Welcome to the Dash Forum!

Please sign up to discuss the most innovative cryptocurrency!

Poll: MN Operators, please respond

Discussion in 'General Discussion' started by GrandMasterDash, Apr 18, 2016.

?

Should we compel the core team to implement an anonymizing layer (i2p, tor etc)

  1. Yes, all MNs anonymized

    44.4%
  2. Yes, but MNOs choose IP based or anonymous

    27.8%
  3. No, all MNs should run on public IPs

    27.8%
  1. David

    David Well-known Member
    Dash Support Group

    Joined:
    Jun 21, 2014
    Messages:
    618
    Likes Received:
    628
    Trophy Points:
    163
    No disrespect intended, but regardless of the passage of a proposal, you cannot compel another person/group to write code.
     
  2. GrandMasterDash

    GrandMasterDash Well-known Member
    Masternode Owner/Operator

    Joined:
    Jul 12, 2015
    Messages:
    2,682
    Likes Received:
    959
    Trophy Points:
    183
    Yeah I guess, but they didn't mind asking to up the block size.. if we had said no, could we of forced them not to?
     
    • Like Like x 1
  3. David

    David Well-known Member
    Dash Support Group

    Joined:
    Jun 21, 2014
    Messages:
    618
    Likes Received:
    628
    Trophy Points:
    163
    True...but the block size hasn't yet been increased. They haven't written and deployed the code yet. When they do, the masternode network essentially votes again: they either update, or they don't. So to answer your question: yes, an overall "no" vote would effectively have been binding (not through voting, but through not updating).

    In any event, this topic has been discussed at length previously, and Evan said it was effectively impossible to run the MN network over Tor/I2P:

    https://dashtalk.org/threads/which-masternode-model-should-we-implement.4115/

    Tech may have changed since then, but at least at the time, it was a non-starter technically.

    P.S. I agree with you in principle...I wish it was possible (and hope it one day will be) for masternodes to be completely anonymous. Feds knocking on the doors of people running Tor exit servers...that's some scary stuff.
     
    • Like Like x 1
  4. n00bkid

    n00bkid New Member

    Joined:
    Oct 25, 2015
    Messages:
    26
    Likes Received:
    38
    Trophy Points:
    13
    The best way not to have a target on your back is for lots and lots of other people to be doing the same thing you're doing.

    There are 3700+ masternode instances around the world on public IPs. The best way to protect yourself is for that number to grow, not shrink.

    Dash on a slow anonymizing network will be the end of digital cash. Anything which slows down payments will end much of Dash's competitive advantage.

    If you're not willing to take on some risk to bring digital cash to the world -- and to profit massively from it in return -- you needn't run a masternode at all.
     
    • Like Like x 2
  5. GrandMasterDash

    GrandMasterDash Well-known Member
    Masternode Owner/Operator

    Joined:
    Jul 12, 2015
    Messages:
    2,682
    Likes Received:
    959
    Trophy Points:
    183
    3700 MNs but 52% are sitting on just four cloud services.. that's centralisation.

    For me, it's not a matter of risk, I simply wanted a better system for all of us. I'm not particularly bothered if dash does transform into a plc, goes legal, starts to do AML, blocking transactions and so on.. if that's the way it goes then so be it because I still have choice. But I am pointing out that dash is at risk of selling out and forgetting it's roots.
     
  6. David

    David Well-known Member
    Dash Support Group

    Joined:
    Jun 21, 2014
    Messages:
    618
    Likes Received:
    628
    Trophy Points:
    163
    Please read the link I posted above. Dash isn't selling anything out--what you are wanting, while it would be wonderful to have, is technologically impossible (or at least it was a year and a half ago).
     
  7. tungfa

    tungfa Administrator
    Dash Core Team Foundation Member Masternode Owner/Operator Moderator

    Joined:
    Apr 9, 2014
    Messages:
    8,961
    Likes Received:
    6,735
    Trophy Points:
    1,283
    I would not call this centralised
    http://178.254.23.111/~pub/Dash/Dash_Info.html
     
  8. GrandMasterDash

    GrandMasterDash Well-known Member
    Masternode Owner/Operator

    Joined:
    Jul 12, 2015
    Messages:
    2,682
    Likes Received:
    959
    Trophy Points:
    183
    Try selecting the "Distr. per ISP" tab...

    17.48 + 15.67 + 11.92 + 7.40 = 52.47%
    Choopa, OVH SAS, Amazon Technologies, Digital Ocean are all cloud services

    Four providers for more than half of all MNs
     
    #38 GrandMasterDash, Apr 21, 2016
    Last edited by a moderator: Apr 21, 2016
  9. tungfa

    tungfa Administrator
    Dash Core Team Foundation Member Masternode Owner/Operator Moderator

    Joined:
    Apr 9, 2014
    Messages:
    8,961
    Likes Received:
    6,735
    Trophy Points:
    1,283
    sure but that is the chicken / egg thing
    cheapest best providers will get most , this changes by time as we have seen over the last year , back in the day it was all Amazon and everybody screamed centralised (good reason) , now we have 4 (you are saying) , give it another year and it will be 8 and so on ... tech catches up and hosting gets cheaper :rolleyes: and so more distributed
     
    • Like Like x 2
  10. GrandMasterDash

    GrandMasterDash Well-known Member
    Masternode Owner/Operator

    Joined:
    Jul 12, 2015
    Messages:
    2,682
    Likes Received:
    959
    Trophy Points:
    183
    That's not really the point. Even if you distribute between 8 cloud services, they're all sitting on public IPs and mostly on US soil. What would it take to effectively take 3700 servers offline? - not much. If they were operating over tunnelled services then at least it wouldn't be immediately obvious which servers they were coming from; we'd be buying some valuable time. It's no different when people say bitcoin mining is centralised in China.. so here we have a critical network doing pretty much the same thing.

    Don't misunderstand me, I'm not anti-dash, I'm hoping for a better system for all involved. And I don't particularly care if dash takes this direction. I made this suggestion in the hope we can balance out our goals and not forget out roots, because right now it seems we sold our soul to fiat. At this point, I think there's a real chance that dash really will become Dash plc; putting profits before principles.

    Anyway, regardless, it seems it's not technically possible so unfortunately we'll just have to make do with what we have.
     
  11. crowning

    crowning Well-known Member

    Joined:
    May 29, 2014
    Messages:
    1,428
    Likes Received:
    2,005
    Trophy Points:
    183
    They could, with some serious efforts, take the 1200 US-based servers offline, which, by the way, could move somewhere else if needed. Maybe some more if you count US-based hosting companies.

    The other 2000-something servers are outside of the US.

    And, even when Americans often forget this, US-law does not apply in most of the civilized world.
     
    • Like Like x 2
  12. GrandMasterDash

    GrandMasterDash Well-known Member
    Masternode Owner/Operator

    Joined:
    Jul 12, 2015
    Messages:
    2,682
    Likes Received:
    959
    Trophy Points:
    183
    Yes I agree. When I setup my MNs, I purposely diversified and I didn't put them on cloud services, and I also spent a long time trying to find reliable hosts, even though that means less profit... and finding reliable hosts is so much harder than it sounds.
     
  13. Otaci

    Otaci Member

    Joined:
    Mar 5, 2016
    Messages:
    46
    Likes Received:
    49
    Trophy Points:
    58
    Its trivial to bring a masternode back up somewhere else.
     
  14. GrandMasterDash

    GrandMasterDash Well-known Member
    Masternode Owner/Operator

    Joined:
    Jul 12, 2015
    Messages:
    2,682
    Likes Received:
    959
    Trophy Points:
    183
    Obviously fortunate enough to of not experienced bad hosts...
     
  15. Otaci

    Otaci Member

    Joined:
    Mar 5, 2016
    Messages:
    46
    Likes Received:
    49
    Trophy Points:
    58
    Uh, actually I have. I used a really, really, cheap provider. As soon as I realized there was a problem writing to disk, I deleted it and spun up a new server in another provider
     
  16. demo

    demo Well-known Member

    Joined:
    Apr 23, 2016
    Messages:
    3,114
    Likes Received:
    263
    Trophy Points:
    153
    Dash Address:
    XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
    I am not a Master Node, but I voted.

    Should we compel the core team to implement an anonymizing layer (i2p, tor etc)
    1. *
      Yes, all MNs anonymized
      14 vote(s)
      35.9%
    2. Yes, but MNOs choose IP based or anonymous
      13 vote(s)
      33.3%
    3. No, all MNs should run on public IPs
      12 vote(s)
      30.8%

    The only way to compel core developers is to run Master Nodes that do not run their software, but (of course) they are complient to the Dash protocol.

    Which means that Master Nodes should ΝΟΤ respect the decision:

    "Masternode operators SHOULD be running 0.12.0.56 or greater!"
     
    #46 demo, Apr 23, 2016
    Last edited by a moderator: Apr 23, 2016
  17. demo

    demo Well-known Member

    Joined:
    Apr 23, 2016
    Messages:
    3,114
    Likes Received:
    263
    Trophy Points:
    153
    Dash Address:
    XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX

    Those who voted in favor of Master node anonymization, they have to answer the above quote.
    Otherwise, even if a decision in favor of anonymity is taken, this decision cannot be implemented.

    The core developer does not know any good solution so far. Does anyone know?
     
    #47 demo, Apr 23, 2016
    Last edited by a moderator: Apr 23, 2016
  18. demo

    demo Well-known Member

    Joined:
    Apr 23, 2016
    Messages:
    3,114
    Likes Received:
    263
    Trophy Points:
    153
    Dash Address:
    XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
    Although I voted for complete anonymity, I think the solution is:

    Yes, but MNOs choose IP based or anonymous

    And the IP based Masternodes should be forced by the protocol to behave also as reverse proxies to the anonymous nodes.

    So the answer is, of course we can run them on masternodes! Developers should create two types of masternodes, the anonymous ones and the IPbased ones (that are forced by the protocol to behave as reverse proxies to the anonymous ones).

    It is important always to maintain both anonymous and IPbased Master nodes. Because in case the IPbased master nodes are attacked somehow, the network will remain alive and will be able to recover.
    You could even force by the protocol for a percentage to be anonymous, and for another percentage to be IP based (but of course in that case masternode owners will not be total free to decide the type of their node, they will be relatively free within a boundary)
     
    #48 demo, Apr 23, 2016
    Last edited by a moderator: Apr 23, 2016
  19. crowning

    crowning Well-known Member

    Joined:
    May 29, 2014
    Messages:
    1,428
    Likes Received:
    2,005
    Trophy Points:
    183
    I've had a second though on this, and, aside from the fact that I'd help implement whatever will be decided, I think it's quite paradox to have a protocol running on a public network which itself heavily relies on public information (IPs, routing, broadcasting, etc.) and then try to hide exactly this information from the network.

    Possible? Yes.
    Easy or straightforward? Certainly not.

    You can drive your car from A to B and destroy all traffic cameras and innocent bystanders who might remember your license-plate and which highway you were driving on, but the obvious solution would be to not use your car and public roads. Just sayin' ...
     
    • Like Like x 1
  20. demo

    demo Well-known Member

    Joined:
    Apr 23, 2016
    Messages:
    3,114
    Likes Received:
    263
    Trophy Points:
    153
    Dash Address:
    XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX

    This is not the real case, your case is wrongly presented.

    The case is that you regularly use public roads, but just in case someone prohibits you to circulate, you must have some hidden roads as a backup. This is the reason why some anonymous masternodes are necessary to exist into the dash network, together with the IPbased nodes of course.

    I think the best solution is to have a constant poll, and decide dynamically the percentage of the anonymous and IPbased masternodes. And according to this voted percentage, some masternodes (selected randomly) must be forced to change anonymity state in the runtime and become IPbased masternodes (and vice versa) having a reverse proxy functionality that points to the hidden network. The poll of course should be protected, decentralized and mirrored into all the anonymous section of the dash network.

    It is very crucial to select randomly the IPbased and the anonymous masternodes in the runtime (according to the result of the appropriate poll that is always active, so that we can change the percentage of anonymous and IPbased masternodes in the runtime, according to the extend of the attack beeing made at the public dash network) because this randomness makes much more difficult the task of prohibiting the public dash network. The randomness can be calcutated using appropriate cryptographic protocols, among masternode owners.

    For example, lets suppose that the current result of this supposed permanent poll is the below:

    Should we compel the core team to implement an anonymizing layer (i2p, tor etc)
    1. *Yes, all MNs anonymized 15 vote(s) 37.5%
    2. Yes, but MNOs choose IP based or anonymous 13 vote(s) 32.5%
    3. No, all MNs should run on public IPs 12 vote(s) 30.0%
    So we should have 37.5% of anonymous nodes, 32.5% free to choose by the MNO, and 30% IPbased nodes. The IPbased and the anonymous nodes should be selected by the protocol randomly according to the current vote result, and the lucky (or unlucky) MNOs should be forced (by the protocol) to respect the decision of the protocol.


    I gave a solution above, so what about it? What do you think?

    UdjinM6, If you like my proposition, send me 0.00100000 dash here:

    XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX

    I would like my first duffs into my wallet to be send by you.
     
    #50 demo, Apr 23, 2016
    Last edited by a moderator: Apr 23, 2016
  21. UdjinM6

    UdjinM6 Official Dash Dev
    Dash Core Team Moderator

    Joined:
    May 20, 2014
    Messages:
    3,637
    Likes Received:
    3,536
    Trophy Points:
    1,183
    I think it won't work because even though at some point of a time only some % of MNs are IP-based but since selection is randomized it should actually cover all MNs in a period of time and every MN will be effectively de-anonymized after a while.
     
    • Like Like x 2
  22. demo

    demo Well-known Member

    Joined:
    Apr 23, 2016
    Messages:
    3,114
    Likes Received:
    263
    Trophy Points:
    153
    Dash Address:
    XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
    You are right. Especially for static IPs. I ll come back with another proposition.
    Do you consider dynamic IPs also as non anonymous?
     
  23. UdjinM6

    UdjinM6 Official Dash Dev
    Dash Core Team Moderator

    Joined:
    May 20, 2014
    Messages:
    3,637
    Likes Received:
    3,536
    Trophy Points:
    1,183
    I doubt you can get dynamic IP for a VPS instance. And even if you could you can't just get IP you like - they are provided from (ISP provider's) pool of IPs afaik and IP is linked to the user at the time session is started so it easy to find out who is/was behind some IP at some point of a time imo.

    Few more thoughts on the issue itself - you provide some billing info to pay for VPS you use to run MN and basically that's how MN operators are identified. Some services allow you to pay via crypto though and that can be considered a bit more anonymous way for MN operator already imo, we just need more of them to accept crypto to solve our issue ;)
     
  24. demo

    demo Well-known Member

    Joined:
    Apr 23, 2016
    Messages:
    3,114
    Likes Received:
    263
    Trophy Points:
    153
    Dash Address:
    XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
    Ok. Dynamic IP is not anonymous also.

    So I consider that as long as you are baptized by the protocol to become an anonymous master node, there is no return. You always remain anonymous and your IP should never be revealed, if you keep your desire to remain an anonymous one.

    I consider this as cornerstone specification, for my next proposal that will follow.
     
  25. crowning

    crowning Well-known Member

    Joined:
    May 29, 2014
    Messages:
    1,428
    Likes Received:
    2,005
    Trophy Points:
    183
    No.
    As long as you use public TCP/IP networks you don't have hidden roads. Socket = IP+port. No way around that.

    Existing anonymization implementations put a blanket over your head while driving, or change your car and/or license plate often, or let someone else drive with her car and hope she tells no one, or use a different road each day, or put your car on a truck to take it to a different place, or disassembles you body parts and transports each arm, leg etc. on a different road, or all of these together.

    Like I said, it certainly CAN be done this way, but it's paradox to do it so.
     
    • Like Like x 3
  26. demo

    demo Well-known Member

    Joined:
    Apr 23, 2016
    Messages:
    3,114
    Likes Received:
    263
    Trophy Points:
    153
    Dash Address:
    XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
    No, you are presenting an inaccurate and confused case. Lets be accurate of what anonymous means.

    Existing anonymization trip disassembles your car into several parts, it transports those parts into visible trucks (but opaque trucks so nobody can see what they carry inside) through public roads, but each truck follows a different public road. And then at the destination of the trip all trucks arrive not in the same time, they unload the part of your car they carry into your own room so nobody can see that part, and then you personally assemble the car.

    This is the excact case of an anonymous trip. This is how anonymous drive their car.
     
    #56 demo, Apr 24, 2016
    Last edited by a moderator: Apr 24, 2016
  27. GrandMasterDash

    GrandMasterDash Well-known Member
    Masternode Owner/Operator

    Joined:
    Jul 12, 2015
    Messages:
    2,682
    Likes Received:
    959
    Trophy Points:
    183
    Yeah, but it sounds better to say, "or disassembles you body parts and transports each arm, leg etc. on a different road". The most someone can find is one leg of the journey, which is completely armless
     
  28. demo

    demo Well-known Member

    Joined:
    Apr 23, 2016
    Messages:
    3,114
    Likes Received:
    263
    Trophy Points:
    153
    Dash Address:
    XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX
    This is my revised proposition.

    I think the best solution is to have a constant poll, and decide dynamically the percentage of the anonymous and IPbased masternodes. And according to this voted percentage, new masternodes (selected randomly) must be forced to become anonymous and other new masternodes must be forced to behave as reverse proxies to the hidden network. The poll of course should be protected, decentralized and mirrored into all the anonymous section of the dash network.

    It is very crucial to select randomly the IPbased and the anonymous new masternodes (according to the result of the appropriate poll that is always active, so that we can change the percentage of anonymous and IPbased new masternodes , according to the extend of the attack beeing made at the public dash network) because this randomness makes much more difficult the task of prohibiting the public dash network. The randomness can be calcutated using appropriate cryptographic protocols, among masternode owners.

    The old mastenodes, as long as they are baptized and randomly toοκ their anonymous state, they can remain (or even they are forced to remain) anonymous for ever.

    For example, lets suppose that the current result of this supposed permanent poll is the below:

    Should we compel the core team to implement an anonymizing layer (i2p, tor etc)
    1. *Yes, all MNs anonymized 15 vote(s) 37.5%
    2. Yes, but MNOs choose IP based or anonymous 13 vote(s) 32.5%
    3. No, all MNs should run on public IPs 12 vote(s) 30.0%
    So we should have 37.5% of anonymous nodes, 32.5% free to choose by the MNO, and 30% IPbased nodes. The IPbased and the anonymous nodes should be selected by the protocol randomly according to the current vote result, and the new arriving lucky (or unlucky) MNOs should be forced (by the protocol) to respect the decision of the protocol.

    In our currenct case 100% of the nodes are currently in public IPs, so all new arriving MN should be forced to become anonymous, until the precentage 37.5%-32.5%-30% is reached.



    I gave a solution above, so what about it? What do you think?
     
  29. GrandMasterDash

    GrandMasterDash Well-known Member
    Masternode Owner/Operator

    Joined:
    Jul 12, 2015
    Messages:
    2,682
    Likes Received:
    959
    Trophy Points:
    183
    I think part of the problem is that MNs on the hidden network will see noticeably lower returns, which is perfectly okay if it's a completely free choice but not going to work for those seeking a higher return. Some people, such as myself, would accept lower returns, but not everyone.

    Whatever happens, I think the devs should maybe take a closer look at this issue because this sample poll, albeit very small, is suggesting that 70% of MNOs want some kind of improvement to anonymity. And maybe they should try to modify how Evolution utilizes IPs just in case a technical solution is found sometime in the future.
     
  30. demo

    demo Well-known Member

    Joined:
    Apr 23, 2016
    Messages:
    3,114
    Likes Received:
    263
    Trophy Points:
    153
    Dash Address:
    XnpT2YQaYpyh7F9twM6EtDMn1TCDCEEgNX

    I dont think this is a problem. Anonymous nodes could receive by the protocol some extra returns just for being anonymous. The percentage of the compensation for being anonymous could be defined in the protocol, or alternatively voted among the masternode onwners.