Cryptocurency: Coin Privacy (re: US Homeland Security Can Now Track Privacy Crypto Monero)
On 9/9/20, Lee Clagett
The problem with Monaro, is that though it avoids the direct linking of transactions that bitcoin suffers from, it leaks a whole lot of data about networks of people transacting with each other
The problem is no worse than Bitcoin - did you intend to promote Zcash here?
So why should the underlying ZKP / Homomorphic tech behind Zcash not be promoted? And or in comparison to that which underlies Monero.
There's some negatives to that project that can be found via
Which technical negatives (beyond political, such as founder rewards)? Any in the underlying ZKP tech itself? No, properly executed "trusted setup" MPC is not really much appearing a weakness, but moreso a negative sounding misnomer seemingly bandied about by the competition without backing cause.
websearch, but the z-address transactions are (assuming no bugs or math errors) not leaking the information you describe.
As for "Bitcoin-like" coins, some privacy evolution beyond simple fuckme Bitcoin has occured in form of external and applicable CoinJoin/JoinMarket, CashShuffle, CashFusion. Taproot does not appear documented to lead to any real level of cryptographic, or even statistical, user privacy yet. But which coins, if any, are pursuing any of the above, or any other thought-to-be-at-least-reasonably-strong, privacy technologies... while at the same time eliminating the ridiculous legacy of first gen O(tx) based blockchain storing bloat forever mindset in favor of the much more storage and processing efficient O(utxo) model?
I don't think anyone has broken it - I certainly could not - but I expect that the adversaries are making efficient use of what it does leak - that they can find interesting information in what is out of scope of its security model.
Mind that always for any usage.
I favor Wasabi wallet, which mingles your bitcoins with those of a large number of other people.
Many wallets, for example in Bitcoin_Cash-BCH space are now integrating some of the above mix tech. Some of these mix tech can be apply to all sorts of coins, regardless of what other privacy tech the coin itself may or may not have.
The Lightning network ... but you then have the ... problem[s of]
Lightning is known to be quite problematic and a non-solution on many fronts.
On 2020-09-10 12:37, grarpamp wrote:
So why should the underlying ZKP / Homomorphic tech behind Zcash not be promoted?
Maybe it should be. But I would first have to understand it better. But what is killing bitcoin is its success - it is running headlong into the scaling law problems that I predicted in the beginning. There can only be one. One currency will rule the world. For it to be a privacy protecting cryptocurrency, it has to scale, and Zcash does not scale. Neither does bitcoin, but it scales a lot better than Zcash. Any crypto currency must start with a plan for world conquest.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Wednesday, September 9, 2020 10:37 PM, grarpamp
On 9/9/20, Lee Clagett forum@leeclagett.com wrote:
The problem with Monaro, is that though it avoids the direct linking of transactions that bitcoin suffers from, it leaks a whole lot of data about networks of people transacting with each other
The problem is no worse than Bitcoin - did you intend to promote Zcash here?
So why should the underlying ZKP / Homomorphic tech behind Zcash not be promoted? And or in comparison to that which underlies Monero.
I mentioned Zcash because it was not mentioned when I thought it should.
There's some negatives to that project that can be found via
Which technical negatives (beyond political, such as founder rewards)? Any in the underlying ZKP tech itself? No, properly executed "trusted setup" MPC is not really much appearing a weakness, but moreso a negative sounding misnomer seemingly bandied about by the competition without backing cause.
The opt-in privacy is the biggest drawback - it creates tracking opportunities for unaware users of how the technology works. This also reduces the privacy of other users. There's also the newer math assumptions involved. The basic mathematical assumptions (i.e. no proof) for Monero are hash-function behavior and ECDLP hardness which are identical to Bitcoin. The ring-signature _may_ have an additional small assumption, but iirc one of the math researchers reduced this to being identical to aforementioned assumptions. Whether this is a serious issue is debatable/subjective.
websearch, but the z-address transactions are (assuming no bugs or math errors) not leaking the information you describe.
As for "Bitcoin-like" coins, some privacy evolution beyond simple fuckme Bitcoin has occured in form of external and applicable CoinJoin/JoinMarket, CashShuffle, CashFusion. Taproot does not appear documented to lead to any real level of cryptographic, or even statistical, user privacy yet.
Taproot still leaks graph history and amounts. Ultimately this will help with linking public lightning channels (via capacity) to on-chain events. Taproot output swapping is also more difficult for this reason - JoinMarket (last I looked) was attempting a new order-book type to mitigate the public amounts on-chain. Using those order-types are going to be pretty rough, I'm not convinced they can pull it off _and_ get a decent amount of users.
But which coins, if any, are pursuing any of the above, or any other thought-to-be-at-least-reasonably-strong, privacy technologies... while at the same time eliminating the ridiculous legacy of first gen O(tx) based blockchain storing bloat forever mindset in favor of the much more storage and processing efficient O(utxo) model?
I'm not sure what you mean here. I hope the lightning network works - blockchain scaling is still a sore spot. I think the privacy from lightning network should be less than what the parrots are claiming. The actual privacy is likely to depend on the number of private (not publicly advertised) lightning channels.
I don't think anyone has broken it - I certainly could not - but I expect that the adversaries are making efficient use of what it does leak - that they can find interesting information in what is out of scope of its security model.
Mind that always for any usage.
I favor Wasabi wallet, which mingles your bitcoins with those of a large number of other people.
Many wallets, for example in Bitcoin_Cash-BCH space are now integrating some of the above mix tech. Some of these mix tech can be apply to all sorts of coins, regardless of what other privacy tech the coin itself may or may not have.
The Lightning network ... but you then have the ... problem[s of]
Lightning is known to be quite problematic and a non-solution on many fronts.
Lee
participants (3)
-
grarpamp -
jamesd@echeque.com -
Lee Clagett