Development Updates - July 7th

[fernando]

Good stuff. I knew it was going to be rare, but nice to see some numbers. Just to be clear this was not a major concern of mine, but somebody has to play devil's advocate . Mind posting this over on bitcointalk as well. Might head off some of the FUD we are bound to get as America/Europe wake up to the DarkSend+ news.

Thanks, it is already there. I barely post at btctalk lately because it is too time consuming to read all the FUD and keep up with the thread, but chaeplin took care... I feel honored!

I completely understood you were just playing devil's advocate and I believe it is a very healthy exercise. Everyone shouting to-the-moon would turn this into a religion and I would quit the next minute.

 

[Brilliantrocket]

We really need a way to make it impossible for transactions to be unmasked through node collusion. Having only a small chance isn't good enough. If we can get that, along with ip obfuscation, I'd say we're set.

 

[fusecavator]

I as posted earlier, I think that this is great work and a big improvement even over the denominated change idea discussed on bitcointalk months ago. However allow me to play devil's advotcate here...

The most obvious knock on this solution is that all Darksend+ has done is make it mathematically less likely to be de-anonymized.

As I am sure the dev team knows that you can still be exposed by a bad actor if both the masternodes elected are owned by said actor or if two masternode owners collude. I know this is a good deal less likely than before, but it is far from impossible.

My question is what are the future plans regarding this issue?

Encryption of data flowing through masternodes? Clever use of I2P? Something else entirely? Or... Is the dev team of the opinion that Darksend+ is anonymous enough?

Thanks for any responses.

One potential solution I think might be interesting would be use zerocoin-style zero knowledge proofs for passing outputs to a masternode. A sender could give his input transaction and another piece of data to the masternode, then after the inputs are collected, the masternode can calculate an accumulator based off the other data it received, then senders can send to the masternode their outputs along with a proof that allows the masternode to verify that the sender is part of the group who gave inputs, without revealing which one. The masternode then wouldn't be able to link inputs and outputs, and only a single node is required, instead of cooperation. The accumulator and proofs can just be discarded after the transaction is finished, as their only purpose is for the masternode to find out the outputs, so no blockchain bloat or increased computation in block verification occurs.

 

[Lzeppelin]

This has probably been addressed before but how does darkcoin get around de-anonymizing by simply looking at times and balances, i.e address A got 53 DRK poorer at the same instant address B got 53 DRK richer?

 

[Brilliantrocket]

This has probably been addressed before but how does darkcoin get around de-anonymizing by simply looking at times and balances, i.e address A got 53 DRK poorer at the same instant address B got 53 DRK richer?

Let's say you want to send 25 DRK. The client will remove 50 from your wallet, then it will create new addresses with denominated amounts of DRK. From these, 25 DRK will be sent to masternode #2. The other 25 DRK will remain in your wallet under the new addresses. So it looks like you sent 50 ,but in reality your recipient received 25.

 

[Lzeppelin]

Let's say you want to send 25 DRK. The client will remove 50 from your wallet, then it will create new addresses with denominated amounts of DRK. From these 25 DRK will be sent to masternode #2. The other 25 DRK will remain in your wallet under the new addresses. So it looks like you sent 50 and the recipient received 25.

.
Oh ok, that's pretty neat. Thanks for explaining that, I was always confused about that

 

[fusecavator]

.
Oh ok, that's pretty neat. Thanks for explaining that, I was always confused about that

It's actually better than that. Since masternodes group transactions, and they all use the same input size of 10 coins, at that one moment 3 addresses get 10 coins poorer each, and 6 addresses get richer.

 

[LonnieDRR]

Looking forward to darksend+