Welcome to the Dash Forum!

Please sign up to discuss the most innovative cryptocurrency!

Poll: Evo will expose your contact list, are you concerned?

Discussion in 'General Discussion' started by GrandMasterDash, Mar 17, 2018.

?

Does an exposed contact list concern you?

  1. Yes and I consider it a critical flaw.

    6 vote(s)
    40.0%
  2. Yes, but I am happy to wait one year for this to be fixed

    2 vote(s)
    13.3%
  3. Not important, let's just get Evo out there

    7 vote(s)
    46.7%
  1. GrandMasterDash

    GrandMasterDash Well-known Member
    Masternode Owner/Operator

    Joined:
    Jul 12, 2015
    Messages:
    2,682
    Likes Received:
    959
    Trophy Points:
    183
    In Evolution, a user's contact list can be exposed (please correct me if I'm wrong).

    I am concerned that such breach of privacy will attract negative press and may have significant impact on dash going forward (expensive to counter and rectify).

    It is said that usernames are pseudo anonymous, but I disagree; the DAPI will (hopefully) be embedded within mobile apps, which in turn collect lots of user data e.g. phone number, wifi identity, location, and so on. Users could register multiple usernames (at a cost), but this is not a user friendly approach.
     
    • Like Like x 1
  2. jimbursch

    jimbursch Active Member

    Joined:
    Mar 5, 2017
    Messages:
    837
    Likes Received:
    499
    Trophy Points:
    133
    @GrandMasterDash is raising an important issue here that we as a community need to address head on and come to grips with before our critics.

    I believe he is referring to comments on the demo video from Alex Werner:

    So, Evolution is going to launch with weak privacy. I understand the reasoning for the decision, and ultimately I would support the decision.

    We need to know exactly where/how privacy is weak and what users will be able to do to strengthen privacy (best practices). My hope is that rejecting Evolution is not the only option.
     
    • Like Like x 1
    • Agree Agree x 1
  3. Stealth923

    Stealth923 Well-known Member
    Foundation Member

    Joined:
    Mar 9, 2014
    Messages:
    343
    Likes Received:
    370
    Trophy Points:
    233
    Evolution’s ethos is primarily a payments system so easy to use your grandma can use it. This is what will take crypto to mainstream. NOT a privacy centric anonymous payment rail. 99% of people give out so much of their data every day to these businesses with out even caring.

    If you want full anonymity, go use dash core wallet with private send or zcash. Don’t use Evolution, you are not it’s target use case.
     
    • Agree Agree x 2
    • Like Like x 1
  4. GrandMasterDash

    GrandMasterDash Well-known Member
    Masternode Owner/Operator

    Joined:
    Jul 12, 2015
    Messages:
    2,682
    Likes Received:
    959
    Trophy Points:
    183
    It's not about the user's privacy, it's about the inadvertent exposure of the user's friends and contacts without their permission. If a user doesn't care for such things then fine, but why inflict such beliefs on all your contacts?
     
    • Agree Agree x 1
  5. yocko

    yocko Member

    Joined:
    Feb 7, 2017
    Messages:
    154
    Likes Received:
    64
    Trophy Points:
    88
    Dash Address:
    XqWRVQSoUyrMQ7TDHqz5zcFd1xxdQEDR3D
    Just hold off using it if you have such an issue, I for one would rather see it here now and in time implement privacy.
    As it has been stated already, you can use DASH Core wallet if you have concerns. So whats the big deal?
    Let's roll out this cube chain crypto changer and start plugging into the DAPI
     
    • Like Like x 3
    • Agree Agree x 1
  6. GrandMasterDash

    GrandMasterDash Well-known Member
    Masternode Owner/Operator

    Joined:
    Jul 12, 2015
    Messages:
    2,682
    Likes Received:
    959
    Trophy Points:
    183
    Everyone saying this is making the same fundamental mistake; it's fine for you to decide YOUR privacy, but it's fundamentally wrong for you to compromise the privacy of your contacts without their consent on every transaction you do. One of your friends will buy a bunch of fertilizer to make a bomb and suddenly you become a suspect.

    What reaction would you expect if a bank openly exposed all it's customers contacts?

    Realistically, how do you retro-fit privacy if, for example, someone already has 200 contacts? Not least that some of those people will have setup reocuring payments. Is it realistic to expect all their contacts to create a new username and re-register with all their services?

    I'm thinking there's so much hype about this release - and I understand it's good stuff - that it's blinding people of how this could negatively impact dash.
     
    • Agree Agree x 1
    • Informative Informative x 1
  7. jimbursch

    jimbursch Active Member

    Joined:
    Mar 5, 2017
    Messages:
    837
    Likes Received:
    499
    Trophy Points:
    133
    Weak privacy is dangerous and we should not launch a dangerous product.

    Let's take this use-case as an example:

    Alice operates a medical marijuana dispensary in California. She is a law-abiding citizen who is well respected in the community and supported by local law enforcement. However, the Federal government has hardened its stance against the cannabis industry, with its top leadership calling for the death penalty for drug dealers, which by its definition includes Alice.

    If Alice uses Dashpay with weak privacy, using sophisticated network analysis techniques, the DEA could map out and eventually identify Alice's entire network of customers and vendors, enabling them to make sweeping arrests, including Alice, and threaten her with death.

    Dash is supposed to be a solution to Alice's problems, not a hazard.
     
    • Agree Agree x 2
  8. yocko

    yocko Member

    Joined:
    Feb 7, 2017
    Messages:
    154
    Likes Received:
    64
    Trophy Points:
    88
    Dash Address:
    XqWRVQSoUyrMQ7TDHqz5zcFd1xxdQEDR3D
    Is it not the same thing as bitcoin address? if you send to multiple addresses (friends) its all visible on the blockchain yes?
    So all those addresses are compromised if one goes through coinbase, boom real ID attached.
    Pseudonym username, pseudonym address whats the real difference? its only 1% of DASH that is private sends atm. the private sends can stay private.
    people should be made aware of this and made aware that this is a work in progress and privacy is coming but let's not hold off evo bro!
     
    • Agree Agree x 1
  9. jimbursch

    jimbursch Active Member

    Joined:
    Mar 5, 2017
    Messages:
    837
    Likes Received:
    499
    Trophy Points:
    133
    From the beginning, Dash has positioned itself as a cryptocurrency with strong privacy features. Privacy is a key feature of cash that we are trying to replicate with digital cash. Without it, Dash is no better than a credit card.

    We need strong privacy because it gives us an advantage in a competitive marketplace. It is a differentiating feature that can win for us.
     
    • Agree Agree x 2
    • Dislike Dislike x 1
  10. yocko

    yocko Member

    Joined:
    Feb 7, 2017
    Messages:
    154
    Likes Received:
    64
    Trophy Points:
    88
    Dash Address:
    XqWRVQSoUyrMQ7TDHqz5zcFd1xxdQEDR3D
    So Alice should not use Evo until it has privacy, Privacy is coming, but Alice who chooses her own risk needs to determine her security.
    Everyone complains about Evo being so late, now where complaining that it will be released with full spec! Come on, guys? This is blockchain. Unless Alice inforces private send on all her buyers, its the same shit just different smell.
    Plus if Alice is really in this danger, she is looking at the death penalty anyway because she has a shop front that is far more traceable than a pseudonym username.
     
    • Agree Agree x 2
  11. yocko

    yocko Member

    Joined:
    Feb 7, 2017
    Messages:
    154
    Likes Received:
    64
    Trophy Points:
    88
    Dash Address:
    XqWRVQSoUyrMQ7TDHqz5zcFd1xxdQEDR3D
    Nobody has said there will be no privacy, its just not ready yet. Rome wasn't built overnight.
    Give core a break guys. What they have done here as amazing and all you can say is what about this what about that?
     
    • Agree Agree x 2
  12. GrandMasterDash

    GrandMasterDash Well-known Member
    Masternode Owner/Operator

    Joined:
    Jul 12, 2015
    Messages:
    2,682
    Likes Received:
    959
    Trophy Points:
    183
    @yocko though you still haven't addressed the implications of no privacy for all your contacts. A transaction that is okay for you is not necessarily the same for your contacts, possibly in different countries with different laws.

    At the very least there needs to be a big disclaimer on sign-up that says,

    Your entire contact list will be visible to all your contacts. Every blockchain transaction becomes indisputable proof of association, both directly and indirectly. The revelation of one identity may inadvertently reveal the identity of others.
     
    • Agree Agree x 1
  13. jimbursch

    jimbursch Active Member

    Joined:
    Mar 5, 2017
    Messages:
    837
    Likes Received:
    499
    Trophy Points:
    133
    There is absolutely no question that what Core is accomplishing is AMAZING and I 100% support the work they are doing and ultimately support the decisions they have to make.

    But weak privacy is dangerous and we have a responsibility to, at the very least, alert users to the danger. It is my opinion that it would be wrong to flippantly toss off this issue with a caveat emptor.

    We must:

    1. Make it clear to users where and how their privacy can be compromised
    2. Recommend best practices to minimize those risks.
    3. Design the product with clear options to maximize privacy.

    Probably, this is exactly what Core intends to do. We are, after all, reacting to a demo that is far from the final product.
     
    • Agree Agree x 4
    • Winner Winner x 1
  14. GrandMasterDash

    GrandMasterDash Well-known Member
    Masternode Owner/Operator

    Joined:
    Jul 12, 2015
    Messages:
    2,682
    Likes Received:
    959
    Trophy Points:
    183
    I agree. I think dash is, once again, leading innovation and I commend them for it. To me, it's pretty obvious this could massively boost the entire dash ecosystem. But I won't let that taint or curb my insight to how this could also go terribly wrong by abusing our users right to privacy.
     
  15. Efietskop

    Efietskop New Member

    Joined:
    Dec 15, 2017
    Messages:
    30
    Likes Received:
    19
    Trophy Points:
    8
    Where does the notion come from that the contact list is visible to everyone? The way I understood it is that from the outside it is not visible at all which addresses are attached to a username, a username is associated with a set of Hierarchically Deterministic addresses, which addresses that are should only be possible to determine with the private key. The way I'd do it, but I haven't thought about it that much to be honest and I'm not even really a programmer, is that I'd keep most of it in the userspace. Something like this:
    - Alice makes a contact request;
    - Bob accept the request, now a flag is set for "Alice is contact" in Bob's userspace;
    - Alice asks Bob for an address to send a payment to;
    - Bob's has accepted Alice as a contact, Alice is sent a Public Address;
    - Alice makes a payment to the given address;
    - Bob receives payment on the address, this address is part of the subset of HD-addresses he allocated to Alice, so he knows the payment came from Alice.

    If Bob doesn't accept Alice's contact request, Alice never receives a public address.

    I think that what is shown below in the video are the contact requests from Alice, visible from Alice's userspace. But none of this is actually on the blockchain. The only thing that is on the blockchain is a hash of the userspace (or changes to it) signed by Alice's private key. So that only Alice can make changes to the data. Now whether the contacts are visible or not depends on how the userspace data is stored (on the Dashdrive?), but I assume it will be encrypted. Otherwise it would be completely useless for merchants.

    The beauty of the Evolution approach is that it leverages the functionality of the Dash Blockchain but does not change how the Blockchain works much. There's no reason why there couldn't exist a second payment DAP that uses the Dash Blockchain on the same network. If they get this to work (and I'm convinced they will,) this really is Blockchain 3.0!
     
    #15 Efietskop, Mar 18, 2018
    Last edited: Mar 18, 2018
  16. GrandMasterDash

    GrandMasterDash Well-known Member
    Masternode Owner/Operator

    Joined:
    Jul 12, 2015
    Messages:
    2,682
    Likes Received:
    959
    Trophy Points:
    183
    Alice can't modify Bob's userspace, it's exclusively his. From what I gather, a request to bob is made in Alice's userspace, it's the hash that brings it to his attention.

    I'm hoping someone can clarify the full extent to which privacy is affected. And also, how retro-fitting privacy will impact development e.g. will it take twice as long to retro-fit than doing privacy from the outset.
     
  17. yocko

    yocko Member

    Joined:
    Feb 7, 2017
    Messages:
    154
    Likes Received:
    64
    Trophy Points:
    88
    Dash Address:
    XqWRVQSoUyrMQ7TDHqz5zcFd1xxdQEDR3D
    @kot are you able to weigh in here?
     
  18. JGCMiner

    JGCMiner Moderator
    Moderator

    Joined:
    Jun 8, 2014
    Messages:
    358
    Likes Received:
    210
    Trophy Points:
    113
    I have heard @Chuck Williams mention encryption and Dash Drive together so maybe you’re right and we are misinterpreting Alex Werner’s statement.

    Hopefully, this entire discussion the past few days is mute.
     
  19. yocko

    yocko Member

    Joined:
    Feb 7, 2017
    Messages:
    154
    Likes Received:
    64
    Trophy Points:
    88
    Dash Address:
    XqWRVQSoUyrMQ7TDHqz5zcFd1xxdQEDR3D
    I agree we need this big disclaimer if privacy is not ready yet. I don't believe we hold off release based on this.
    Privacy is a very very important part of the project, however, this can be had by opting out of using Evo until its ready, those who choose to opt in do so with associated risks by choice.
    The good thing is now DASH core can come weigh in on this? Hopefully?
     
  20. kot

    kot Administrator
    Core Developer Dash Core Team Foundation Member Dash Support Group Masternode Owner/Operator Moderator

    Joined:
    Mar 17, 2015
    Messages:
    687
    Likes Received:
    1,847
    Trophy Points:
    263
    Thank you for your input into this discussion guys. I need to sit with PMs and TechLeads to figure out if there is any real issue here and if yes, then creat risk mitigation plan.

    Please also remember that software development is a process. You cannot develop everything at once, therefore priorities need to be set and functionalities will be developed one after another.
    We will work with Dash users and merchants to understand what are their priorities in this space and set priorities according to expectations of the business and our technical abilities.
     
    • Like Like x 3
    • Winner Winner x 1
  21. tungfa

    tungfa Administrator
    Dash Core Team Foundation Member Masternode Owner/Operator Moderator

    Joined:
    Apr 9, 2014
    Messages:
    8,961
    Likes Received:
    6,735
    Trophy Points:
    1,283
    totally agree with kot here
    let’s take it easy guys - no need for a poll or all excitement
    this is DEMO 1 !
    if we still have this by DEMO 10 we can fire this up again here ;)
     
    • Like Like x 1
  22. TheSingleton

    TheSingleton Active Member
    Masternode Owner/Operator

    Joined:
    Mar 27, 2017
    Messages:
    275
    Likes Received:
    140
    Trophy Points:
    103
    I don't think this will be an issue. You should be able to store all contacts/info in an encrypted way on DashDrive and locally decrypt in the client. And since the addresses are based on both users involved in the transaction they are also they only ones to know about it.
     
    • Like Like x 1
  23. camosoul

    camosoul Grizzled Member

    Joined:
    Sep 19, 2014
    Messages:
    2,256
    Likes Received:
    1,128
    Trophy Points:
    1,183
    My concern is that we hear "we'll fix it later" and then never do so...

    I can simply not use Evolution until it gets past this public testing phase... But will I be waiting for something that never happens? Just pacifying the masses pretty words, and no intention of following through? Once it's done, whatcha gonna do? We've seen this attitude expressed in the thread which spawned this one...

    MasterNode blinding?

    Any defense at all for MasterNodes?

    The attitude and the track record are both present...

    Why would I want my bank account exposed? I wouldn't, even if I have nothing to hide. That in itself is a dangerous premise... I find it deeply disturbing that DASH, the privacy coin, is taking the "if you have nothing to hide, you have nothing to fear" approach...

    What's the point of PS even existing? This is worse than re-using a Bitcoin address. It traces itself...

    This smells like the first step in conditioning us to accept the end of PS, and any privacy features DASH previously stood for.

    Why bother having a crypto layer at all, it's all usernames... Seems like PayPal is already doing this.

    Why not work on a denomination preservation system? So a send doesn't consolidate into a single VIN, but keeps the 10s and 1s, etc. denominated? No way to tell that TX from a mix... Dust, wasn't there supposed to be a dead change fix a few years ago?

    I guess there's no reason to bother when you're planning to nix PS anyway...
     
    #23 camosoul, Mar 24, 2018
    Last edited: Mar 24, 2018