pbleak
Active member
Hey guys, so I was planning on sending this to my usual writing home of deepdotweb, but the more I look at it the more it's too specific for over there. I decided it might be better to simply post it here. I'm actually working from the whitepaper forward so I'm discussing things that are, of course, out of date and will proceed until we get to where we are now. I need to clean up some errors spotted by readers and will do so soon. Also, it's very much me explaining some issues to myself so no hard technical details here. I guess I am more into the vision behind DRK than anything else.
If this is helpful for you and you want to help me in terms of having time to write the next parts my DRK address is: Xe9ywvpMAq8kwcrzcWecQZe7SwYopqgU9w
Please note that the following article is focused on the history of Darkcoin meaning that many of the ideas expressed here have been superceded by later developments. However, the piece is designed to inform users of precisely the effort that has went into developing the coin rather than to contribute to the marketing of the current version of the coin. As we proceed we will come to see how old ideas encounter unexpected issues and how they are addressed. In this first part the emphasis is on the core ideals and vision behind the coin.
This series begins with an examination of Darkcoin's original whitepaper. As is quite common for cryptocurrencies the white paper sets out the motivations behind the development of the coin and traditionally its core features (with the hope that miners and investors will place faith in the future of the coin. Leaving aside Satoshi Nakamoto's famous Bitcoin whitepaper (published in 2008) we find that the bulk of coins following it its wake have faced the demand of how to distinguish the coin from Bitcoin. As the coins accumulated we then found a new demand. How to distinguish the coins from other cryptocoins. Making the entire process doubly-difficult these days is that there have been a number of 'pumped' coins that either died, were abandoned, or were plain scams. For this reason the whitepaper is a curious entity since it promises what has not yet been developed. Miners and investors must decide whether the developer or developers can deliver. In the case of Darkcoin the community is distinguished by its long-standing faith and patience in the lead developer Evan Duffield. This has come in spite of the fact that Duffield has insisted on carrying out the development and testing of Darkcoin at a pace that is almost unseeingly to the day-traders who depend on pump and dump cycles.
The whitepaper describes Darkcoin as a 'Peer-to-peer CryptoCurrency with Anonymous Blockchain Transactions and an Improved Proof-of-Work System.' In a nutshell this title tells us that Darkcoin will follow the fundamental principles of Bitcoin: it will be a decentralised peer-to-peer currency with a 'ledger' (the blockchain). However, it also promises that this will not just be a public ledger, as in Bitcoin, but will include the possibility of an anonymous blockchain that nonetheless will remain true to the proof-of-work system which is designed to avoid double-spending (whereby someone might send the same unit 'virtual' currency to different people) and commonly involves mining which, in a nutshell, means the harnessing of computational power to carry out the calculations required to perform the proof-of-work process (miners are rewarded for doing so).
Now the general mythology of Bitcoin is that it is, already, anonymous and this gets repeated often in the mainstream media. However, it is well-known to the readers of this website that this is clearly not the case. Each transaction made using Bitcoin appears in a publicly accessible ledger allowing everyone to see precisely how much has been paid, to whom, the ip address (and location) where it was made and with deeper analysis which wallets are linked with others. To solve this problem a number of coin-mixing services, albeit not many, have sprung up in recent years, but each takes a cut of the transaction and so this remains an 'external' and temporary solution to what is surely a problem that needs addressing. (Removing ip information is one possible 'reduction' to the problem of what appears on the ledger, but this too remains an external solution).
The Darkcoin whitepaper opens with a respectful overview of Bitcoin especially in relation to decentralisation. It is upon decentralisation that Darkcoin was to implement a solution to the problem of Bitcoin's public blockchain. To this end the promise was to develop a decentralised take on CoinJoin which would result in an anonymised blockchain. It would be named DarkSend. Now, CoinJoin is exactly as one might expect: users 'conjoin' their transactions together into a mesh at once so that it becomes difficult, but not impossible, for people to know precisely who sent what. The solution is somewhat ad hoc. It never actually hides one's transaction and analysis remains possible (say, for instance, if one had some sense of roughly how much was being sent). It is a relatively strong solution compared to a directly public ledger. Variations on this idea are evident in the various coin-mixing services. There has always remained one obvious problem with this approach and it is that one must rely on some centralised site to perform the conjoining and thus one undermines entirely the ethos upon which Bitcoin was built.
The method of merging transactions is unique in Darkcoin in as much as it does not involve simply blending together a volume of transactions together (usually through some centralised website). Rather nodes come together to elect a master node. This is the core innovation of DarkSend (which we are reminded can simply be turned off if one wishes). The whitepaper presents DarkSend as a series of stages comprising a session or transaction. Inputs are accepted, but outputs are blinded and then accepted. Then a master node is elected and the completed transaction is broadcasted to the blockchain. Finally it is signed and possibly a form of collateral is collected or destroyed (we'll discuss this more in a moment). The pool of nodes will know that the output belongs to one of their group, but not which one. Thus a cloak of anonymity is accomplished using a decentralised pool working in conjunction along with a master node.
In the whitepaper a collateral system is outlined wherein each transaction includes a 0.1DRK transaction for the payment nodes (the last ones to solve a block). If a user does not play fair with an input by refusing to sign or just disappearing the payment node pockets the collateral which crucially comes from the input actor and not the pool as such. This gives miners an extra inventive to engage Darkcoin because not only would they be earning from mining, but they would also be the security guards of the pools since they would be motivated by the possibility of earning the collateral. (Since, as the writers note, this will often means pools earn the collateral there needs to be vigilance on the part of users of the pool that they are receiving the collateral albeit clearly pools that abuse the system would be hugely unpopular). Unused collateral is destroyed when no longer needed.
Perhaps one of the more subtle, but by no means insignificant ideas, expressed in the paper is that of using exact demonimations: 1DRK, 10DRK, 100DRK and so on. These denominations help hide users even further because one cannot locate the expected transaction (say, for example, one is trying to trace a transaction of 0.4DRK). In this manner all the users are flattened even when one sends an inexact denomination since the system is designed to facilitate the distribution of uneven numbers into 'wider' even numbers that increase anonymity. Now in the whitepaper we find that master nodes are electable from an algorithm (this will later change). A second, backup master node is always in place should the first suffer outage or simply disappear. The master node is responsible, as well, for distributing the collateral to the payment nodes. Abusive master nodes can be ousted when the pool elects the backup and the collateral distributed back to the pool. The function of the master node is to act as the net through which only legitimate transactions occur (ensured by held collateral as deterrent to bad actors) and if all goes well they will broadcast the transaction for all involved to sign off on. Another minor idea expressed in the paper is the idea that participants in the pool could actually contribute to the anonymity of the pool by sending money directly to themselves. This adds to the 'fog' of the pool and increases its speed as a bonus. (The paper ends with a short economic perspective that I have sidelined in consideration of the audience of this website).
We can see, therefore, that the original vision of Darkcoin was to improve upon Bitcoin in the area of anonymity. Faced with a public ledger the developers decided to focus on solutions to this visibility by building upon CoinJoin with the implementation of DarkSend. This would involve the merging of transactions occurring in a pool of nodes with an algorithmically elected master node (thus a decentralised one) who would process the transactions – themselves occurring in flattened denominational blocks – with the security of a small 0.1DRK collateral keeping bad actors at bay (and with in-built guards against master node and pool abuse as well).
This is the vision, but did Darkcoin come up against any obstacles and how precisely did the release candidates fare when put to the real-world test? In part 2 we examine the beginnings proper of Darkcoin.
If this is helpful for you and you want to help me in terms of having time to write the next parts my DRK address is: Xe9ywvpMAq8kwcrzcWecQZe7SwYopqgU9w
Please note that the following article is focused on the history of Darkcoin meaning that many of the ideas expressed here have been superceded by later developments. However, the piece is designed to inform users of precisely the effort that has went into developing the coin rather than to contribute to the marketing of the current version of the coin. As we proceed we will come to see how old ideas encounter unexpected issues and how they are addressed. In this first part the emphasis is on the core ideals and vision behind the coin.
This series begins with an examination of Darkcoin's original whitepaper. As is quite common for cryptocurrencies the white paper sets out the motivations behind the development of the coin and traditionally its core features (with the hope that miners and investors will place faith in the future of the coin. Leaving aside Satoshi Nakamoto's famous Bitcoin whitepaper (published in 2008) we find that the bulk of coins following it its wake have faced the demand of how to distinguish the coin from Bitcoin. As the coins accumulated we then found a new demand. How to distinguish the coins from other cryptocoins. Making the entire process doubly-difficult these days is that there have been a number of 'pumped' coins that either died, were abandoned, or were plain scams. For this reason the whitepaper is a curious entity since it promises what has not yet been developed. Miners and investors must decide whether the developer or developers can deliver. In the case of Darkcoin the community is distinguished by its long-standing faith and patience in the lead developer Evan Duffield. This has come in spite of the fact that Duffield has insisted on carrying out the development and testing of Darkcoin at a pace that is almost unseeingly to the day-traders who depend on pump and dump cycles.
The whitepaper describes Darkcoin as a 'Peer-to-peer CryptoCurrency with Anonymous Blockchain Transactions and an Improved Proof-of-Work System.' In a nutshell this title tells us that Darkcoin will follow the fundamental principles of Bitcoin: it will be a decentralised peer-to-peer currency with a 'ledger' (the blockchain). However, it also promises that this will not just be a public ledger, as in Bitcoin, but will include the possibility of an anonymous blockchain that nonetheless will remain true to the proof-of-work system which is designed to avoid double-spending (whereby someone might send the same unit 'virtual' currency to different people) and commonly involves mining which, in a nutshell, means the harnessing of computational power to carry out the calculations required to perform the proof-of-work process (miners are rewarded for doing so).
Now the general mythology of Bitcoin is that it is, already, anonymous and this gets repeated often in the mainstream media. However, it is well-known to the readers of this website that this is clearly not the case. Each transaction made using Bitcoin appears in a publicly accessible ledger allowing everyone to see precisely how much has been paid, to whom, the ip address (and location) where it was made and with deeper analysis which wallets are linked with others. To solve this problem a number of coin-mixing services, albeit not many, have sprung up in recent years, but each takes a cut of the transaction and so this remains an 'external' and temporary solution to what is surely a problem that needs addressing. (Removing ip information is one possible 'reduction' to the problem of what appears on the ledger, but this too remains an external solution).
The Darkcoin whitepaper opens with a respectful overview of Bitcoin especially in relation to decentralisation. It is upon decentralisation that Darkcoin was to implement a solution to the problem of Bitcoin's public blockchain. To this end the promise was to develop a decentralised take on CoinJoin which would result in an anonymised blockchain. It would be named DarkSend. Now, CoinJoin is exactly as one might expect: users 'conjoin' their transactions together into a mesh at once so that it becomes difficult, but not impossible, for people to know precisely who sent what. The solution is somewhat ad hoc. It never actually hides one's transaction and analysis remains possible (say, for instance, if one had some sense of roughly how much was being sent). It is a relatively strong solution compared to a directly public ledger. Variations on this idea are evident in the various coin-mixing services. There has always remained one obvious problem with this approach and it is that one must rely on some centralised site to perform the conjoining and thus one undermines entirely the ethos upon which Bitcoin was built.
The method of merging transactions is unique in Darkcoin in as much as it does not involve simply blending together a volume of transactions together (usually through some centralised website). Rather nodes come together to elect a master node. This is the core innovation of DarkSend (which we are reminded can simply be turned off if one wishes). The whitepaper presents DarkSend as a series of stages comprising a session or transaction. Inputs are accepted, but outputs are blinded and then accepted. Then a master node is elected and the completed transaction is broadcasted to the blockchain. Finally it is signed and possibly a form of collateral is collected or destroyed (we'll discuss this more in a moment). The pool of nodes will know that the output belongs to one of their group, but not which one. Thus a cloak of anonymity is accomplished using a decentralised pool working in conjunction along with a master node.
In the whitepaper a collateral system is outlined wherein each transaction includes a 0.1DRK transaction for the payment nodes (the last ones to solve a block). If a user does not play fair with an input by refusing to sign or just disappearing the payment node pockets the collateral which crucially comes from the input actor and not the pool as such. This gives miners an extra inventive to engage Darkcoin because not only would they be earning from mining, but they would also be the security guards of the pools since they would be motivated by the possibility of earning the collateral. (Since, as the writers note, this will often means pools earn the collateral there needs to be vigilance on the part of users of the pool that they are receiving the collateral albeit clearly pools that abuse the system would be hugely unpopular). Unused collateral is destroyed when no longer needed.
Perhaps one of the more subtle, but by no means insignificant ideas, expressed in the paper is that of using exact demonimations: 1DRK, 10DRK, 100DRK and so on. These denominations help hide users even further because one cannot locate the expected transaction (say, for example, one is trying to trace a transaction of 0.4DRK). In this manner all the users are flattened even when one sends an inexact denomination since the system is designed to facilitate the distribution of uneven numbers into 'wider' even numbers that increase anonymity. Now in the whitepaper we find that master nodes are electable from an algorithm (this will later change). A second, backup master node is always in place should the first suffer outage or simply disappear. The master node is responsible, as well, for distributing the collateral to the payment nodes. Abusive master nodes can be ousted when the pool elects the backup and the collateral distributed back to the pool. The function of the master node is to act as the net through which only legitimate transactions occur (ensured by held collateral as deterrent to bad actors) and if all goes well they will broadcast the transaction for all involved to sign off on. Another minor idea expressed in the paper is the idea that participants in the pool could actually contribute to the anonymity of the pool by sending money directly to themselves. This adds to the 'fog' of the pool and increases its speed as a bonus. (The paper ends with a short economic perspective that I have sidelined in consideration of the audience of this website).
We can see, therefore, that the original vision of Darkcoin was to improve upon Bitcoin in the area of anonymity. Faced with a public ledger the developers decided to focus on solutions to this visibility by building upon CoinJoin with the implementation of DarkSend. This would involve the merging of transactions occurring in a pool of nodes with an algorithmically elected master node (thus a decentralised one) who would process the transactions – themselves occurring in flattened denominational blocks – with the security of a small 0.1DRK collateral keeping bad actors at bay (and with in-built guards against master node and pool abuse as well).
This is the vision, but did Darkcoin come up against any obstacles and how precisely did the release candidates fare when put to the real-world test? In part 2 we examine the beginnings proper of Darkcoin.
Last edited by a moderator: