Development Updates - July 7th

fernando

Powered by Dash
Foundation Member
May 9, 2014
1,527
2,059
283
Good stuff. I knew it was going to be rare, but nice to see some numbers. Just to be clear this was not a major concern of mine, but somebody has to play devil's advocate ;). Mind posting this over on bitcointalk as well. Might head off some of the FUD we are bound to get as America/Europe wake up to the DarkSend+ news.
Thanks, it is already there. I barely post at btctalk lately because it is too time consuming to read all the FUD and keep up with the thread, but chaeplin took care... I feel honored! :)

I completely understood you were just playing devil's advocate and I believe it is a very healthy exercise. Everyone shouting to-the-moon would turn this into a religion and I would quit the next minute.
 

Brilliantrocket

New Member
May 12, 2014
11
4
3
We really need a way to make it impossible for transactions to be unmasked through node collusion. Having only a small chance isn't good enough. If we can get that, along with ip obfuscation, I'd say we're set.
 

fusecavator

Member
Jun 4, 2014
40
38
58
I as posted earlier, I think that this is great work and a big improvement even over the denominated change idea discussed on bitcointalk months ago. However allow me to play devil's advotcate here...

The most obvious knock on this solution is that all Darksend+ has done is make it mathematically less likely to be de-anonymized.

As I am sure the dev team knows that you can still be exposed by a bad actor if both the masternodes elected are owned by said actor or if two masternode owners collude. I know this is a good deal less likely than before, but it is far from impossible.

My question is what are the future plans regarding this issue?

Encryption of data flowing through masternodes? Clever use of I2P? Something else entirely? Or... Is the dev team of the opinion that Darksend+ is anonymous enough?

Thanks for any responses.
One potential solution I think might be interesting would be use zerocoin-style zero knowledge proofs for passing outputs to a masternode. A sender could give his input transaction and another piece of data to the masternode, then after the inputs are collected, the masternode can calculate an accumulator based off the other data it received, then senders can send to the masternode their outputs along with a proof that allows the masternode to verify that the sender is part of the group who gave inputs, without revealing which one. The masternode then wouldn't be able to link inputs and outputs, and only a single node is required, instead of cooperation. The accumulator and proofs can just be discarded after the transaction is finished, as their only purpose is for the masternode to find out the outputs, so no blockchain bloat or increased computation in block verification occurs.
 

Lzeppelin

Member
Feb 27, 2014
283
57
88
This has probably been addressed before but how does darkcoin get around de-anonymizing by simply looking at times and balances, i.e address A got 53 DRK poorer at the same instant address B got 53 DRK richer?
 
  • Like
Reactions: vertoe

Brilliantrocket

New Member
May 12, 2014
11
4
3
This has probably been addressed before but how does darkcoin get around de-anonymizing by simply looking at times and balances, i.e address A got 53 DRK poorer at the same instant address B got 53 DRK richer?
Let's say you want to send 25 DRK. The client will remove 50 from your wallet, then it will create new addresses with denominated amounts of DRK. From these, 25 DRK will be sent to masternode #2. The other 25 DRK will remain in your wallet under the new addresses. So it looks like you sent 50 ,but in reality your recipient received 25.
 
  • Like
Reactions: Lzeppelin

Lzeppelin

Member
Feb 27, 2014
283
57
88
Let's say you want to send 25 DRK. The client will remove 50 from your wallet, then it will create new addresses with denominated amounts of DRK. From these 25 DRK will be sent to masternode #2. The other 25 DRK will remain in your wallet under the new addresses. So it looks like you sent 50 and the recipient received 25.
.
Oh ok, that's pretty neat. Thanks for explaining that, I was always confused about that
 

fusecavator

Member
Jun 4, 2014
40
38
58
.
Oh ok, that's pretty neat. Thanks for explaining that, I was always confused about that
It's actually better than that. Since masternodes group transactions, and they all use the same input size of 10 coins, at that one moment 3 addresses get 10 coins poorer each, and 6 addresses get richer.