Development Updates - July 7th

eduffield

Core Developer
Mar 9, 2014
1,084
5,323
183
Masternode Payment Consensus Protocol

The Masternode voting system launched with RC3 has been removed from the codebase and replaced with an entirely new consensus protocol. Development is completed for the new consensus protocol and it has been working very well in all of our tests.

In a previous statement, we laid out the details of how this new system functions (link: http://goo.gl/pDG9W3) - but in case you missed it:

“[In] each round [of voting], a winning Masternode is chosen to carry out Darksend transactions. This process is carried out by the individual nodes across the network independently using the Masternode election algorithm. This algorithm chooses a winning node for Darksend, but there is also a runner up, third, forth, fifth place, etc.

Utilizing this code, we can make a deterministic list of the “top 10 Masternodes” with the winning scores. These will be the same nodes across the network and they will vote on who they believe should get paid for that round. The winning Masternode will be the one with the most votes (up to 10 votes) and the network will reject blocks not containing that payment entry.”

Unit Test Revamp

Deathray1977 has been all over the code base lately helping us get our unit tests in order. Unit tests allow us to test individual bits of code for functionality, either in advance of merging those bits of code with the rest of the project or for use in debugging. This adds a great deal of efficiency to the entire coding process, which will allow us to bring more high-quality features online faster.

Wallet GUI Improvements

DRKLord has launched a project to overhaul the GUI and add new functionality to the Darkcoin wallet. One example is the addition of new code that will allow the wallet to display current exchange rates on various exchanges.

Please check out DRKLord’s thread on darkcointalk.org and give him some feedback on what changes you would like to see. (link: http://goo.gl/1yFUEb)

RC4 Anonymity Design: “Darksend+”

We’re excited to announce a new iteration of Darksend: Darksend+.

With the original Darksend implementation, one Masternode was tasked with handling both inputs and outputs for a given set of Darksend transactions, returning change to the sender. Various techniques were employed to obfuscate the link between sender and receiver - to great effect - but the Masternode itself was still able to link inputs with outputs.

Darksend+ goes a step further.

The process is now split between two separate Masternodes. Masternode 1 receives an amount of DRK (input) from the sender that is unrelated to the amount intended for the receiver. From that input, Masternode 1 breaks down the total into homogeneous denominations (1, 2, 5, 10, etc.) and sends (output) each denominated chunk of DRK back to the sender’s wallet using randomly generated change addresses.

The sender’s client selects appropriate denominations from those change addresses, totalling the amount of DRK that the sender wishes to send to the receiver, then forwards those denominations to Masternode 2. Masternode 2 mixes those denominations with inputs from other users and sends the desired amount to the intended receivers. This creates a much more anonymous solution than we’ve had in the past.

Because all of the outputs from Masternode 1 are returned to the sender in denominated amounts on randomly generated change addresses, Masternode 1 cannot know the address of the receiver.

Because all of the inputs to Masternode 2 originate from random change addresses, Masternode 2 is unable to determine the addresses from which the original funds were sent. The sender’s primary address and the receiver’s primary wallet address are never simultaneously known by either Masternode 1 or Masternode 2.

There is no direct link between the sender and receiver (by wallet address) at any point in the transaction. This also removes the potential for a transaction to be unmasked by a user accidentally combining change “dust” with funds from their primary wallet address.

This entire process will be automated and transparent to the end user.











Development on the Darksend+ is ongoing and we’re on target for a late July release.

New Additions to the development team

Over the past few weeks, flare has been critical to finding bugs in the RC3 and fine tuning the development process to ensure we have high quality releases. We’re happy to announce Holger Schinzel (flare) is officially joining the team. Holger brings 7 years of experience in IT quality management and testing in the medical devices field.
 

TanteStefana

Grizzled Member
Foundation Member
Mar 9, 2014
2,871
1,863
1,283
It really looks like you're gathering an incredible team together! Very exciting! Will we still be using testnet to test?
 

mattmct

Member
Mar 13, 2014
259
92
88
Very exciting and very well explained! Detailed but easy to follow. Looks like Evan and the team have been making some awesome progress!

Darksend+ ohh yeah!
 
  • Like
Reactions: Audio

thenorb

New Member
Jun 13, 2014
17
3
3
Thank you Evan and the rest of the team for all the great work you have been doing! I am looking forward to RC4!
 
  • Like
Reactions: Audio

Kong

Member
Apr 9, 2014
55
15
48
Masternode payments: Does this mean that there is no enforcement for the pools to pay the masternodes?
 

TanteStefana

Grizzled Member
Foundation Member
Mar 9, 2014
2,871
1,863
1,283
Evan already (lightly) explained that the payment elections will be changed from the miners voting to the masternodes voting, or something like that, LOL, been too busy to follow closely but remember this being said?? And that if the miner who found the block does not pay, the block will be rejected.
 

javqui

New Member
May 18, 2014
6
1
3
Great Job !.
Edit: I had several questions about the new Darksend+, but found the answers. Thank you.
 
Last edited by a moderator:

eltito

Active Member
Apr 21, 2014
157
185
103
Masternode payments: Does this mean that there is no enforcement for the pools to pay the masternodes?
Enforcement code is written in, but this will be a soft fork (spork) implementation and enforcement will not be immediately switched on.
 

Kong

Member
Apr 9, 2014
55
15
48
Enforcement code is written in, but this will be a soft fork (spork) implementation and enforcement will not be immediately switched on.
In my opinion the miners also have an interest in paying the "masternode tax", because the coin's success relies on the masternodes. Mining and immediately dumping is not profitable anymore. Therefore i can't understand that the miners choose a pool which doesn't pay the masternodes. Elbzo.net shows that the miners are switching to pools that do not pay the masternodes. This is nonsense in my opininon, because the price will drop if the masternodes don't get paid. Therefore there has to be either an enforcement system or a marketing campaigne that explains the miners that they should mine on a pool which pays the masternodes. The miners mine in hope of a higher price, because the electricity costs are higher than the dumping price. It is in the miners interest, but perhaps they don't know it yet.
 

splawik21

Moderator
Dash Core Team
Foundation Member
Dash Support Group
Apr 8, 2014
1,946
1,306
1,283
AWESOME!!!!
Evan having now 2 masternodes...input/output which one of them will be chosen for 20% of the block payment?
btw. I mine only on pools who pay 20% fee for MNs
 
  • Like
Reactions: vertoe

JGCMiner

Active Member
Jun 8, 2014
364
217
113
Awesome Job Evan!

The new charts and the explanation also should be in the first post of bitcointalk. However before that, if possible, you need to fix the upper part of the first chart as the change adds up to 130DRK rather than 120DRK. That and the fixes mentioned above.

Also this is an excellent time for some organized PR. Let's let people know that the "you are not anonymous to the masternode and thus Darksend is still centralized" argument is now FALSE.


Edit: You can still be unmasked if the same bad actor owns both the masternodes that have been elected (I post as such later in this thread), but the chances of that are low (thanks fernando) and there already have been some additional countermeasures discussed on bitcointalk. :cool:
 
Last edited by a moderator:

Ryan Taylor

Well-known Member
Foundation Member
Jul 3, 2014
550
1,649
263
Scottsdale, AZ, USA
Love, love, love this! Brilliant solution.

Question for the dev team: Rather than using the familiar 10-unit / 5-unit / 1-unit denominations (which are admittedly very helpful denominations for helping us mere humans calculate change quickly), do you know if there is benefit to using a mathamatically optimal set of units? For example, it has been shown that simply replacing the dime in the US with an 18 cent piece (making the coins 1,5,18,25) would reduce the average number of coins needed to make change to just 3.86 coins in an average transaction, which is about 17% more efficient than our (1,5,10,25) system in use. This example could help reduce the size of the block chain by requiring 17% fewer denominated change addresses, and since humans wouldn't be doing the calculations, it shouldn't matter much what specific denominations we use (the end user will never see them). Here is a good whitepaper that could help generate ideas...

https://cs.uwaterloo.ca/~shallit/Papers/change2.pdf

The whitepaper shows the optimal denominations to use for a 4, 5, 6, and 7 "coin" denomination system. For example, the optimal 7-denomination system would rely on (1;4;9;11;26;38;44) as the units and would reduce average change in a 100-based system to 2.65 units. This is a whopping 44% more efficient than a (1;5;10;25) system. That would also reduce the amount of "dust" in the wallets and help keep wallets cleaner.

I don't know if there are other complications to adopting this, though. I don't know if the greedy method (see here for explanation: http://en.wikipedia.org/wiki/Change-making_problem) works well on odd-denomination coins. I also don't know if the odd amounts reduce anonymity somehow versus what you have planned. But certainly a concept I hope you will consider.
 
Last edited by a moderator:

thenorb

New Member
Jun 13, 2014
17
3
3
Enforcement code is written in, but this will be a soft fork (spork) implementation and enforcement will not be immediately switched on.
Do you know if there is a time frame for when enforcement will be turned on, or if you have a link to this info that would be great? I want to stay on top of pool updates.
 

Carrot

Member
May 26, 2014
64
21
48
Beautiful absolutely beautiful, I am so grateful to just be small cog of such a revolutionary thought pattern. You people are just of an amazingly awesome mindset. Invoking this type of thought pattern is nothing short of awe inspiring. I mean who thinks of something so intelligent. A system thats operations are so very complex yet but understandable enough for the masses. An energy efficient mining algorithm with an anonymous money sending ecosystem of decentralized masternodes. How much cooler does it get. Darkcoin is the best thing sense the wheel in transportation with comparison to any other monetary exchange system. Please do not ever let this fall into another entity's hands that will try to kill the innovation purpose and dream of us all. Darkcoin is our freedom, let it ring baby let it ring!!!
 
  • Like
Reactions: Audio

eltito

Active Member
Apr 21, 2014
157
185
103
Do you know if there is a time frame for when enforcement will be turned on, or if you have a link to this info that would be great? I want to stay on top of pool updates.
Not yet, but we'll put that information out here, on twitter (and other social media outlets) as well as via email as soon as the timeframe is narrowed down. You can sign up for the mailing list here.
 
  • Like
Reactions: thenorb

Simcom

New Member
Apr 3, 2014
14
1
3
Wow, this is a huge improvement over anything that was discussed on bitcointalk previously. I am very pleased with this solution. :)
 

JGCMiner

Active Member
Jun 8, 2014
364
217
113
I as posted earlier, I think that this is great work and a big improvement even over the denominated change idea discussed on bitcointalk months ago. However allow me to play devil's advotcate here...

The most obvious knock on this solution is that all Darksend+ has done is make it mathematically less likely to be de-anonymized.

As I am sure the dev team knows that you can still be exposed by a bad actor if both the masternodes elected are owned by said actor or if two masternode owners collude. I know this is a good deal less likely than before, but it is far from impossible.

My question is what are the future plans regarding this issue?

Encryption of data flowing through masternodes? Clever use of I2P? Something else entirely? Or... Is the dev team of the opinion that Darksend+ is anonymous enough?

Thanks for any responses.
 
Last edited by a moderator:
  • Like
Reactions: ImI

thenorb

New Member
Jun 13, 2014
17
3
3
Not yet, but we'll put that information out here, on twitter (and other social media outlets) as well as via email as soon as the timeframe is narrowed down. You can sign up for the mailing list here.
Thanks eltito, I have been signed up for those and I will keep an eye out for when to update.
 

fernando

Powered by Dash
Foundation Member
May 9, 2014
1,527
2,059
283
I as posted earlier, I think that this is great work and a big improvement even over the denominated change idea discussed on bitcointalk months ago. However allow me to play devil's advotcate here...

The most obvious knock on this solution is that all Darksend+ has done is make it mathematically less likely to be de-anonymized.

As I am sure the dev team knows that you can still be exposed by a bad actor if both the masternodes elected are owned by said actor or if two masternode owners collude. I know this is a good deal less likely than before, but it is far from impossible.

My question is what are the future plans regarding this issue?

Encryption of data flowing through masternodes? Clever use of I2P? Something else entirely? Or... Is the dev team of the opinion that Darksend+ is anonymous enough?

Thanks for any responses.
You are right. If someone controlling both masternodes can deanonymize transactions (haven't checked with devs, maybe there is some measure in that area already), the risk is still there. However, thanks to the high number of masternodes, it is extremely low. I've done some numbers for 600 masternodes (we are at 605 now), 800 and 1000. At 600 you need 61 masternodes (now about 436k USD) coordinated to act roguely to get a 1% chance of deanonymize a transaction. With 1000 masternodes you need more than 100 masternodes for that 1%.

Of course, if you are just looking for any transaction, even a low percentage maybe good enough, but I'm sure devs can do something in the communication with MNs so the probability goes to zero. Something needs to be left for Darksend++ or the fun is going to be over too fast ;)

You can check the numbers at the table below or in Google Docs: http://j.mp/1mEtWz4

 

JGCMiner

Active Member
Jun 8, 2014
364
217
113
You are right. If someone controlling both masternodes can deanonymize transactions (haven't checked with devs, maybe there is some measure in that area already), the risk is still there. However, thanks to the high number of masternodes, it is extremely low. I've done some numbers for 600 masternodes (we are at 605 now), 800 and 1000. At 600 you need 61 masternodes (now about 436k USD) coordinated to act roguely to get a 1% chance of deanonymize a transaction. With 1000 masternodes you need more than 100 masternodes for that 1%.

Of course, if you are just looking for any transaction, even a low percentage maybe good enough, but I'm sure devs can do something in the communication with MNs so the probability goes to zero. Something needs to be left for Darksend++ or the fun is going to be over too fast ;)

You can check the numbers at the table below or in Google Docs: http://j.mp/1mEtWz4

Good stuff. I knew it was going to be rare, but nice to see some numbers. Just to be clear this was not a major concern of mine, but somebody has to play devil's advocate ;). Mind posting this over on bitcointalk as well. Might head off some of the FUD we are bound to get as America/Europe wake up to the DarkSend+ news.
 

Vyazhan

Member
Jun 23, 2014
62
20
48
Good stuff. I knew it was going to be rare, but nice to see some numbers. Just to be clear this was not a major concern of mine, but somebody has to play devil's advocate ;). Mind posting this over on bitcointalk as well. Might head off some of the FUD we are bound to get as America/Europe wake up to the DarkSend+ news.
I believe this is the problem of most anonymizing services. Look at TOR and you have the exact same issue, which is why it is so important to spread the network out as much as possible and to integrate as many nodes and servers as humanly possible. The more people we have to cloak our identity, the less likely we would get exposed by bad actors inside the network :)