt that way. Felt that if I screw up I am screwing it up for every non-profit and charity. That they will somehow not get the benefits of bitcoin because I failed. I see it in others. Just a week ago at #Cryptolina I talked with a group of brilliant entrepreneurs who were convinced that if they didn’t beat an incumbent payment solution to market, they had lost the war. And that whole segment of the market would NEVER benefit from cryptocurrency.
Being a bitcoin entrepreneur is hard.
And I don’t have the answers to how to deal with all the pressure and depression that come from doing what we do. But I have learned a couple of things and maybe someone else that is experiencing depression or having dark thoughts can read this and gain some value from what I’ve learned. And even better, maybe someone that has dealt with depression in the past can riff on what I’ve said and provide some insight into how they cope.
1) You are not alone.
When you are depressed, it seems like everyone else has it all together and you are the anomaly. That’s not true. They probably don’t have their shit together either. And everyone has problems we don’t see. Everyone.
Some of the greatest entrepreneurs and investors of all time have had brutal fights with depression and suicidal thoughts.
READ:
http://www.inc.com/magazine/201309/jessica-brudepsychological-price-of-entrepreneurship.html
2) Bitcoin needs you and it doesn’t need you. And that’s ok.
Bitcoin needs you. It really does. But it doesn’t need only you, it needs all of us. You are not the single point of failure. Bitcoins success is just a decentralized as the blockchain. So give yourself a break. It’s ok to make mistakes and it’s ok to fail. It’s even ok to fail spectacularly.
Think back to how many times bitcoin has been declared dead. How many times has the price crashed? How many times has a major bitcoin institution been corrupted/hacked/found to be a scam?
And yet, here we are. An you are here too.
3) It is ok to ask for help.
This is hard to learn. We come from a self sufficient culture. And if you ask for help, people will realize that you are not as awesome as they thought you were...BULLSHIT. Asking for help has ZERO bearing on how awesome a person you are. In fact, your friends WANT TO HELP YOU. Being there for you in a moment of crisis is something your friends are probably really down for. But if you ignore them or won’t tell them you are having problems it is really difficult for them to help. Talk to someone. If all else fails you can always call…
THE NATIONAL SUICIDE PREVENTION LIFELINE: 1-800-273-TALK (8255)
I know all of this might not make a difference. When you are caught up in your head in the middle of a depressive episode nothing seems to help. Try to find something that you can concentrate on just to get you thru the worst of it. For me, I go play with my kids. It helps me. Sometimes more than others.
If you are feeling down, try to talk to someone. And if you see someone feeling down, try to lend a supportive ear.
Bitcoin needs you alive.
submitted by SeansOutpost to Bitcoin [link] [comments]

The Strange Birth & History of Monero, Part IV: Monero "as it is now"

You can read here part III.
You can read this whole story translated into Spanish here
This is part IV, the last but not least.
Monero - A secure, private, untreceable cryptocurrency
https://bitcointalk.org/index.php?topic=583449.0
Notable comments in this thread:
-201: “I would like to offer 1000 MRO to the first person who creates a pool”
(https://bitcointalk.org/index.php?topic=583449.msg6422665#msg6422665)
[tacotime offers bounty to potential pool developer. Bytecoin devs haven’t released any code for pools, and the only existent pool, minergate (in the future related to BCN interests) was closed source]
-256: “Adam back seems to like CryptoNote the better than Zerocash https://twitter.com/adam3us/status/453493394472697856”
(https://bitcointalk.org/index.php?topic=583449.msg6440769#msg6440769)
-264: “update on pools: The NOMP guy (zone117x) is looking to fork his open source software and get a pool going, so one should hopefully be up soon.”
(https://bitcointalk.org/index.php?topic=583449.msg6441302#msg6441302)
-273: “Update on GUI: othe from VertCoin has notified me that he is working on it.”
(https://bitcointalk.org/index.php?topic=583449.msg6442606#msg6442606)
-356: “Everyone wanting a pool, please help raise a bounty with me here:
https://bitcointalk.org/index.php?topic=589533.0
And for the GUI:
https://bitcointalk.org/index.php?topic=589561.0”
(https://bitcointalk.org/index.php?topic=583449.msg6461533#msg6461533)
[5439 MRO + 0.685 BTC + 5728555.555 BCN raised for pool and 1652 XMR, 121345.46695471 BCN for the GUI wallet. Though this wallet was "rejected" as official GUI because wallet still has to be polished before building a GUI]
-437: “Yes, most Windows users should see a higher hashrate with the new build. You can thank NoodleDoodle. ”
(https://bitcointalk.org/index.php?topic=583449.msg6481202#msg6481202)
-446: “Even faster Windows binaries have just been uploaded. Install for more hash power! Once again, it was NoodleDoodle.”
(https://bitcointalk.org/index.php?topic=583449.msg6483680#msg6483680)
-448: “that almost doubled my hashrate again! GREAT STUFF !!!”
(https://bitcointalk.org/index.php?topic=583449.msg6484109#msg6484109)
-461: “Noodle only started optimization today so there may be gains for your CPU in the future.”
(https://bitcointalk.org/index.php?topic=583449.msg6485247#msg6485247)
[First day of miner optimization by NoodleDoodle, it is only May 1st]
-706: “The unstoppable NoodleDoodle has optimized the Windows build again. Hashrate should more than double. Windows is now faster than Linux. :O”
(https://bitcointalk.org/index.php?topic=583449.msg6549444#msg6549444)
-753: “i here tft is no longer part of the project. so is he forking or relaunching bytecoin under new name and new parameters (merged mining with flatter emission curve.) also. what is the end consensus for the emission curve for monero. will it be adjusted."
(https://bitcointalk.org/index.php?topic=583449.msg6561345#msg6561345)
[May, 5th 2014. TFT is launching FANTOMCOIN, a clone coin which its "only" feature was merged mining]
-761: (https://bitcointalk.org/index.php?topic=583449.msg6561941#msg6561941) [May, 5th 2014 – eizh on emission curve and tail emission]
-791: “As promised, I did Russian translation of main topic.”
(https://bitcointalk.org/index.php?topic=583449.msg6565521#msg6565521)
[one among dozens of decentralized and “altruist” collaborators of Monero in minor tasks]
-827: image
(https://bitcointalk.org/index.php?topic=583449.msg6571652#msg6571652)
-853: (https://bitcointalk.org/index.php?topic=583449.msg6575033#msg6575033)
[some are not happy that NoodleDoodle had only released the built binaries, but not the source code]
-950: (https://bitcointalk.org/index.php?topic=583449.msg6593768#msg6593768)
[Rias, an account suspected to be related to the Bytecoin scam, dares to tag Monero as “instamine”]
-957: “It's rather bizarre that you're calling this an "instamine" scam when you're so fervently supporting BCN, which was mined 80% before entering the clearnet. Difficulty adjustments are per block, so there is no possibility of an instamine unless you don't publish your blockchain (emission is regular at the preset interval, and scales adequately with the network hash rate). What you're accusing monero of is exactly what ByteCoin did.”
https://bitcointalk.org/index.php?topic=583449.msg6594025#msg6594025
[Discussion with rias drags on for SEVERAL posts]
-1016: “There is no "dev team". There is a community of people working on various aspects of the coin.
I've been keeping the repo up to date. NoodleDoodle likes to optimise his miner. TFT started the fork and also assists when things break. othe's been working on a GUI. zone117x has been working on a pool.
It's a decentralized effort to maintain the fork, not a strawman team of leet hackers who dwell in the underbellies of the internet and conspire for instamines.”
(https://bitcointalk.org/index.php?topic=583449.msg6596828#msg6596828)
-1023: “Like I stated in IRC, I am not part of the "dev team", I never was. Just so happens I took a look at the code and changed some extremely easy to spot "errors". I then decided to release the binary because I thought MRO would benefit from it. I made this decision individually and nobody else should be culpable”
(https://bitcointalk.org/index.php?topic=583449.msg6597057#msg6597057)
[Noodledoodle gets rid of the instaminer accusations]
-1029: “I decided to relaunch Monero so it will suit all your wishes that you had: flatter emission curve, open source optimized miner for everybody from the start, no MM with BCN/BMR and the name. New Monero will be ready tomorrow”
(https://bitcointalk.org/index.php?topic=583449.msg6597252#msg6597252)
[people trying to capitalize mistakes is always there.]
-1030: "Pull request has been submitted and merged to update miner speed
It appears from the simplicity of the fix that there may have been deliberate crippling of the hashing algorithm from introduction with ByteCoin."
https://bitcointalk.org/index.php?topic=583449.msg6597460#msg6597460
[tacotime “officially” raises suspects of possible voluntarily crippled miner]
-1053: "I don't mind the 'relaunch' or the merge-mining fork or any other new coin at all. It's inevitable that the CryptoNote progresses like scrypt into a giant mess of coins. It's not undesirable or 'wrong'. Clones fighting out among themselves is actually beneficial for Monero. Although one of them is clearly unserious and trolling by choosing the same name.
Anyway, this sudden solidarity with BCN or TFT sure is strange when none of these accounts were around for the discussions that took place 3 weeks ago. Such vested interests with no prior indications. Hmm...? "
https://bitcointalk.org/index.php?topic=583449.msg6599013#msg6599013
[eizh points out the apparent organized fudding]
-1061: "There was no takeover. The original developer (who himself did a fork of bytecoin and around a dozen lines of code changes) was non-responsive and had disappeared. The original name had been cybersquatted all over the place (since the original developer did not even register any domain name much less create a web site), making it impossible to even create a suitably named web site. A bunch of us who didn't want to see the coin die who represented a huge share of the hash power and ownership of the coin decided to adopt it. We reached out to the original developer to participate in this community effort and he still didn't respond over 24 hours, so we decided to act to save the coin from neglect and actively work toward building the coin."
(https://bitcointalk.org/index.php?topic=583449.msg6599798#msg6599798)
[smooth defends legitimacy of current “dev team” and decisions taken]
-1074: “Zerocash will be announced soon (May 18 in Oakland? but open source may not be ready then?).
Here is a synopsis of the tradeoffs compared to CyptoNote: […]"
(https://bitcointalk.org/index.php?topic=583449.msg6602891#msg6602891)
[comparison among Zerocash y Cryptonote]
-1083: "Altcoin history shows that except in the case of premine (Tenebrix), the first implementation stays the largest by a wide margin. We're repeating that here by outpacing Bytecoin (thanks to its 80% mine prior to surfacing). No other CN coin has anywhere near the hashrate or trading volume. Go check diff in Fantom for example or the lack of activity in BCN trading.
The only CN coin out there doing something valuable is HoneyPenny, and they're open source too. If HP develops something useful, MRO can incorporate it as well. Open source gives confidence. No need for any further edge."
(https://bitcointalk.org/index.php?topic=583449.msg6603452#msg6603452)
[eizh reminds everyone the “first mover” advantage is a real advantage]
-1132: "I decided to tidy up bitmonero GitHub rep tonight, so now there is all valuable things from latest BCN commits & Win32. Faster hash from quazarcoin is also there. So BMR rep is the freshest one.
I'm working on another good feature now, so stay tuned."
(https://bitcointalk.org/index.php?topic=583449.msg6619738#msg6619738)
[first TFT apparition in weeks, he somehow pretends to still be the "lead dev"]
-1139: "This is not the github or website used by Monero. This github is outdated even with these updates. Only trust binaries from the first post."
(https://bitcointalk.org/index.php?topic=583449.msg6619971#msg6619971)
[eizh tries to clarify the community, after tft interference, which are the official downloads]
-1140: “The faster hash is from NoodleDoodle and is already submitted to the moner-project github (https://github.com/monero-project/bitmonero) and included in the binaries here.
[trying to bring TFT back on board] It would be all easier if you just work together with the other guys, whats the problem? Come to irc and talk like everyone else?
[on future monero exchangers] I got confirmation from one."
(https://bitcointalk.org/index.php?topic=583449.msg6619997#msg6619997)
[8th may 2014, othe announces NoodleDoodle optimized miner is now open source, asks TFT to collaborate and communicates an exchanger is coming]
-1146: "I'll be impressed if they [BCN/TFT shills] manage to come up with an account registered before January, but then again they could buy those.”
(https://bitcointalk.org/index.php?topic=583449.msg6620257#msg6620257)
[smooth]
-1150: “Ring signatures mean that when you sign a transaction to spend an output (coins), no one looking at the block chain can tell whether you signed it or one of the other outputs you choose to mix in with yours. With a mixing factor of 5 or 10 after several transactions there are millions of possible coins all mixed together. You get "anonymity" and mixing without having to use a third party mixer.”
(https://bitcointalk.org/index.php?topic=583449.msg6620433#msg6620433)
[smooth answering to “what are ring signatures” in layman terms]
-1170: "Someone (C++ skilled) did private optimized miner a few days ago, he got 74H/s for i5 haswell. He pointed that mining code was very un-optimized and he did essential improvements for yourself. So, high H/S is possible yet. Can the dev's core review code for that?"
(https://bitcointalk.org/index.php?topic=583449.msg6623136#msg6623136)
[forums are talking about an individual or group of individuals with optimized miners - may 9th 2014]
-1230: "Good progress on the pool reported by NOMP dev zone117x. Stay tuned, everyone.
And remember to email your favorite exchanges about adding MRO."
(https://bitcointalk.org/index.php?topic=583449.msg6640190#msg6640190)
-1258: "This is actually as confusing to us as you. At one point, thankful_for_today said he was okay with name change: https://bitcointalk.org/index.php?topic=563821.msg6368600#msg6368600
Then he disappeared for more than a week after the merge mining vote failed.”
(https://bitcointalk.org/index.php?topic=583449.msg6645981#msg6645981)
[eizh on the TFT-issue]
-1358: “Jadehorse: registered on 2014-03-06 and two pages of one line posts:
https://bitcointalk.org/index.php?action=profile;u=263597
https://bitcointalk.org/index.php?action=profile;u=263597;sa=showPosts
Trustnobody: registered on 2014-03-06 and two pages of one line posts:
https://bitcointalk.org/index.php?action=profile;u=264292
https://bitcointalk.org/index.php?action=profile;u=264292;sa=showPosts
You guys should really just stop trying. It is quite transparent what you are doing. Or if you want to do it, do it somewhere else. Everyone else: ignore them please."
(https://bitcointalk.org/index.php?topic=583449.msg6666844#msg6666844)
[FUD campaign still ongoing, smooth battles it]
-1387: "The world’s first exchange for Monero just opened! cryptonote.exchange.to"
(https://bitcointalk.org/index.php?topic=583449.msg6675902#msg6675902)
[David Latapie announces an important milestone: exchanger is here]
-1467: "image"
(https://bitcointalk.org/index.php?topic=583449.msg6686125#msg6686125)
[it is weird, but tft appears again, apparently as if he were in a parallel reality]
-1495: “http://monero.cc/blog/monero-price-0-002-passed/”
(https://bitcointalk.org/index.php?topic=583449.msg6691706#msg6691706)
[“trading” milestone reached: monero surpassed for first time 0.002 btc price]
-1513: "There is one and only one coin, formerly called Bitmonero, now called Monero. There was a community vote in favor (despite likely ballot stuffing against). All of the major stakeholders at the time agreed with the rename, including TFT.
The code base is still called bitmonero. There is no reason to rename it, though we certainly could have if we really wanted to.
TFT said he he is sentimental about the Bitmonero name, which I can understand, so I don't think there is any malice or harm in him continuing to use it. He just posted the nice hash rate chart on here using the old name. Obviously he understands that they are one and the same coin."
(https://bitcointalk.org/index.php?topic=583449.msg6693615#msg6693615)
[Smooth clears up again the relation with TFT and BMR. Every time he appears it seems to generate confusion on newbies]
-1543: "Pool software is in testing now. You can follow the progress on the pool bounty thread (see original post on this thread for link)."
(https://bitcointalk.org/index.php?topic=583449.msg6698097#msg6698097)
-1545: "[on the tail emission debate] I've been trying to raise awareness of this issue. The typical response seems to be, "when Bitcoin addresses the problem, so will we." To me this means it will never be addressed. The obvious solution is to perpetually increase the money supply, always rewarding miners with new coins.
Tacotime mentioned a hard fork proposal to never let the block reward drop below 1 coin:
Code: if (blockReward < 1){ blockReward = 1; }
I assume this is merely delaying the problem, however. I proposed a fixed annual debasement (say 2%) with a tx fee cap of like 0.001% of the current block reward (or whatever sounds reasonable). That way we still get the spam protection without worrying about fee escalation down the road."
(https://bitcointalk.org/index.php?topic=583449.msg6698879#msg6698879)
[Johnny Mnemonic wants to debate tail emission. Debate is moved to the “Monero Economy” thread]
-1603: “My GOD,the wallet is very very wierd and too complicated to operate, Why dont release a wallet-qt as Bitcoin?”
(https://bitcointalk.org/index.php?topic=583449.msg6707857#msg6707857)
[Newbies have hard times with monero]
-1605: "because this coin is not a bitcoin clone and so there isnt a wallet-qt to just copy and release. There is a bounty for a GUI wallet and there is already an experimental windows wallet..."
(https://bitcointalk.org/index.php?topic=583449.msg6708250#msg6708250)
-1611: "I like this about Monero, but it seems it was written by cryptographers, not programmers. The damned thing doesn't even compile on Arch, and there are several bugs, like command history not working on Linux. The crypto ideas are top-notch, but the implementation is not."
(https://bitcointalk.org/index.php?topic=583449.msg6709002#msg6709002)
[Wolf0, a miner developer, little by little joining the community]
-1888: "http://198.199.79.100 (aka moneropool.org) successfully submitted a block. Miners will be paid for their work once payments start working.
P.S. This is actually our second block today. The first was orphaned. :/"
(https://bitcointalk.org/index.php?topic=583449.msg6753836#msg6753836)
[May 16th: first pool block]
-1927: "Botnets aren't problem now. The main problem is a private hi-performance miner"
(https://bitcointalk.org/index.php?topic=583449.msg6759622#msg6759622)
-1927: "Evidence?"
(https://bitcointalk.org/index.php?topic=583449.msg6759661#msg6759661)
[smooth about the private optimized miner]
-1937: “[reference needed: smooth battling the weak evidence of optimized miner] Yes, I remember that. Some person on the Internet saying that some other unnamed person said he did something hardly constitutes evidence.
I'm not even doubting that optimized asm code could make a big difference. Just not sure how to know whether this is real or not. Rumors and FUD are rampant, so it is just hard to tell."
(https://bitcointalk.org/index.php?topic=583449.msg6760040#msg6760040)
[smooth does not take the "proof" seriously]
-1949: "image
One i5 and One e5 connected to local pool:
image"
(https://bitcointalk.org/index.php?topic=583449.msg6760624#msg6760624)
[proof of optimized miner]
-1953: "lazybear are you interested in a bounty to release the source code (maybe cleaned up a bit?) your optimized miner? If not, I'll probably play around with the code myself tomorrow and see if I can come up with something, or maybe Noodle Doodle will take an interest."
(https://bitcointalk.org/index.php?topic=583449.msg6760699#msg6760699)
[smooth tries to bring lazybear and his optimized miner on board]
-1957: "smooth, NoodleDoodle just said on IRC his latest optimizations are 4x faster on Windows. Untested on Linux so far but he'll push the source to the git repo soon. We'll be at 1 million network hashrate pretty soon."
(https://bitcointalk.org/index.php?topic=583449.msg6760814#msg6760814)
[eizh makes publics NoodleDoodle also has more miner optimizations ready]
-1985: “Someone (not me) created a Monero block explorer and announced it yesterday in a separate thread:
https://bitcointalk.org/index.php?topic=611561.0”
(https://bitcointalk.org/index.php?topic=583449.msg6766206#msg6766206)
[May 16th, 2014: a functional block explorer]
-2018: “Noodle is doing some final tests on Windows and will begin testing on Linux. He expects hashrate should increase across all architectures. I can confirm a 5x increase on an i7 quad-core + Windows 7 64-bit.
Please be patient. These are actual changes to the program, not just a switch that gets flicked on. It needs testing.”
(https://bitcointalk.org/index.php?topic=583449.msg6770093#msg6770093)
[eizh has more info on last miner optimization]
-2023: “Monero marketcap is around $300,000 as of now”
(https://bitcointalk.org/index.php?topic=583449.msg6770365#msg6770365)
-2059: I was skeptical of this conspiracy theory at first but after thinking about the numbers and looking back at the code again, I'm starting to believe it.
These are not deep optimizations, just cleaning up the code to work as intended.
At 100 H/s, with 500k iterations, 70 cycles per L3 memory access, we're now at 3.5 GHz which is reasonably close. So the algorithm is finally memory-bound, as it was originally intended to be. But as delivered by the bytecode developers not even close.
I know this is going to sound like tooting our own horn but this is another example of the kind of dirty tricks you can expect from the 80% premine crowd and the good work being done in the name of the community by the Monero developers.
Assuming they had the reasonable, and not deoptimized, implementation of the algorithm as designed all along (which is likely), the alleged "two year history" of bytecoin was mined on 4-8 PCs. It's really one of the shadiest and sleaziest premines scams yet, though this shouldn't be surprising because in every type of scam, the scams always get sneakier and more deceptive over time (the simple ones no longer work)."
(https://bitcointalk.org/index.php?topic=583449.msg6773168#msg6773168)
[smooth blowing the lid: if miner was so de-optimized, then BCN adoption was even lower than initially thought]
-2123: (https://bitcointalk.org/index.php?topic=583449.msg6781481#msg6781481)
[fluffypony first public post in Monero threads]
-2131: "moneropool.org is up to 2KHs, (average of 26Hs per user). But that's still only 0.3% of the reported network rate of 575Khs.
So either a large botnet is mining, or someone's sitting quietly on a much more efficient miner and raking in MRO."
(https://bitcointalk.org/index.php?topic=583449.msg6782192#msg6782192)
[with pools users start to notice that “avg” users account for a very small % of the network hashrate, either botnets or a super-optimized miner is mining monero]
-2137: “I figure its either:
(https://bitcointalk.org/index.php?topic=583449.msg6782852#msg6782852)
-2192: “New source (0.8.8.1) is up with optimizations in the hashing. Hashrate should go up ~4x or so, but may have CPU architecture dependence. Windows binaries are up as well for both 64-bit and 32-bit."
(https://bitcointalk.org/index.php?topic=583449.msg6788812#msg6788812)
[eizh makes official announce of last miner optimization, it is may 17th]
-2219: (https://bitcointalk.org/index.php?topic=583449.msg6792038#msg6792038)
[wolf0 is part of the monero community for a while, discussing several topics as botnet mining and miner optimizations. Now spots security flaws in the just launched pools]
-2301: "5x optimized miner released, network hashrate decreases by 10% Make your own conclusions. :|"
(https://bitcointalk.org/index.php?topic=583449.msg6806946#msg6806946)
-2323: "Monero is on Poloniex https://poloniex.com/exchange/btc_mro"
(https://bitcointalk.org/index.php?topic=583449.msg6808548#msg6808548)
-2747: "Monero is holding a $500 logo contest on 99designs.com now: https://99designs.com/logo-design/contests/monero-mro-cryptocurrency-logo-design-contest-382486"
(https://bitcointalk.org/index.php?topic=583449.msg6829109#msg6829109)
-2756: “So... ALL Pools have 50KH/s COMBINED.
Yet, network hash is 20x more. Am i the only one who thinks that some people are insta mining with prepared faster miners?”
(https://bitcointalk.org/index.php?topic=583449.msg6829977#msg6829977)
-2757: “Pools aren't stable yet. They are more inefficient than solo mining at the moment. They were just released. 10x optimizations have already been released since launch, I doubt there is much more optimization left.”
(https://bitcointalk.org/index.php?topic=583449.msg6830012#msg6830012)
-2765: “Penalty for too large block size is disastrous in the long run.
Once MRO value increases a lot, block penalties will become more critical of an issue. Pools will fix this issue by placing a limit on number and size of transactions. Transaction fees will go up, because the pools will naturally accept the most profitable transactions. It will become very expensive to send with more than 0 mixin. Anonymity benefits of ring signatures are lost, and the currency becomes unusable for normal transactions.”
(https://bitcointalk.org/index.php?topic=583449.msg6830475#msg6830475)
-2773: "The CryptoNote developers didn't want blocks getting very large without genuine need for it because it permits a malicious attack. So miners out of self-interest would deliberately restrict the size, forcing the network to operate at the edge of the penalty-free size limit but not exceed it. The maximum block size is a moving average so over time it would grow to accommodate organic volume increase and the issue goes away. This system is most broken when volume suddenly spikes."
(https://bitcointalk.org/index.php?topic=583449.msg6830710#msg6830710)
-3035: "We've contributed a massive amount to the infrastructure of the coin so far, enough to get recognition from cryptonote, including optimizing their hashing algorithm by an order of magnitude, creating open source pool software, and pushing several commits correcting issues with the coin that eventually were merged into the ByteCoin master. We also assisted some exchange operators in helping to support the coin.
To say that has no value is a bit silly... We've been working alongside the ByteCoin devs to improve both coins substantially."
(https://bitcointalk.org/index.php?topic=583449.msg6845545#msg6845545)
[tacotime defends the Monero team and community of accusations of just “ripping-off” others hard-work and “steal” their project]
-3044: "image"
(https://bitcointalk.org/index.php?topic=583449.msg6845986#msg6845986)
[Monero added to coinmarketcap may 21st 2014]
-3059: "You have no idea how influential you have been to the success of this coin. You are a great ambassador for MRO and one of the reasons why I chose to mine MRO during the early days (and I still do, but alas no soup for about 5 days now)."
(https://bitcointalk.org/index.php?topic=583449.msg6846509#msg6846509)
[random user thanks smooth CONSTANT presence, and collaboration. It is not all FUD ;)]
-3068: "You are a little too caught up in the mindset of altcoin marketing wars about "unique features" and "the team" behind the latest pump and dump scam.
In fact this coin is really little more than BCN without the premine. "The team" is anyone who contributes code, which includes anyone contributing code to the BCN repository, because that will get merged as well (and vice-versa).
Focus on the technology (by all accounts amazing) and the fact that it was launched in a clean way without 80% of the total world supply of the coin getting hidden away "somewhere." That is the unique proposition here. There also happens to be a very good team behind the coin, but anyone trying too hard to market on the basis of some "special" features, team, or developer is selling you something. Hold on to your wallet."
(https://bitcointalk.org/index.php?topic=583449.msg6846638#msg6846638)
[An answer to those trolls saying Monero has no innovation/unique feature]
-3070: "Personally I found it refreshing that Monero took off WITHOUT a logo or a gui wallet, it means the team wasn't hyping a slick marketing package and is concentrating on the coin/note itself."
(https://bitcointalk.org/index.php?topic=583449.msg6846676#msg6846676)
-3119: “image
[included for the lulz]
-3101: "[…]The main developers are tacotime, smooth, NoodleDoodle. Some needs are being contracted out, including zone117x, LucasJones, and archit for the pool, another person for a Qt GUI, and another person independently looking at the code for bugs."
(https://bitcointalk.org/index.php?topic=583449.msg6848006#msg6848006)
[the initial "core team" so far, eizh post]
-3123: (https://bitcointalk.org/index.php?topic=583449.msg6850085#msg6850085)
[fluffy steps-in with an interesting dense post. Don’t dare to skip it, worthwhile reading]
-3127: (https://bitcointalk.org/index.php?topic=583449.msg6850526#msg6850526)
[fluffy again, worth to read it too, so follow link, don’t be lazy]
-3194: "Hi guys - thanks to lots of hard work we have added AES-NI support to the slow_hash function. If you're using an AES-NI processor you should see a speed-up of about 30%.”
(https://bitcointalk.org/index.php?topic=583449.msg6857197#msg6857197)
[flufflypony is now pretty active in the xmr topic and announces a new optimization to the crippled miner]
-3202: "Whether using pools or not, this coin has a lot of orphaned blocks. When the original fork was done, several of us advised against 60 second blocks, but the warnings were not heeded.
I'm hopeful we can eventually make a change to more sane 2- or 2.5-minute blocks which should drastically reduce orphans, but that will require a hard fork, so not that easy."
(https://bitcointalk.org/index.php?topic=583449.msg6857796#msg6857796)
[smooth takes the opportunity to remember the need of bigger target block]
-3227: “Okay, optimized miner seems to be working: https://bitcointalk.org/index.php?topic=619373”
[wolf0 makes public his open source optimized miner]
-3235: "Smooth, I agree block time needs to go back to 2 minutes or higher. I think this and other changes discussed (https://bitcointalk.org/index.php?topic=597878.msg6701490#msg6701490) should be rolled into a single hard fork and bundled with a beautiful GUI wallet and mining tools."
(https://bitcointalk.org/index.php?topic=583449.msg6861193#msg6861193)
[tail emission, block target and block size are discussed in the next few messages among smooth, johnny and others. If you want to know further about their opinions/reasonings go and read it]
-3268: (https://bitcointalk.org/index.php?topic=583449.msg6862693#msg6862693)
[fluffy dares another user to bet 5 btc that in one year monero will be over dash in market cap. A bet that he would have lost as you can see here https://coinmarketcap.com/historical/20150524/ even excluding the 2M “instamined” coins]
-3283: "Most of the previous "CPU only" coins are really scams and the developers already have GPU miner or know how to write one. There are a very few exceptions, almost certainly including this one.
I don't expect a really dominant GPU miner any time soon, maybe ever. GPUs are just computers though, so it is certainly possible to mine this on a GPU, and there probably will be a some GPU miner, but won't be so much faster as to put small scale CPU miners out of business (probably -- absent some unknown algorithmic flaw).
Everyone focuses on botnets because it has been so long since regular users were able to effectively mine a coin (due to every coin rapidly going high end GPU and ASIC) that the idea that "users" could vastly outnumber "miners" (botnet or otherwise) isn't even on the radar.
The vision here is a wallet that asks you when you want to install: "Do you want to devote some of you CPU power to help secure the network. You will be eligible to receive free coins as a reward (recommended) [check box]." Get millions of users doing that and it will drive down the value of mining to where neither botnets nor professional/industrial miners will bother, and Satoshi's original vision of a true p2p currency will be realized.
That's what cryptonote wants to accomplish with this whole "egalitarian mining" concept. Whether it succeeds I don't know but we should give it a chance. Those cryptonote guys seem pretty smart. They've probably thought this through better than any of us have."
(https://bitcointalk.org/index.php?topic=583449.msg6863720#msg6863720)
[smooth vision of a true p2p currency]
-3318: "I have a screen shot that was PMed to me by someone who paid a lot of money for a lot of servers to mine this coin. He won't be outed by me ever but he does in fact exist. Truth."
(https://bitcointalk.org/index.php?topic=583449.msg6865061#msg6865061)
[smooth somehow implies it is not botnets but an individual or a group of them renting huge cloud instances]
-3442: "I'm happy to report we've successfully cracked Darkcoin's network with our new quantum computers that just arrived from BFL, a mere two weeks after we ordered them."
[fluffy-troll]
-3481: “Their slogan is, "Orphaned Blocks, Bloated Blockchain, that's how we do""
(https://bitcointalk.org/index.php?topic=583449.msg6878244#msg6878244)
[Major FUD troll in the topic. One of the hardest I’ve ever seen]
-3571: "Tacotime wanted the thread name and OP to use the word privacy instead of anonymity, but I made the change for marketing reasons. Other coins do use the word anonymous improperly, so we too have to play the marketing game. Most users will not bother looking at details to see which actually has more privacy; they'll assume anonymity > privacy. In a world with finite population, there's no such thing as anonymity. You're always "1 of N" possible participants.
Zero knowledge gives N -> everyone using the currency, ring signatures give N -> your choice, and CoinJoin gives N -> people who happen to be spending around the same amount of money as you at around the same time. This is actually the critical weakness of CoinJoin: the anonymity set is small and it's fairly susceptible to blockchain analysis. Its main advantage is that you can stick to Bitcoin without hard forking.
Another calculated marketing decision: I made most of the OP about ring signatures. In reality, stealth addressing (i.e. one-time public keys) already provides you with 90% of the privacy you need. Ring signatures are more of a trump card that cannot be broken. But Bitcoin already has manual stealth addressing so the distinguishing technological factor in CryptoNote is the use of ring signatures.
This is why I think having a coin based on CoinJoin is silly: Bitcoin already has some privacy if you care enough. A separate currency needs to go way beyond mediocre privacy improvements and provide true indistinguishably. This is true thanks to ring signatures: you can never break the 1/N probability of guessing correctly. There's no additional circumstantial evidence like with CoinJoin (save for IP addresses, but that's a problem independent of cryptocurrencies)."
(https://bitcointalk.org/index.php?topic=583449.msg6883525#msg6883525)
[Anonymity discussions, specially comparing Monero with Darkcoin and its coinjoin-based solution, keep going on]
-3593: "Transaction fees should be a fixed percentage of the block reward, or at the very least not be controllable by the payer. If payers can optionally pay more then it opens the door for miner discrimination and tx fee bidding wars."
(https://bitcointalk.org/index.php?topic=583449.msg6886770#msg6886770)
[Johnny Mnemonic is a firm defender of fixed fees and tail emission: he see the “fee market” as big danger to the usability of cryptocurrencies]
-3986: (https://bitcointalk.org/index.php?topic=583449.msg6930412#msg6930412)
[partnership with i2p]
-4373: “Way, way faster version of cpuminer: https://bitcointalk.org/index.php?topic=619373”
(https://bitcointalk.org/index.php?topic=583449.msg6993812#msg6993812)
[super-optimized miner is finally leaked to the public. Now the hashrate is 100 times bigger than originally with crippled miner. The next hedge for "cloud farmers" is GPU mining]
-4877: “1. We have a logo! If you use Monero in any of your projects, you can grab a branding pack here. You can also see it in all its glory right here:
logo […] 4. In order to maintain ISO 4217 compliance, we are changing our ticker symbol from MRO to XMR effective immediately."
(https://bitcointalk.org/index.php?topic=583449.msg7098497#msg7098497)
[Jun 2nd 2014]
-5079: “First GPU miner: https://bitcointalk.org/index.php?topic=638915.0”
(https://bitcointalk.org/index.php?topic=583449.msg7130160#msg7130160)
[4th June: Claymore has developed the first CryptoNight open source and publicly available GPU miner]
-5454: "New update to my miner - up to 25% hash increase. Comment and tell me how much of an increase you got from it: https://bitcointalk.org/index.php?topic=632724"
(https://bitcointalk.org/index.php?topic=583449.msg7198061#msg7198061)
[miner optimization is an endless task]
-5464: "I have posted a proposal for fixed subsidy:
https://bitcointalk.org/index.php?topic=597878.msg7202538#msg7202538"
(https://bitcointalk.org/index.php?topic=583449.msg7202776#msg7202776)
[Nice charts and discussion proposed by tacotime, worth reading it]
-5658: "- New seed nodes added. - Electrum-style deterministic wallets have been added to help in the recovery of your wallet should you ever need to. It is enabled by default."
(https://bitcointalk.org/index.php?topic=583449.msg7234475#msg7234475)
[Now you can recover your wallet with a 24 word seed]
-5726: (https://bitcointalk.org/index.php?topic=583449.msg7240623#msg7240623)
[Bitcoin Pizza in monero version: a 2500 XMR picture sale (today worth ~$20k)]
-6905: (https://bitcointalk.org/index.php?topic=583449.msg7386715#msg7386715)
[Monero missives: CryptoNote peer review starts whitepaper reviewed)]
-7328: (https://bitcointalk.org/index.php?topic=583449.msg7438333#msg7438333)
[android monero widget built]
This is a dense digest of the first several thousand messages on the definitive Monero thread.
A lot of things happened in this stressful days and most are recorded here. It can be summarized in this:
  • 28th April: Othe and zone117x assume the GUI wallet and CN pools tasks.
  • 30th April: First NoodleDoodle's miner optimization.
  • 11th May: First Monero exchanger
  • 13th May: Open source pool code is ready.
  • 16th May: First pool mined block.
  • 19th May: Monero in poloniex
  • 20th May: Monero +1100 bitcoin 24h trading volume in Poloniex.
  • 21st May: New official miner optimization x4 speed (accumulated optimization x12-x16). Open source wolf0's CPU miner released.
  • 25th May: partnership with i2p
  • 28th May: The legendary super-optimized miner is leaked. Currently running x90 original speed. Hedge of the "cloud farmers" is over in the cpu mining.
  • 2nd June: Monero at last has a logo. Ticker symbol changes to the definitive XMR (former MRO)
  • 4th June: Claymore's open source GPU miner.
  • 10th June: Monero's "10,000 bitcoin pizza" (2500 XMR paintig). Deterministic seed-based wallets (recover wallet with a 24 word seed)
  • March 2015 – tail emission added to code
  • March 2016 – monero hard forks to 2 min block and doubles block reward
There basically two things in here that can be used to attack Monero:
  • Crippled miner Gave unfair advantage to those brave enough to risk money and time to optimize and mine Monero.
  • Fast curve emission non-bitcoin-like curve as initially advertised and as it was widely accepted as suitable
Though we have to say two things to support current Monero community and devs:
  • The crippled miner was coded either by Bytecoin or CryptoNote, and 100% solved within a month by Monero community
  • The fast curve emission was a TFT miscalculation. He forgot to consider that as he was halving the block target he was unintentionally doubling the emission rate.
submitted by el_hispano to Monero [link] [comments]

Qtrex Review - 100% Decentralized Bitcoin Matrix ... Chipmixer Bitcoin Mixer Tutorial TOP 5 BITCOIN DECENTRALIZED EXCHANGES (DEX) IN 2020 Helix Light Bitcoin Mixer Review & Step By Step Tutorial Bitcoin 2013 conference - Olivier Coutu - Decentralized ...

What is a Bitcoin Mixer? Bitcoin blenders are arrangements that let clients blend their coins in with different clients, to safeguard their security. Bitcoin isn’t altogether unknown as it looks. It is somewhat mysterious on the grounds that one doesn’t have to give individual subtleties to do bitcoin exchanges or while opening an unknown wallet. Bitcoin exchanges are totally ... This is not the first year that BitMix.Biz has been the best Bitcoin mixer and it will probably remain so in 2020. This is proved by that on the Internet there are many fakes posing as BitMix.Biz. However, the industry has a lot of reliable and trustworthy blenders that deliver what they promise. Whether centralized or decentralized, the choice is ultimately yours. Bitcoin Mixer, Wasabi Wallet, and Samourai Whirlpool are the platforms that have the best user reviews. Keep your assets safe by mixing with a reliable blender. Bitcoin Mixer – Understanding Bitcoin And The Block-Chain . Bitcoin is a distributed installment framework, also called electronic cash or virtual money. It offers a twenty-first-century option in contrast to physical banking. Trades are made through “e-wallet programming”. The bitcoin has really subverted the customary financial ... Bitcoin Mixing services can be broadly categorized into centralized and decentralized. In the centralized bitcoin mixing model, the user enters his address in a form available on the mixing ...

[index] [25314] [6363] [49728] [3400] [13332] [9523] [24905] [43483] [32204] [4558]

Qtrex Review - 100% Decentralized Bitcoin Matrix ...

Helix Light Bitcoin Mixer - https://helixlight-onion.is. This feature is not available right now. Please try again later. TOP 5 #BITCOIN DECENTRALIZED EXCHANGES IN 2020 #DEX #CRYPTO. Category Education; Show more Show less. Loading... Advertisement Autoplay When autoplay is enabled, a suggested video will ... https://www.amazon.com/dp/B07MWXRWNB?tag=shop06310f-20 - Inventing Bitcoin: The Technology Behind The First Truly Scarce and Decentralized Money Explained ht... Recorded at the Bitcoin 2013 conference in San Jose, CA. Conference sponsored by Bitcoin Foundation. Red Pill Recording recorded this talk. We volunteered ou... www.qtrex.io/?wealthremedy - Qtrex Review - 100% Decentralized Bitcoin Matrix & Unilevel Opportunity - Join Our Team Qtrex is the world's first fully decentr...

#