so where are the 'second generation coins'...?
Instead of being special asshole you can go search and post some, make wiki compendium, or go create some new generation.
history record... blockchain... immutable
Immutability of value held in UTXO does not necessarily depend on having any sort of rollable tx log from genesis. That is indoctrinated ridgid thinking imparted by old school first gen BTC. If however way one does reach and accept consensus over any set of facts, then all that led up to everyone's knowledge of that or their own particular state in time is irrelevant and can be discarded. Yes there are many use cases for "blockchain" tech where history preservation, view keys, nonprivacy, industry, application integration, messaging, inventory, voting, and all sorts of other memes may be useful. The blockchain space is flooded with thousands of examples of those projects. But for cash/metal/chickens/etc, which in all of history rightly has none of those memes... those use cases are not relavant, and impede optimal solutions to a minimalist pure digital cash. All one ultimately needs to know is did their own nominal value increase/decrease in relation to another's by some mutually trusted mechanism [1], be it hand to hand, or over digital distance. 1) That final entry, that UTXO, is all one needs. 2) And note very clearly that cash/etc even goes further by its final UTXO not having any "inputs" record at all... cash is a private ideal state of self existance without reference to or dependence on anything else. Any "cryptocurrency" project that does not implement one of those two forms of UTXO, the second being the highest form, is not absolutely not worthy of calling itself a cryptocurrency version of cash/metal/chickens. Instead, it is a crypto intended to do a bunch of random other bloated appfeature shit, that in some cases might happen to have some tokenizable transferable value, these days usually back to its GovCorp stock/stake holders. [1] Including principles of known issuance, nominal values and the transaction network both within cost bounds of attack immunity, a network capable of holding and/or honoring the consensus over the UTXO state db it produces, etc, etc. Far too many projects are simply blindly following the "Satoshi" "Genesis -> blockchain stored forever" model, they're assuming that's the only way the problems can be solved. What most are not doing is enough research into discovering other ways, or into proving that there is no other way. Too little looking "beyond the now traditional blockchain". This ongoing fundamental science research, the calls for and support for it under recognition that today's technology is very first gen and nowhere near being a complete field of work, are what appears to not being done enough. Or in case it is being done, it's being drowned out in noise from all the first gen Satoshi model self maximilism projects trying to dominate the scene. That's nature, but will be quite fun when further novel research catches and embarrasses them all out of the scene for good. That's another reason why cross-chain DEX (distributed, anonymous, noncustodial, atomic, etc) must be an absolute research development priority now today... like the need to escape trap of GovCorp, you don't want to be trapped in legacy coin models for 10, 100's, 1000's years. Cross-chain DEX is the freedom oriented path out of those.
Bitcoin_Satoshi_Vision-BSV ... for information preservation
That and all the rest of the Satoshi models do not then have the minimal set of properties cash does, therefore they are something different from cash, a message/storage/token net whatever, they are not a minimal cash. They are clearly lacking its privacy, non-bloat-storage, scaleability properties, among others. BSV Craig Wright has even voiced and brought some things into BSV and coinspace theory and talk that many people including cryptoanarchists might find highly undesireable, and that Satoshi never spoke. From patents, to attitude, to police state, regulation, and more. All feel differently on BSV. It's still a satoshi type coin, and like all launched coins is already baked, can't evolve much or quickly, regardless if people want them to or not. Hardly such thing as a single cryptocurrency one can like, only a set of evolving technologies, capabilities, simplicities. Cryptocurrency technology still obviously very early days, no coin considered sacred or special or guaranteed to last to even 20 years out. Therefore... The self maximalist single-coin insanity cults out there... must end. The shilling of pointless shitcoins, getrichcoins, clonecoins, metoocoins, scamcoins, partnercoins, foundercoins, corpcoins, bankcoins, govcoins, governedcoins, taxedcoins, kyccoins, votercoins, votedcoins, stablecoins, waroncashcoins, antiprivacycoins, censorcoins, closedcoins, cabalcoins, preminedcoins, centralcoins... all fiatcoins in general... must end. Blocksize debate... is a random configuration setting, not a meaningful fundamental underlying wholesale part, class, or sector of cryptocurrency technology development... must end. Less of those, more conferences on some fundamentals... OG cryptoanarchy cryptocurrency philosophy and movement, privacy, etc. General ongoing cryptocurrency tech research advancement. Use a variety of whatever is available now, but must develop and adopt good cross-coin DEX tech to shift between in future. Hardly any are trying to do a real featureless cash-only privacy coin, or a true DEX. Only selfless altruists will forgo embedding their premine, ongoing skim, and governance... and try incorporating resistance tech. Those the crypto projects to look at. The rest fiat scams. Unfortunately today they probably number n<=10:2500, if you can find post or create them, indeed. https://www.youtube.com/watch?v=apI1T_w9GRM https://www.youtube.com/watch?v=UDydB3z-6Y0 https://www.youtube.com/watch?v=0-ogU3s2StM https://github.com/Blockstream/satellite https://www.youtube.com/results?search_query=antonopoulos+privacy
On Sat, 23 May 2020 23:28:12 -0400 grarpamp <grarpamp@gmail.com> wrote:
so where are the 'second generation coins'...?
Instead of being special asshole you can go search and post some,
no, you're the official google-jewtube spammer, posting 10s of useless links per day. So where are these systems that don't need a 'bloated blockchain'? I mean, are you drunk? You think people use bitcoin because they like to suffer? If 'bloated blockchains' are not needed, then WHERE THE FUCK are the 'coins' that don't use them? Are you aware that the only other half decent coin out there, monero, is at least 10 times as bloated as bitcoin (or would be, if it were used as much)
Immutability of value held in UTXO does not necessarily depend on having any sort of rollable tx log from genesis. That is indoctrinated ridgid thinking imparted by old school first gen BTC.
Show the functional description and implementations of those '2nd generation' coins, or shut the fuck up.
1) That final entry, that UTXO, is all one needs.
and how do you compute the UTXO genius? Oh, wait...
2) And note very clearly that cash/etc even goes further by its final UTXO not having any "inputs" record at all...
yeah, I think I extensively pointed out to you that metals and even govt paper are better than 'cryptocurrencies'. I guess I should be happy that you finally got the point...
cash is a private ideal state of self existance without reference to or dependence on anything else.
Any "cryptocurrency" project that does not implement one of those two forms of UTXO, the second being the highest form, is not absolutely not worthy of calling itself a cryptocurrency version of cash/metal/chickens.
go figure. So what's theoretical foundation for 'cryptocurrencies' that actually work? Oops, there's none.
I have reason to believe that the various Corp/Gov influences are disrupting the developers of the blockchains that will really address the current patterns of power. The new ideas grow from quiet people who develop in obscurity and then release (like bitcoin itself). For example, a cryptocurrency that backends a social network would put communication control in the hands of the people instead of marketing money and government filters: All the successful cryptocurrency-backended social networks are either closed source (akasha), transformed to something else (also akasha), centrally hosted (steem), or died from a surprise and lost their support base (qora). Doing projects in a way that has all the attributes is obvious: but the projects that do this and stay alive have evolved to not be found by process of natural selection. We could support a public one by being aware of the danger, discussing it, and taking action to waylay it. I had some success with BSV by warning the devs about the situation a little before posting new materials to their chain. This meant what I said would be taken more seriously if the problems I described arose. The chinese gateway I was using to access the files no longer serves the protocol they use, but it is simply a small maintenance issue that anyone could fix by simply talking about it persistently while demonstrating ability to fix it. Maybe what punk-stasi is raising is, is there a good blockchain or development community to provide support for that might grow to be better? I am using BSV only because it lets me store undeletable data easily, which I need. I do not really use money myself, but appreciate how more free economies can reduce global harm by sharing power. I believe bitcoin core to be the most secure. It sounds like the answer is crosschain technology. A community for such technology would probably have a lot of links to "third-gen" obscure altcoins struggling to resolve all the "obvious" problems. On Sun, May 24, 2020, 1:39 AM Punk-Stasi 2.0 <punks@tfwno.gf> wrote:
On Sat, 23 May 2020 23:28:12 -0400 grarpamp <grarpamp@gmail.com> wrote:
so where are the 'second generation coins'...?
Instead of being special asshole you can go search and post some,
no, you're the official google-jewtube spammer, posting 10s of useless links per day. So where are these systems that don't need a 'bloated blockchain'?
I mean, are you drunk? You think people use bitcoin because they like to suffer? If 'bloated blockchains' are not needed, then WHERE THE FUCK are the 'coins' that don't use them?
Are you aware that the only other half decent coin out there, monero, is at least 10 times as bloated as bitcoin (or would be, if it were used as much)
Immutability of value held in UTXO does not necessarily depend on having any sort of rollable tx log from genesis. That is indoctrinated ridgid thinking imparted by old school first gen BTC.
Show the functional description and implementations of those '2nd generation' coins, or shut the fuck up.
1) That final entry, that UTXO, is all one needs.
and how do you compute the UTXO genius? Oh, wait...
2) And note very clearly that cash/etc even goes further by its final UTXO not having any "inputs" record at all...
yeah, I think I extensively pointed out to you that metals and even govt paper are better than 'cryptocurrencies'. I guess I should be happy that you finally got the point...
cash is a private ideal state of self existance without reference to or dependence on anything else.
Any "cryptocurrency" project that does not implement one of those two forms of UTXO, the second being the highest form, is not absolutely not worthy of calling itself a cryptocurrency version of cash/metal/chickens.
go figure. So what's theoretical foundation for 'cryptocurrencies' that actually work? Oops, there's none.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Sunday, May 24, 2020 10:02 AM, Karl <gmkarl@gmail.com> wrote:
I have reason to believe that the various Corp/Gov influences are disrupting the developers of the blockchains that will really address the current patterns of power.
The new ideas grow from quiet people who develop in obscurity and then release (like bitcoin itself).
For example, a cryptocurrency that backends a social network would put communication control in the hands of the people instead of marketing money and government filters: All the successful cryptocurrency-backended social networks are either closed source (akasha), transformed to something else (also akasha), centrally hosted (steem), or died from a surprise and lost their support base (qora).
Doing projects in a way that has all the attributes is obvious: but the projects that do this and stay alive have evolved to not be found by process of natural selection.
We could support a public one by being aware of the danger, discussing it, and taking action to waylay it. I had some success with BSV by warning the devs about the situation a little before posting new materials to their chain. This meant what I said would be taken more seriously if the problems I described arose. The chinese gateway I was using to access the files no longer serves the protocol they use, but it is simply a small maintenance issue that anyone could fix by simply talking about it persistently while demonstrating ability to fix it.
Maybe what punk-stasi is raising is, is there a good blockchain or development community to provide support for that might grow to be better? I am using BSV only because it lets me store undeletable data easily, which I need. I do not really use money myself, but appreciate how more free economies can reduce global harm by sharing power.
I believe bitcoin core to be the most secure.
It sounds like the answer is crosschain technology. A community for such technology would probably have a lot of links to "third-gen" obscure altcoins struggling to resolve all the "obvious" problems.
On Sun, May 24, 2020, 1:39 AM Punk-Stasi 2.0 <punks@tfwno.gf> wrote:
On Sat, 23 May 2020 23:28:12 -0400 grarpamp <grarpamp@gmail.com> wrote:
so where are the 'second generation coins'...?
Instead of being special asshole you can go search and post some,
no, you're the official google-jewtube spammer, posting 10s of useless links per day. So where are these systems that don't need a 'bloated blockchain'?
I mean, are you drunk? You think people use bitcoin because they like to suffer? If 'bloated blockchains' are not needed, then WHERE THE FUCK are the 'coins' that don't use them?
Are you aware that the only other half decent coin out there, monero, is at least 10 times as bloated as bitcoin (or would be, if it were used as much)
Immutability of value held in UTXO does not necessarily depend on having any sort of rollable tx log from genesis. That is indoctrinated ridgid thinking imparted by old school first gen BTC.
Show the functional description and implementations of those '2nd generation' coins, or shut the fuck up.
1) That final entry, that UTXO, is all one needs.
and how do you compute the UTXO genius? Oh, wait...
roughly, utxo + tx = new utxo (then forget prev utxo)
2) And note very clearly that cash/etc even goes further by its final UTXO not having any "inputs" record at all...
Possible if the blockchain is designed as a state block (yet not a chain)
yeah, I think I extensively pointed out to you that metals and even govt paper are better than 'cryptocurrencies'. I guess I should be happy that you finally got the point...
cash is a private ideal state of self existance without reference to or dependence on anything else.
Any "cryptocurrency" project that does not implement one of those two forms of UTXO, the second being the highest form, is not absolutely not worthy of calling itself a cryptocurrency version of cash/metal/chickens.
go figure. So what's theoretical foundation for 'cryptocurrencies' that actually work? Oops, there's none.
I feel a bit sad, bcs nobody cares about USPS, even though it looks like matching all the stuff you say about desirable coins (with the exception of the opening of the source code, which I stated will come after finding angel investor and create dev-community) I believe this is the only mind-blocking anti-feature. Correct me if there is any other major complain about USPS
On Fri, 05 Jun 2020 20:02:14 +0000 "other.arkitech" <other.arkitech@protonmail.com> wrote:
I feel a bit sad, bcs nobody cares about USPS, even though it looks like matching all the stuff you say about desirable coins (with the exception of the opening of the source code, which I stated will come after finding angel investor and create dev-community) I believe this is the only mind-blocking anti-feature.
Correct me if there is any other major complain about USPS
so your system doesn't have a bloated chain, which is nice. The 'consensus' is handled by voting...based one IP address one vote. But how robust is relying on IP addresses at the end of the day? then what about privacy? The fact that nodes don't keep the history doesn't mean it isn't trivial for anybody to keep a copy of all transactions. So, are you using techniques like, say, those used by monero to hide amounts and senders/receivers?
There is no application for cryptocurrencies other than the creation of a virtual economy for the movement of virtual goods and services offered online. Cryptocurrencies are valued at, what? $10BillionUS? Whatever it is, it is an injection of a foreign (yet still somewhat pure) money system into a karmically-entangled one. YOU DON'T WANT THAT. If you entangle your new money with the old one, it won't do anything but create a dystopia like Blade Runner without any real Justice or corrections of history. No, you need to be sophisticated... Marcos On 6/5/20, Punk-Stasi 2.0 <punks@tfwno.gf> wrote:
On Fri, 05 Jun 2020 20:02:14 +0000 "other.arkitech" <other.arkitech@protonmail.com> wrote:
I feel a bit sad, bcs nobody cares about USPS, even though it looks like matching all the stuff you say about desirable coins (with the exception of the opening of the source code, which I stated will come after finding angel investor and create dev-community) I believe this is the only mind-blocking anti-feature.
Correct me if there is any other major complain about USPS
so your system doesn't have a bloated chain, which is nice. The 'consensus' is handled by voting...based one IP address one vote. But how robust is relying on IP addresses at the end of the day?
then what about privacy? The fact that nodes don't keep the history doesn't mean it isn't trivial for anybody to keep a copy of all transactions. So, are you using techniques like, say, those used by monero to hide amounts and senders/receivers?
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Friday, June 5, 2020 10:26 PM, Punk-Stasi 2.0 <punks@tfwno.gf> wrote:
On Fri, 05 Jun 2020 20:02:14 +0000 "other.arkitech" other.arkitech@protonmail.com wrote:
I feel a bit sad, bcs nobody cares about USPS, even though it looks like matching all the stuff you say about desirable coins (with the exception of the opening of the source code, which I stated will come after finding angel investor and create dev-community) I believe this is the only mind-blocking anti-feature. Correct me if there is any other major complain about USPS
so your system doesn't have a bloated chain, which is nice. The 'consensus' is handled by voting...based one IP address one vote. But how robust is relying on IP addresses at the end of the day?
IPv4 provides unique features no other protocol has. address space is saturated (scarce) and addresses are not cheap. It is a a nice tool for Sybil control
then what about privacy? The fact that nodes don't keep the history doesn't mean it isn't trivial for anybody to keep a copy of all transactions. So, are you using techniques like, say, those used by monero to hide amounts and senders/receivers?
That's a good one. tl;dr; planned feature. Monero, AFAIK, makes it difficult not impossible to trace transactions. So it adds some obfuscation. If validation nodes are open source at some point in the code they have to do the basic math. Other thing is that this math is done not by all nodes but only some of the nodes. That's the difficulty for a listener node to catch all transactions. In USPS, as long as the network is big, it makes harder -not impossible- to reconstruct the state from recorded transactions because nodes handle only a fraction of the traffic. Still, addresses are anonymous, and nodes mix all of them as they arrive, making the equivalent of a big tx with many inputs-many outputs on every consensus cycle. Still yes, individual tx can be recorded as they arrive with a trivial patch. This would allow to follow the money across anonymous accounts. And this could lead to potential associations with separate events (e.g. I buy something and then I buy other thing; an observer could find a parallelism using time and sequence to narrow or find out addresses belonging to me). I have ideas to tackle these cases which are very real theoretically, although only for a minority of people would result of some real concern (to me is a concern)) To be added in the future, as the concern grows bigger, a mixer implemented as a public algorithm (my name for ~smart contract). With this feature one could use it anytime they can break the potential traceability of their money moves, which is already difficult if the network is big. Privacy to me falls more on the ability to do real P2P end2end (real end2end) encrypted trades between 2 nodes without awareness of the rest. Yet Thanks 4 digging OA
On Fri, Jun 05, 2020 at 11:28:30PM +0000, other.arkitech wrote:
In USPS, as long as the network is big, it makes harder -not impossible- to reconstruct the state from recorded transactions because nodes handle only a fraction of the traffic.
Still, addresses are anonymous,
I don't believe this statement to be correct.
and nodes mix all of them as they arrive,
Your mixing protocol will need to be well documented at some point, this is not the easiest problem. For example, can a mixing protocol help to handle rogue clients (CIA writes their own USPS client) which does things it should not do, or does not do things it should do? Some issues can be handled by protocol - as in, verifiable/ enforced by other clients - some cannot, and so those fail paths must be considered - are they important, do they only matter when predator nodes reach 50%+1, or whatever...
making the equivalent of a big tx with many inputs-many outputs on every consensus cycle.
Mixing may be good, may also have downside (?), but needs analysis by a number of people to assess benefits/problems.
Still yes, individual tx can be recorded as they arrive with a trivial patch. This would allow to follow the money across anonymous accounts. And this could lead to potential associations with separate events (e.g. I buy something and then I buy other thing; an observer could find a parallelism using time and sequence to narrow or find out addresses belonging to me).
Also, IPv4 addresses are directly mapped to end users by ISPs therefore governments. ISTM that this mandatory use of IPv4 address actually precludes the possibility of true/proper/possible anonymous transactions - if this view/intuition is true, then this feature would make USPS a non starter for many folks ...
I have ideas to tackle these cases which are very real theoretically, although only for a minority of people would result of some real concern (to me is a concern))
To be added in the future, as the concern grows bigger, a mixer implemented as a public algorithm (my name for ~smart contract). With this feature one could use it anytime they can break the potential traceability of their money moves, which is already difficult if the network is big.
Privacy to me falls more on the ability to do real P2P end2end (real end2end) encrypted trades between 2 nodes without awareness of the rest.
Except for time being, AIUI, you are demanding at the protocol level, an IPv4 address to transact... Good luck,
On Fri, Jun 5, 2020, 7:29 PM other.arkitech <other.arkitech@protonmail.com> wrote:
so your system doesn't have a bloated chain, which is nice. The 'consensus' is handled by voting...based one IP address one vote. But how robust is relying on IP addresses at the end of the day?
IPv4 provides unique features no other protocol has. address space is saturated (scarce) and addresses are not cheap. It is a a nice tool for Sybil control
OA, when you say this people start disregarding what you say because it is false. Any software developer can get thousands of IP addresses by altering a piece of pirated software to include something new of their own design and sharing it in a venue where it hasn't been shared on before. There are many many other ways and people _think_ of them, _use_ them, are _observed_ using them, and things spread and grow. Relying on IPv4 scarcity is great because it makes it a lot harder to compromise that aspect of the network for the _average_ person. And your software is small so nobody is going to try to compromise it for any serious reason. If it is a valuable idea, then once it is open source people will discuss and fix security vulnerabilites, but you should be aware that they exist so you can relate around them.
Sent with [ProtonMail](https://protonmail.com) Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 10:17 AM, Karl <gmkarl@gmail.com> wrote:
On Fri, Jun 5, 2020, 7:29 PM other.arkitech <other.arkitech@protonmail.com> wrote:
so your system doesn't have a bloated chain, which is nice. The 'consensus' is handled by voting...based one IP address one vote. But how robust is relying on IP addresses at the end of the day?
IPv4 provides unique features no other protocol has. address space is saturated (scarce) and addresses are not cheap. It is a a nice tool for Sybil control
OA, when you say this people start disregarding what you say because it is false.
Any software developer can get thousands of IP addresses by altering a piece of pirated software to include something new of their own design and sharing it in a venue where it hasn't been shared on before. There are many many other ways and people _think_ of them, _use_ them, are _observed_ using them, and things spread and grow.
what? any developer geting thousands of public IPv4 addresses by modifying software? Nop. That's not true. (Or I haven't understood well what you say)
Relying on IPv4 scarcity is great because it makes it a lot harder to compromise that aspect of the network for the _average_ person. And your software is small so nobody is going to try to compromise it for any serious reason. If it is a valuable idea, then once it is open source people will discuss and fix security vulnerabilites, but you should be aware that they exist so you can relate around them.
Yes, I hope a public review of the code will catch a few impl glitches, hopefully not any affecting the design
On Sat, Jun 6, 2020, 7:18 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with ProtonMail <https://protonmail.com> Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 10:17 AM, Karl <gmkarl@gmail.com> wrote:
On Fri, Jun 5, 2020, 7:29 PM other.arkitech <other.arkitech@protonmail.com> wrote:
so your system doesn't have a bloated chain, which is nice. The 'consensus' is handled by voting...based one IP address one vote. But how robust is relying on IP addresses at the end of the day?
IPv4 provides unique features no other protocol has. address space is saturated (scarce) and addresses are not cheap. It is a a nice tool for Sybil control
OA, when you say this people start disregarding what you say because it is false.
Any software developer can get thousands of IP addresses by altering a piece of pirated software to include something new of their own design and sharing it in a venue where it hasn't been shared on before. There are many many other ways and people _think_ of them, _use_ them, are _observed_ using them, and things spread and grow.
what? any developer geting thousands of public IPv4 addresses by modifying software? Nop. That's not true. (Or I haven't understood well what you say)
People go to places on the internet to download things. Others can upload things to those places to download. You can upload something that lies about what it is doing, and gives you use of the ip address of the downloader's computer when run. Do you understand? It sounds like this is surprising to you?
Sent with [ProtonMail](https://protonmail.com) Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 11:38 AM, Karl <gmkarl@gmail.com> wrote:
On Sat, Jun 6, 2020, 7:18 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with [ProtonMail](https://protonmail.com) Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 10:17 AM, Karl <gmkarl@gmail.com> wrote:
On Fri, Jun 5, 2020, 7:29 PM other.arkitech <other.arkitech@protonmail.com> wrote:
so your system doesn't have a bloated chain, which is nice. The 'consensus' is handled by voting...based one IP address one vote. But how robust is relying on IP addresses at the end of the day?
IPv4 provides unique features no other protocol has. address space is saturated (scarce) and addresses are not cheap. It is a a nice tool for Sybil control
OA, when you say this people start disregarding what you say because it is false.
Any software developer can get thousands of IP addresses by altering a piece of pirated software to include something new of their own design and sharing it in a venue where it hasn't been shared on before. There are many many other ways and people _think_ of them, _use_ them, are _observed_ using them, and things spread and grow.
what? any developer geting thousands of public IPv4 addresses by modifying software? Nop. That's not true. (Or I haven't understood well what you say)
People go to places on the internet to download things. Others can upload things to those places to download. You can upload something that lies about what it is doing, and gives you use of the ip address of the downloader's computer when run. Do you understand?
It sounds like this is surprising to you?
so you refer to computers running malware, that case is contemplated in the design as an 'evil node'
On Sat, Jun 6, 2020, 7:49 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with ProtonMail <https://protonmail.com> Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 11:38 AM, Karl <gmkarl@gmail.com> wrote:
On Sat, Jun 6, 2020, 7:18 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with ProtonMail <https://protonmail.com> Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 10:17 AM, Karl <gmkarl@gmail.com> wrote:
On Fri, Jun 5, 2020, 7:29 PM other.arkitech < other.arkitech@protonmail.com> wrote:
so your system doesn't have a bloated chain, which is nice. The 'consensus' is handled by voting...based one IP address one vote. But how robust is relying on IP addresses at the end of the day?
IPv4 provides unique features no other protocol has. address space is saturated (scarce) and addresses are not cheap. It is a a nice tool for Sybil control
OA, when you say this people start disregarding what you say because it is false.
Any software developer can get thousands of IP addresses by altering a piece of pirated software to include something new of their own design and sharing it in a venue where it hasn't been shared on before. There are many many other ways and people _think_ of them, _use_ them, are _observed_ using them, and things spread and grow.
what? any developer geting thousands of public IPv4 addresses by modifying software? Nop. That's not true. (Or I haven't understood well what you say)
People go to places on the internet to download things. Others can upload things to those places to download. You can upload something that lies about what it is doing, and gives you use of the ip address of the downloader's computer when run. Do you understand?
It sounds like this is surprising to you?
so you refer to computers running malware, that case is contemplated in the design as an 'evil node'
it sounds like you haven't addressed a sybil attack from massively distributed malware, which is fine nobody can cover everything. not sure where the design lives.
Sent with [ProtonMail](https://protonmail.com) Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 12:00 PM, Karl <gmkarl@gmail.com> wrote:
On Sat, Jun 6, 2020, 7:49 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with [ProtonMail](https://protonmail.com) Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 11:38 AM, Karl <gmkarl@gmail.com> wrote:
On Sat, Jun 6, 2020, 7:18 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with [ProtonMail](https://protonmail.com) Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 10:17 AM, Karl <gmkarl@gmail.com> wrote:
On Fri, Jun 5, 2020, 7:29 PM other.arkitech <other.arkitech@protonmail.com> wrote:
> so your system doesn't have a bloated chain, which is nice. The 'consensus' is handled by voting...based one IP address one vote. But how robust is relying on IP addresses at the end of the day? >
IPv4 provides unique features no other protocol has. address space is saturated (scarce) and addresses are not cheap. It is a a nice tool for Sybil control
OA, when you say this people start disregarding what you say because it is false.
Any software developer can get thousands of IP addresses by altering a piece of pirated software to include something new of their own design and sharing it in a venue where it hasn't been shared on before. There are many many other ways and people _think_ of them, _use_ them, are _observed_ using them, and things spread and grow.
what? any developer geting thousands of public IPv4 addresses by modifying software? Nop. That's not true. (Or I haven't understood well what you say)
People go to places on the internet to download things. Others can upload things to those places to download. You can upload something that lies about what it is doing, and gives you use of the ip address of the downloader's computer when run. Do you understand?
It sounds like this is surprising to you?
so you refer to computers running malware, that case is contemplated in the design as an 'evil node'
it sounds like you haven't addressed a sybil attack from massively distributed malware, which is fine nobody can cover everything. not sure where the design lives.
If the malware is distributed in a bigger scale than the honest software, indeed, the evil network becomes the 'honest' one to the eyes of the software, that's 51% attack. Provided a world distribution of people that can be evil/honest of 80%-20%, the likeliness of an evil network overtaking the honest one is lower than the opposite. The evil network wont work if many evil nodes run behind same IP, so the malware must meet the same distribution enforcement applied to the honest net. Nodes running malware must be geographically distributed, so local marketplaces spreading malware have less chances to spread worldwide in order to compromise the network.
On Sat, Jun 6, 2020, 8:14 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with ProtonMail <https://protonmail.com> Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 12:00 PM, Karl <gmkarl@gmail.com> wrote:
On Sat, Jun 6, 2020, 7:49 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with ProtonMail <https://protonmail.com> Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 11:38 AM, Karl <gmkarl@gmail.com> wrote:
On Sat, Jun 6, 2020, 7:18 AM other.arkitech < other.arkitech@protonmail.com> wrote:
Sent with ProtonMail <https://protonmail.com> Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 10:17 AM, Karl <gmkarl@gmail.com> wrote:
On Fri, Jun 5, 2020, 7:29 PM other.arkitech < other.arkitech@protonmail.com> wrote:
so your system doesn't have a bloated chain, which is nice. The 'consensus' is handled by voting...based one IP address one vote. But how robust is relying on IP addresses at the end of the day?
IPv4 provides unique features no other protocol has. address space is saturated (scarce) and addresses are not cheap. It is a a nice tool for Sybil control
OA, when you say this people start disregarding what you say because it is false.
Any software developer can get thousands of IP addresses by altering a piece of pirated software to include something new of their own design and sharing it in a venue where it hasn't been shared on before. There are many many other ways and people _think_ of them, _use_ them, are _observed_ using them, and things spread and grow.
what? any developer geting thousands of public IPv4 addresses by modifying software? Nop. That's not true. (Or I haven't understood well what you say)
People go to places on the internet to download things. Others can upload things to those places to download. You can upload something that lies about what it is doing, and gives you use of the ip address of the downloader's computer when run. Do you understand?
It sounds like this is surprising to you?
so you refer to computers running malware, that case is contemplated in the design as an 'evil node'
it sounds like you haven't addressed a sybil attack from massively distributed malware, which is fine nobody can cover everything. not sure where the design lives.
If the malware is distributed in a bigger scale than the honest software, indeed, the evil network becomes the 'honest' one to the eyes of the software, that's 51% attack.
Provided a world distribution of people that can be evil/honest of 80%-20%, the likeliness of an evil network overtaking the honest one is lower than the opposite.
The evil network wont work if many evil nodes run behind same IP, so the malware must meet the same distribution enforcement applied to the honest net. Nodes running malware must be geographically distributed, so local marketplaces spreading malware have less chances to spread worldwide in order to compromise the network.
I'm not sure you're hearing me when I say that one person is able to distribute malware to thousands (or more) of other people worldwide, producing a sybil attack from an individual. Is this something you're able to repeat back to me? It sounds like you have an expectation around handling this? I also see no reason a malware marketplace would not spread worldwide. Really struggling to communicate here. I understand you need to know your software is given a fair trial to actually run, is that correct?
Sent with [ProtonMail](https://protonmail.com) Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 1:28 PM, Karl <gmkarl@gmail.com> wrote:
On Sat, Jun 6, 2020, 8:14 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with [ProtonMail](https://protonmail.com) Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 12:00 PM, Karl <gmkarl@gmail.com> wrote:
On Sat, Jun 6, 2020, 7:49 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with [ProtonMail](https://protonmail.com) Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 11:38 AM, Karl <gmkarl@gmail.com> wrote:
On Sat, Jun 6, 2020, 7:18 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with [ProtonMail](https://protonmail.com) Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 10:17 AM, Karl <gmkarl@gmail.com> wrote:
> On Fri, Jun 5, 2020, 7:29 PM other.arkitech <other.arkitech@protonmail.com> wrote: > >>> so your system doesn't have a bloated chain, which is nice. The 'consensus' is handled by voting...based one IP address one vote. But how robust is relying on IP addresses at the end of the day? >>> >> >> IPv4 provides unique features no other protocol has. address space is saturated (scarce) and addresses are not cheap. It is a a nice tool for Sybil control > > OA, when you say this people start disregarding what you say because it is false. > > Any software developer can get thousands of IP addresses by altering a piece of pirated software to include something new of their own design and sharing it in a venue where it hasn't been shared on before. There are many many other ways and people _think_ of them, _use_ them, are _observed_ using them, and things spread and grow.
what? any developer geting thousands of public IPv4 addresses by modifying software? Nop. That's not true. (Or I haven't understood well what you say)
People go to places on the internet to download things. Others can upload things to those places to download. You can upload something that lies about what it is doing, and gives you use of the ip address of the downloader's computer when run. Do you understand?
It sounds like this is surprising to you?
so you refer to computers running malware, that case is contemplated in the design as an 'evil node'
it sounds like you haven't addressed a sybil attack from massively distributed malware, which is fine nobody can cover everything. not sure where the design lives.
If the malware is distributed in a bigger scale than the honest software, indeed, the evil network becomes the 'honest' one to the eyes of the software, that's 51% attack.
Provided a world distribution of people that can be evil/honest of 80%-20%, the likeliness of an evil network overtaking the honest one is lower than the opposite.
The evil network wont work if many evil nodes run behind same IP, so the malware must meet the same distribution enforcement applied to the honest net. Nodes running malware must be geographically distributed, so local marketplaces spreading malware have less chances to spread worldwide in order to compromise the network.
I'm not sure you're hearing me when I say that one person is able to distribute malware to thousands (or more) of other people worldwide, producing a sybil attack from an individual. Is this something you're able to repeat back to me? It sounds like you have an expectation around handling this?
i though i gave a fair response. i understand you say that many computers can be infected of malware by a single individual who is creating an attacking botnet. An I said such botnet must be bigger than the network to succeed. The security of USPS depends on the number of nodes, the bigger the best.
I also see no reason a malware marketplace would not spread worldwide.
no technical reason, obviously it is flat internet. But people operate in cultures, I mean that a malware disguised say for instance inside a pirate copy of photoshop will only be spread across those who use photoshop who are not caring about malware, not all possible computers.
Really struggling to communicate here. I understand you need to know your software is given a fair trial to actually run, is that correct?
Sorry about that if that's my fault. I try to respond with what I think about the attack vector you describe. I am try to honestly persuade you guys to try USPS if you're really interested in it as a next-gen cryptocurrency system. My interest is to gain users that can explore every corner of it, in order to find gaps, failures, etc. Just helping me in its development.
On Sat, Jun 6, 2020, 9:48 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with ProtonMail <https://protonmail.com> Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 1:28 PM, Karl <gmkarl@gmail.com> wrote:
On Sat, Jun 6, 2020, 8:14 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with ProtonMail <https://protonmail.com> Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 12:00 PM, Karl <gmkarl@gmail.com> wrote:
On Sat, Jun 6, 2020, 7:49 AM other.arkitech < other.arkitech@protonmail.com> wrote:
Sent with ProtonMail <https://protonmail.com> Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 11:38 AM, Karl <gmkarl@gmail.com> wrote:
On Sat, Jun 6, 2020, 7:18 AM other.arkitech < other.arkitech@protonmail.com> wrote:
Sent with ProtonMail <https://protonmail.com> Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 10:17 AM, Karl <gmkarl@gmail.com> wrote:
On Fri, Jun 5, 2020, 7:29 PM other.arkitech < other.arkitech@protonmail.com> wrote:
so your system doesn't have a bloated chain, which is nice. The 'consensus' is handled by voting...based one IP address one vote. But how robust is relying on IP addresses at the end of the day?
IPv4 provides unique features no other protocol has. address space is saturated (scarce) and addresses are not cheap. It is a a nice tool for Sybil control
OA, when you say this people start disregarding what you say because it is false.
Any software developer can get thousands of IP addresses by altering a piece of pirated software to include something new of their own design and sharing it in a venue where it hasn't been shared on before. There are many many other ways and people _think_ of them, _use_ them, are _observed_ using them, and things spread and grow.
what? any developer geting thousands of public IPv4 addresses by modifying software? Nop. That's not true. (Or I haven't understood well what you say)
People go to places on the internet to download things. Others can upload things to those places to download. You can upload something that lies about what it is doing, and gives you use of the ip address of the downloader's computer when run. Do you understand?
It sounds like this is surprising to you?
so you refer to computers running malware, that case is contemplated in the design as an 'evil node'
it sounds like you haven't addressed a sybil attack from massively distributed malware, which is fine nobody can cover everything. not sure where the design lives.
If the malware is distributed in a bigger scale than the honest software, indeed, the evil network becomes the 'honest' one to the eyes of the software, that's 51% attack.
Provided a world distribution of people that can be evil/honest of 80%-20%, the likeliness of an evil network overtaking the honest one is lower than the opposite.
The evil network wont work if many evil nodes run behind same IP, so the malware must meet the same distribution enforcement applied to the honest net. Nodes running malware must be geographically distributed, so local marketplaces spreading malware have less chances to spread worldwide in order to compromise the network.
I'm not sure you're hearing me when I say that one person is able to distribute malware to thousands (or more) of other people worldwide, producing a sybil attack from an individual. Is this something you're able to repeat back to me? It sounds like you have an expectation around handling this?
i though i gave a fair response. i understand you say that many computers can be infected of malware by a single individual who is creating an attacking botnet. An I said such botnet must be bigger than the network to succeed.
The security of USPS depends on the number of nodes, the bigger the best.
Thanks. It is actually reasonable to create a botnet that covers an entire sector of the world (such as everybody running ubuntu 20 or windows 10 or the latest iOS) by finding, developing, or observing an unpatched exploit. With more than one exploit a botnet developer could cover multiple such sectors. I imagine this would usually produce more ip addresses than a specific network service like USPS uses. This concern is one of the ones USPS hasn't been acknowledging. Even bitcoin has unaddressed security concerns. The use of scarce ip address alotment to make it less worthwhile to perform some sybil attacks than to use other means to achieve an end is also used by IPFS, last I looked.
I also see no reason a malware marketplace would not spread worldwide.
no technical reason, obviously it is flat internet. But people operate in cultures, I mean that a malware disguised say for instance inside a pirate copy of photoshop will only be spread across those who use photoshop who are not caring about malware, not all possible computers.
Really struggling to communicate here. I understand you need to know your software is given a fair trial to actually run, is that correct?
Sorry about that if that's my fault. I try to respond with what I think about the attack vector you describe.
I am try to honestly persuade you guys to try USPS if you're really interested in it as a next-gen cryptocurrency system. My interest is to gain users that can explore every corner of it, in order to find gaps, failures, etc. Just helping me in its development.
Sent with [ProtonMail](https://protonmail.com) Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 2:00 PM, Karl <gmkarl@gmail.com> wrote:
On Sat, Jun 6, 2020, 9:48 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with [ProtonMail](https://protonmail.com) Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 1:28 PM, Karl <gmkarl@gmail.com> wrote:
On Sat, Jun 6, 2020, 8:14 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with [ProtonMail](https://protonmail.com) Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 12:00 PM, Karl <gmkarl@gmail.com> wrote:
On Sat, Jun 6, 2020, 7:49 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with [ProtonMail](https://protonmail.com) Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 11:38 AM, Karl <gmkarl@gmail.com> wrote:
> On Sat, Jun 6, 2020, 7:18 AM other.arkitech <other.arkitech@protonmail.com> wrote: > >> Sent with [ProtonMail](https://protonmail.com) Secure Email. >> >> ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ >> On Saturday, June 6, 2020 10:17 AM, Karl <gmkarl@gmail.com> wrote: >> >>> On Fri, Jun 5, 2020, 7:29 PM other.arkitech <other.arkitech@protonmail.com> wrote: >>> >>>>> so your system doesn't have a bloated chain, which is nice. The 'consensus' is handled by voting...based one IP address one vote. But how robust is relying on IP addresses at the end of the day? >>>>> >>>> >>>> IPv4 provides unique features no other protocol has. address space is saturated (scarce) and addresses are not cheap. It is a a nice tool for Sybil control >>> >>> OA, when you say this people start disregarding what you say because it is false. >>> >>> Any software developer can get thousands of IP addresses by altering a piece of pirated software to include something new of their own design and sharing it in a venue where it hasn't been shared on before. There are many many other ways and people _think_ of them, _use_ them, are _observed_ using them, and things spread and grow. >> >> what? any developer geting thousands of public IPv4 addresses by modifying software? >> Nop. That's not true. >> (Or I haven't understood well what you say) > > People go to places on the internet to download things. Others can upload things to those places to download. You can upload something that lies about what it is doing, and gives you use of the ip address of the downloader's computer when run. Do you understand? > > It sounds like this is surprising to you?
so you refer to computers running malware, that case is contemplated in the design as an 'evil node'
it sounds like you haven't addressed a sybil attack from massively distributed malware, which is fine nobody can cover everything. not sure where the design lives.
If the malware is distributed in a bigger scale than the honest software, indeed, the evil network becomes the 'honest' one to the eyes of the software, that's 51% attack.
Provided a world distribution of people that can be evil/honest of 80%-20%, the likeliness of an evil network overtaking the honest one is lower than the opposite.
The evil network wont work if many evil nodes run behind same IP, so the malware must meet the same distribution enforcement applied to the honest net. Nodes running malware must be geographically distributed, so local marketplaces spreading malware have less chances to spread worldwide in order to compromise the network.
I'm not sure you're hearing me when I say that one person is able to distribute malware to thousands (or more) of other people worldwide, producing a sybil attack from an individual. Is this something you're able to repeat back to me? It sounds like you have an expectation around handling this?
i though i gave a fair response. i understand you say that many computers can be infected of malware by a single individual who is creating an attacking botnet. An I said such botnet must be bigger than the network to succeed.
The security of USPS depends on the number of nodes, the bigger the best.
Thanks. It is actually reasonable to create a botnet that covers an entire sector of the world (such as everybody running ubuntu 20 or windows 10 or the latest iOS) by finding, developing, or observing an unpatched exploit. With more than one exploit a botnet developer could cover multiple such sectors. I imagine this would usually produce more ip addresses than a specific network service like USPS uses.
This concern is one of the ones USPS hasn't been acknowledging.
51% attack is always a concern. My answer is to have a big honest network that makes it very difficult for a botnet to coordinate the attack. the attacking vector is a war on size. In bitcoin the homologous attacking vector is a war on hashing power.
Even bitcoin has unaddressed security concerns.
The use of scarce ip address alotment to make it less worthwhile to perform some sybil attacks than to use other means to achieve an end is also used by IPFS, last I looked.
Interesting, will look at it. Thanks
I also see no reason a malware marketplace would not spread worldwide.
no technical reason, obviously it is flat internet. But people operate in cultures, I mean that a malware disguised say for instance inside a pirate copy of photoshop will only be spread across those who use photoshop who are not caring about malware, not all possible computers.
Really struggling to communicate here. I understand you need to know your software is given a fair trial to actually run, is that correct?
Sorry about that if that's my fault. I try to respond with what I think about the attack vector you describe.
I am try to honestly persuade you guys to try USPS if you're really interested in it as a next-gen cryptocurrency system. My interest is to gain users that can explore every corner of it, in order to find gaps, failures, etc. Just helping me in its development.
I missed some of your expressions. On Sat, Jun 6, 2020, 10:59 AM other.arkitech <other.arkitech@protonmail.com> wrote:
what? any developer geting thousands of public IPv4 addresses by modifying
software? Nop. That's not true. (Or I haven't understood well what you say)
People go to places on the internet to download things. Others can upload things to those places to download. You can upload something that lies about what it is doing, and gives you use of the ip address of the downloader's computer when run. Do you understand?
It sounds like this is surprising to you?
so you refer to computers running malware, that case is contemplated in the design as an 'evil node'
it sounds like you haven't addressed a sybil attack from massively distributed malware, which is fine nobody can cover everything. not sure where the design lives.
If the malware is distributed in a bigger scale than the honest software, indeed, the evil network becomes the 'honest' one to the eyes of the software, that's 51% attack.
Provided a world distribution of people that can be evil/honest of 80%-20%, the likeliness of an evil network overtaking the honest one is lower than the opposite.
The evil network wont work if many evil nodes run behind same IP, so the malware must meet the same distribution enforcement applied to the honest net. Nodes running malware must be geographically distributed, so local marketplaces spreading malware have less chances to spread worldwide in order to compromise the network.
I'm not sure you're hearing me when I say that one person is able to distribute malware to thousands (or more) of other people worldwide, producing a sybil attack from an individual. Is this something you're able to repeat back to me? It sounds like you have an expectation around handling this?
i though i gave a fair response. i understand you say that many computers can be infected of malware by a single individual who is creating an attacking botnet. An I said such botnet must be bigger than the network to succeed.
The security of USPS depends on the number of nodes, the bigger the best.
Thanks. It is actually reasonable to create a botnet that covers an entire sector of the world (such as everybody running ubuntu 20 or windows 10 or the latest iOS) by finding, developing, or observing an unpatched exploit. With more than one exploit a botnet developer could cover multiple such sectors. I imagine this would usually produce more ip addresses than a specific network service like USPS uses.
This concern is one of the ones USPS hasn't been acknowledging.
51% attack is always a concern. My answer is to have a big honest network that makes it very difficult for a botnet to coordinate the attack. the attacking vector is a war on size.
Always a fan of assuming honesty, but it's good to have something to fall back on if honesty isn't upheld in some edge situation. This is where cryptocurrency usually shines. Given it doesn't take financial resources to acquire IP addresses, USPS could struggle to use the usual cryptocurrency avenue of it being more profitable to support the network than attack it. But really hashpower is just plain much harder to acquire than ip addresses. I'm not sure there are even any laws against botnets. The use of hashpower, difficulty, and an append-only log also lets users of cryptocurrencies detect attacks by observing metrics.
In bitcoin the homologous attacking vector is a war on hashing power.
Even bitcoin has unaddressed security concerns.
The use of scarce ip address alotment to make it less worthwhile to perform some sybil attacks than to use other means to achieve an end is also used by IPFS, last I looked.
Interesting, will look at it. Thanks
I also see no reason a malware marketplace would not spread worldwide.
no technical reason, obviously it is flat internet. But people operate in cultures, I mean that a malware disguised say for instance inside a pirate copy of photoshop will only be spread across those who use photoshop who are not caring about malware, not all possible computers.
sorry missed this. hope i addressed it suitably.
Really struggling to communicate here. I understand you need to know your software is given a fair trial to actually run, is that correct?
Sorry about that if that's my fault. I try to respond with what I think about the attack vector you describe.
I am try to honestly persuade you guys to try USPS if you're really interested in it as a next-gen cryptocurrency system. My interest is to gain users that can explore every corner of it, in order to find gaps, failures, etc. Just helping me in its development.
Open source and utility are what I see as being needed. I don't know this
list well and am spamming it right now, but I see it as a list of developers, not users.
Sent with [ProtonMail](https://protonmail.com) Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 3:24 PM, Karl <gmkarl@gmail.com> wrote:
I missed some of your expressions.
On Sat, Jun 6, 2020, 10:59 AM other.arkitech <other.arkitech@protonmail.com> wrote:
>>>> what? any developer geting thousands of public IPv4 addresses by modifying software? >>>> Nop. That's not true. >>>> (Or I haven't understood well what you say) >>> >>> People go to places on the internet to download things. Others can upload things to those places to download. You can upload something that lies about what it is doing, and gives you use of the ip address of the downloader's computer when run. Do you understand? >>> >>> It sounds like this is surprising to you? >> >> so you refer to computers running malware, that case is contemplated in the design as an 'evil node' > > it sounds like you haven't addressed a sybil attack from massively distributed malware, which is fine nobody can cover everything. not sure where the design lives.
If the malware is distributed in a bigger scale than the honest software, indeed, the evil network becomes the 'honest' one to the eyes of the software, that's 51% attack.
Provided a world distribution of people that can be evil/honest of 80%-20%, the likeliness of an evil network overtaking the honest one is lower than the opposite.
The evil network wont work if many evil nodes run behind same IP, so the malware must meet the same distribution enforcement applied to the honest net. Nodes running malware must be geographically distributed, so local marketplaces spreading malware have less chances to spread worldwide in order to compromise the network.
I'm not sure you're hearing me when I say that one person is able to distribute malware to thousands (or more) of other people worldwide, producing a sybil attack from an individual. Is this something you're able to repeat back to me? It sounds like you have an expectation around handling this?
i though i gave a fair response. i understand you say that many computers can be infected of malware by a single individual who is creating an attacking botnet. An I said such botnet must be bigger than the network to succeed.
The security of USPS depends on the number of nodes, the bigger the best.
Thanks. It is actually reasonable to create a botnet that covers an entire sector of the world (such as everybody running ubuntu 20 or windows 10 or the latest iOS) by finding, developing, or observing an unpatched exploit. With more than one exploit a botnet developer could cover multiple such sectors. I imagine this would usually produce more ip addresses than a specific network service like USPS uses.
This concern is one of the ones USPS hasn't been acknowledging.
51% attack is always a concern. My answer is to have a big honest network that makes it very difficult for a botnet to coordinate the attack. the attacking vector is a war on size.
Always a fan of assuming honesty, but it's good to have something to fall back on if honesty isn't upheld in some edge situation. This is where cryptocurrency usually shines.
Given it doesn't take financial resources to acquire IP addresses, USPS could struggle to use the usual cryptocurrency avenue of it being more profitable to support the network than attack it.
But really hashpower is just plain much harder to acquire than ip addresses. I'm not sure there are even any laws against botnets.
The use of hashpower, difficulty, and an append-only log also lets users of cryptocurrencies detect attacks by observing metrics.
In bitcoin the homologous attacking vector is a war on hashing power.
Even bitcoin has unaddressed security concerns.
The use of scarce ip address alotment to make it less worthwhile to perform some sybil attacks than to use other means to achieve an end is also used by IPFS, last I looked.
Interesting, will look at it. Thanks
I also see no reason a malware marketplace would not spread worldwide.
no technical reason, obviously it is flat internet. But people operate in cultures, I mean that a malware disguised say for instance inside a pirate copy of photoshop will only be spread across those who use photoshop who are not caring about malware, not all possible computers.
sorry missed this. hope i addressed it suitably.
Really struggling to communicate here. I understand you need to know your software is given a fair trial to actually run, is that correct?
Sorry about that if that's my fault. I try to respond with what I think about the attack vector you describe.
I am try to honestly persuade you guys to try USPS if you're really interested in it as a next-gen cryptocurrency system. My interest is to gain users that can explore every corner of it, in order to find gaps, failures, etc. Just helping me in its development.
Open source and utility are what I see as being needed. I don't know this list well and am spamming it right now, but I see it as a list of developers, not users.
I don't know it well either, most of the topics I see with activity do not point me in a dev-oriented direction. Mosty are user-level comments, also paper-level comments.
On Sat, Jun 6, 2020, 11:34 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with ProtonMail <https://protonmail.com> Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 3:24 PM, Karl <gmkarl@gmail.com> wrote:
I missed some of your expressions.
On Sat, Jun 6, 2020, 10:59 AM other.arkitech < other.arkitech@protonmail.com> wrote:
what? any developer geting thousands of public IPv4 addresses by
modifying software? Nop. That's not true. (Or I haven't understood well what you say)
People go to places on the internet to download things. Others can upload things to those places to download. You can upload something that lies about what it is doing, and gives you use of the ip address of the downloader's computer when run. Do you understand?
It sounds like this is surprising to you?
so you refer to computers running malware, that case is contemplated in the design as an 'evil node'
it sounds like you haven't addressed a sybil attack from massively distributed malware, which is fine nobody can cover everything. not sure where the design lives.
If the malware is distributed in a bigger scale than the honest software, indeed, the evil network becomes the 'honest' one to the eyes of the software, that's 51% attack.
Provided a world distribution of people that can be evil/honest of 80%-20%, the likeliness of an evil network overtaking the honest one is lower than the opposite.
The evil network wont work if many evil nodes run behind same IP, so the malware must meet the same distribution enforcement applied to the honest net. Nodes running malware must be geographically distributed, so local marketplaces spreading malware have less chances to spread worldwide in order to compromise the network.
I'm not sure you're hearing me when I say that one person is able to distribute malware to thousands (or more) of other people worldwide, producing a sybil attack from an individual. Is this something you're able to repeat back to me? It sounds like you have an expectation around handling this?
i though i gave a fair response. i understand you say that many computers can be infected of malware by a single individual who is creating an attacking botnet. An I said such botnet must be bigger than the network to succeed.
The security of USPS depends on the number of nodes, the bigger the best.
Thanks. It is actually reasonable to create a botnet that covers an entire sector of the world (such as everybody running ubuntu 20 or windows 10 or the latest iOS) by finding, developing, or observing an unpatched exploit. With more than one exploit a botnet developer could cover multiple such sectors. I imagine this would usually produce more ip addresses than a specific network service like USPS uses.
This concern is one of the ones USPS hasn't been acknowledging.
51% attack is always a concern. My answer is to have a big honest network that makes it very difficult for a botnet to coordinate the attack. the attacking vector is a war on size.
Always a fan of assuming honesty, but it's good to have something to fall back on if honesty isn't upheld in some edge situation. This is where cryptocurrency usually shines.
Given it doesn't take financial resources to acquire IP addresses, USPS could struggle to use the usual cryptocurrency avenue of it being more profitable to support the network than attack it.
But really hashpower is just plain much harder to acquire than ip addresses. I'm not sure there are even any laws against botnets.
The use of hashpower, difficulty, and an append-only log also lets users of cryptocurrencies detect attacks by observing metrics.
In bitcoin the homologous attacking vector is a war on hashing power.
Even bitcoin has unaddressed security concerns.
The use of scarce ip address alotment to make it less worthwhile to perform some sybil attacks than to use other means to achieve an end is also used by IPFS, last I looked.
Interesting, will look at it. Thanks
I also see no reason a malware marketplace would not spread worldwide.
no technical reason, obviously it is flat internet. But people operate in cultures, I mean that a malware disguised say for instance inside a pirate copy of photoshop will only be spread across those who use photoshop who are not caring about malware, not all possible computers.
sorry missed this. hope i addressed it suitably.
Really struggling to communicate here. I understand you need to know your software is given a fair trial to actually run, is that correct?
Sorry about that if that's my fault. I try to respond with what I think about the attack vector you describe.
I am try to honestly persuade you guys to try USPS if you're really interested in it as a next-gen cryptocurrency system. My interest is to gain users that can explore every corner of it, in order to find gaps, failures, etc. Just helping me in its development.
Open source and utility are what I see as being needed. I don't know
this list well and am spamming it right now, but I see it as a list of developers, not users.
I don't know it well either, most of the topics I see with activity do not point me in a dev-oriented direction. Mosty are user-level comments, also paper-level comments.
Let's review the list history at https://lists.cpunks.org/mailman/listinfo a little to see what the mailing list is really about. I've never looked there before myself, and it's pretty gratifying to have this opportunity to do so.
I've found this resource about cypherpunks: https://github.com/jooray/cypherpunk-research Sent with [ProtonMail](https://protonmail.com) Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 3:40 PM, Karl <gmkarl@gmail.com> wrote:
On Sat, Jun 6, 2020, 11:34 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with [ProtonMail](https://protonmail.com) Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 3:24 PM, Karl <gmkarl@gmail.com> wrote:
I missed some of your expressions.
On Sat, Jun 6, 2020, 10:59 AM other.arkitech <other.arkitech@protonmail.com> wrote:
>>>>>> what? any developer geting thousands of public IPv4 addresses by modifying software? >>>>>> Nop. That's not true. >>>>>> (Or I haven't understood well what you say) >>>>> >>>>> People go to places on the internet to download things. Others can upload things to those places to download. You can upload something that lies about what it is doing, and gives you use of the ip address of the downloader's computer when run. Do you understand? >>>>> >>>>> It sounds like this is surprising to you? >>>> >>>> so you refer to computers running malware, that case is contemplated in the design as an 'evil node' >>> >>> it sounds like you haven't addressed a sybil attack from massively distributed malware, which is fine nobody can cover everything. not sure where the design lives. >> >> If the malware is distributed in a bigger scale than the honest software, indeed, the evil network becomes the 'honest' one to the eyes of the software, that's 51% attack. >> >> Provided a world distribution of people that can be evil/honest of 80%-20%, the likeliness of an evil network overtaking the honest one is lower than the opposite. >> >> The evil network wont work if many evil nodes run behind same IP, so the malware must meet the same distribution enforcement applied to the honest net. Nodes running malware must be geographically distributed, so local marketplaces spreading malware have less chances to spread worldwide in order to compromise the network. > > I'm not sure you're hearing me when I say that one person is able to distribute malware to thousands (or more) of other people worldwide, producing a sybil attack from an individual. Is this something you're able to repeat back to me? It sounds like you have an expectation around handling this?
i though i gave a fair response. i understand you say that many computers can be infected of malware by a single individual who is creating an attacking botnet. An I said such botnet must be bigger than the network to succeed.
The security of USPS depends on the number of nodes, the bigger the best.
Thanks. It is actually reasonable to create a botnet that covers an entire sector of the world (such as everybody running ubuntu 20 or windows 10 or the latest iOS) by finding, developing, or observing an unpatched exploit. With more than one exploit a botnet developer could cover multiple such sectors. I imagine this would usually produce more ip addresses than a specific network service like USPS uses.
This concern is one of the ones USPS hasn't been acknowledging.
51% attack is always a concern. My answer is to have a big honest network that makes it very difficult for a botnet to coordinate the attack. the attacking vector is a war on size.
Always a fan of assuming honesty, but it's good to have something to fall back on if honesty isn't upheld in some edge situation. This is where cryptocurrency usually shines.
Given it doesn't take financial resources to acquire IP addresses, USPS could struggle to use the usual cryptocurrency avenue of it being more profitable to support the network than attack it.
But really hashpower is just plain much harder to acquire than ip addresses. I'm not sure there are even any laws against botnets.
The use of hashpower, difficulty, and an append-only log also lets users of cryptocurrencies detect attacks by observing metrics.
In bitcoin the homologous attacking vector is a war on hashing power.
Even bitcoin has unaddressed security concerns.
The use of scarce ip address alotment to make it less worthwhile to perform some sybil attacks than to use other means to achieve an end is also used by IPFS, last I looked.
Interesting, will look at it. Thanks
> I also see no reason a malware marketplace would not spread worldwide.
no technical reason, obviously it is flat internet. But people operate in cultures, I mean that a malware disguised say for instance inside a pirate copy of photoshop will only be spread across those who use photoshop who are not caring about malware, not all possible computers.
sorry missed this. hope i addressed it suitably.
> Really struggling to communicate here. I understand you need to know your software is given a fair trial to actually run, is that correct?
Sorry about that if that's my fault. I try to respond with what I think about the attack vector you describe.
I am try to honestly persuade you guys to try USPS if you're really interested in it as a next-gen cryptocurrency system. My interest is to gain users that can explore every corner of it, in order to find gaps, failures, etc. Just helping me in its development.
Open source and utility are what I see as being needed. I don't know this list well and am spamming it right now, but I see it as a list of developers, not users.
I don't know it well either, most of the topics I see with activity do not point me in a dev-oriented direction. Mosty are user-level comments, also paper-level comments.
Let's review the list history at https://lists.cpunks.org/mailman/listinfo a little to see what the mailing list is really about. I've never looked there before myself, and it's pretty gratifying to have this opportunity to do so.
On Sun, 07 Jun 2020 19:42:08 +0000 "other.arkitech" <other.arkitech@protonmail.com> wrote:
I've found this resource about cypherpunks: https://github.com/jooray/cypherpunk-research
now you have to find the obvious flaws in it
Sent with ProtonMail Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Sunday, June 7, 2020 9:47 PM, Punk-Stasi 2.0 <punks@tfwno.gf> wrote:
On Sun, 07 Jun 2020 19:42:08 +0000 "other.arkitech" other.arkitech@protonmail.com wrote:
I've found this resource about cypherpunks: https://github.com/jooray/cypherpunk-research
now you have to find the obvious flaws in it
The one that called my atention is the inclusion of CSW. Any other flaws you spot? Regarding monero I think I am not judging it fairly. It has a feature that USPS has not, which is to hide movements beyond the protection of Addresses being anonymous. Perhaps more, as I haven't looked at it in depth. What I said were light thoughts about privacy, but I stand as well on the social need to share accounting for whatever is considered that needs to have public traceability, like public money, which I think it should work like a pot between 2, but instead of 2, all -voluntary- contributors. (I fear you if I mention the tabu word,.. tax.. sick! I said it) : )
I am try to honestly persuade you guys to try USPS if you're really interested in it as a next-gen cryptocurrency system. My interest is to gain users that can explore every corner of it, in order to find gaps, failures, etc. Just helping me in its development.
Open source and utility are what I see as being needed.
USPS needs a whitepaper, philosophy/presentation, if it expects these. Just closed source binary blobs with unexplained CLI don't help users, reviewers, contributors, understand that big pictures.
Sent with ProtonMail Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Sunday, June 7, 2020 1:22 AM, grarpamp <grarpamp@gmail.com> wrote:
I am try to honestly persuade you guys to try USPS if you're really interested in it as a next-gen cryptocurrency system. My interest is to gain users that can explore every corner of it, in order to find gaps, failures, etc. Just helping me in its development.
Open source and utility are what I see as being needed.
USPS needs a whitepaper, philosophy/presentation, if it expects these. Just closed source binary blobs with unexplained CLI don't help users, reviewers, contributors, understand that big pictures.
True, let's see how may can deal with raw software while I can work on this side. cli software has a good functional help though
Govts and GovCorp adversaries sitting on big quantity of IPv4/8's and /n's scattered worldwide, and limitless IPv6/n's. How going to audit all those Sybils? With massive piles of premined coins and central corporate investors? If want to raise Sybil costs, WoT-like human factors cost much more than those. No one seem bold enough to do old school WoT, at least for designs that use some pure "middle" nodes (privacy architecture depends if client UTXO nodes can do WoT safely too). Even worshipped Tor is a Sybil free for all, using all IPv4 btw *ahem*, nothing stopping them, 100 bad nodes a month, people got booted for pressing that uncomfy facts about tor.
Sent with ProtonMail Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Sunday, June 7, 2020 1:15 AM, grarpamp <grarpamp@gmail.com> wrote:
Govts and GovCorp adversaries sitting on big quantity of IPv4/8's and /n's scattered worldwide, and limitless IPv6/n's. How going to audit all those Sybils?
IP4 allocated on known pools assigned to world-wide areas. this wikipedia page illustrates a distribution. https://en.wikipedia.org/wiki/List_of_countries_by_IPv4_address_allocation The point is that the system can control the allocation of nodes by ip4 pool. In fact , any node can connect to the system, by any transport like ip6 or tor, but only those participating in the voting process are sybil-controlled.
With massive piles of premined coins and central corporate investors?
I would not call it premine, just mined, the network is running and mining. Premine implies that the genesis started with allocations, which it is not true. The way to verify it is by looking at the public ledger, taking the amount of coins in circulation and the originating time -oct-2018- and veryfy it matches 5e8 per minute. Anyway this is just a number which is unbounded. it is huge intentionally, but small compared to the capacity. Time will adjust the number to real value. Governance is meant to be distributed, not central authority, eligibility will be given only by skill, not economic power.
If want to raise Sybil costs, WoT-like human factors cost much more than those.
WoT -web of trust, right?
No one seem bold enough to do old school WoT, at least for designs that use some pure "middle" nodes (privacy architecture depends if client UTXO nodes can do WoT safely too).
WoU - more fairly named for this systems based on untrusted nodes
Even worshipped Tor is a Sybil free for all, using all IPv4 btw ahem, nothing stopping them, 100 bad nodes a month, people got booted for pressing that uncomfy facts about tor.
I would not call it premine, just mined, the network is running and mining. Premine implies that the genesis started with allocations
That's one form. Another form is, as before... mining after genesis only by a select group of internal/closed/invitee people, not publicly announced till later, and not reset upon such announcement. Another form is... ASIC companies mining before selling and shipping the HW to users, and early shipping in qty to select purchasers, not telling general public buyers they are doing this, getting shafted with a partially mined out "new" die process. All three forms, of which there are probably more forms, are often frowned upon by large portions of the crypto space. Some claim it is free market to do. Others choose to boycott. Both have their arguments. But for every form, it do cause some controversy, that probably could be avoided from the start. The facts of how and when certain announcements, coins were generated, distributed, held, taxed, etc in some of the various coin projects are known. Lots of coins did preallocation, founder taxing, and various garbage-for-gold IPO scams. USPS mined with some private and invitee people after genesis before public posts. Satoshi posted to a pretty big public list of people, then a public genesis moment, then all public everyone including his own "self, and investor pay[back] purpose" were fairly mining publicly from that date onward. There was no private/invitee period after genesis before public post. Users could treat as color premined coins in a public crypto, but that is hard to do in practice. In a privacy crypto, or one with privacy elements, projects would even more want to meet some rather honorable ways to all the crypto space regarding their release process. Since at least 2013 there are pretty well recognized large announcement channels in each constituent and offshoot area. There might even be BCP now on how releases should maybe be done to help avoid some controversies. Many coin projects users still have weird feeling about "fairness" of release process that might naturally be holding any of those coin projects back from what would otherwise be stronger adoption. Many coin projects still struggle with the issues of their own history regarding choices about money they gave themselves. Just like banks that add a zero (0) doing fractional reserve lending.
Sent with ProtonMail Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Monday, June 8, 2020 5:50 AM, grarpamp <grarpamp@gmail.com> wrote:
I would not call it premine, just mined, the network is running and mining. Premine implies that the genesis started with allocations
That's one form.
Another form is, as before... mining after genesis only by a select group of internal/closed/invitee people, not publicly announced till later, and not reset upon such announcement.
Another form is... ASIC companies mining before selling and shipping the HW to users, and early shipping in qty to select purchasers, not telling general public buyers they are doing this, getting shafted with a partially mined out "new" die process.
All three forms, of which there are probably more forms, are often frowned upon by large portions of the crypto space.
Some claim it is free market to do. Others choose to boycott. Both have their arguments.
But for every form, it do cause some controversy, that probably could be avoided from the start.
The facts of how and when certain announcements, coins were generated, distributed, held, taxed, etc in some of the various coin projects are known.
Lots of coins did preallocation, founder taxing, and various garbage-for-gold IPO scams.
USPS mined with some private and invitee people after genesis before public posts.
Satoshi posted to a pretty big public list of people, then a public genesis moment, then all public everyone including his own "self, and investor pay[back] purpose" were fairly mining publicly from that date onward. There was no private/invitee period after genesis before public post.
Users could treat as color premined coins in a public crypto, but that is hard to do in practice.
In a privacy crypto, or one with privacy elements, projects would even more want to meet some rather honorable ways to all the crypto space regarding their release process.
Since at least 2013 there are pretty well recognized large announcement channels in each constituent and offshoot area. There might even be BCP now on how releases should maybe be done to help avoid some controversies.
Many coin projects users still have weird feeling about "fairness" of release process that might naturally be holding any of those coin projects back from what would otherwise be stronger adoption. Many coin projects still struggle with the issues of their own history regarding choices about money they gave themselves.
Just like banks that add a zero (0) doing fractional reserve lending.
Reseting a system breaks the promise. It is not easy action to do. By doing this you are saying that the governance is weak, people who were trusting the system for long, running their hardware, would feel betrayed, and only because some potential new users don't like it to start after others. Imagine if I say now that -because Bitcoin wan't announced on TV worldwide- the network has to be reseted so I join. Sounds crazy of course, but this shares the same aspects when dealing with a claim for reseting a blockchain. Anyway the USPS was publicly posted soon after the genesis block, inviting people to try the system. https://github.com/other-arkitech/us I think there are previous posts in reddit. I can say again that the crypto earned by nodes since the network started has no exchange value as per today, nor the coins have a ceiling (like e.g., 21M). So they just count as a measure of the time they have been working for the network, and this is the fair status.
"other.arkitech" <other.arkitech@protonmail.com> wrote:
Monero, AFAIK, makes it difficult not impossible to trace transactions. So it adds some obfuscation.
Well, I never said monero is 'impossible' to crack. I'm certainly not the nsa-mosad-gchq-etc mafia, so how knows how they could attack it. Yet monero is pretty much the only system which seems to take privacy seriously. Saying that it adds 'some obfuscation' sounds like a (big) understatement. Amounts in monero are encrypted using a 'homomorphic' crypto trick. And the ring signature makes it impossible to tell who signed the transaction. By the way, public keys for the ring signature are taken from the blockchain so in this case having a bloated chain does have at least one advantage. On chain destination addresses are all unique and can't be linked to the public address of the user either. so, I'd say that any 'second generation' cryptocurrency has to have a level of privacy that is at least as good as monero's.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 9:18 PM, Punk-Stasi 2.0 <punks@tfwno.gf> wrote:
"other.arkitech" other.arkitech@protonmail.com wrote:
Monero, AFAIK, makes it difficult not impossible to trace transactions. So it adds some obfuscation.
Well, I never said monero is 'impossible' to crack. I'm certainly not the nsa-mosad-gchq-etc mafia, so how knows how they could attack it.
Yet monero is pretty much the only system which seems to take privacy seriously.
Saying that it adds 'some obfuscation' sounds like a (big) understatement. Amounts in monero are encrypted using a 'homomorphic' crypto trick. And the ring signature makes it impossible to tell who signed the transaction. By the way, public keys for the ring signature are taken from the blockchain so in this case having a bloated chain does have at least one advantage. On chain destination addresses are all unique and can't be linked to the public address of the user either.
so, I'd say that any 'second generation' cryptocurrency has to have a level of privacy that is at least as good as monero's.
My take on Monero is that it is an overengineered solution. Mu understanding of an anonymous public system includes: *I should be able to see in clear all the money in circulation, all the public database. *I shouldn't be able to link anything to a particular person or group. Monero fails the first one, bcs they focused on making it difficult to analyze the money flows, the cash in circulation, and macro-economy parameters that are of public interest. they instead made an opaque public system. The privacy problem coming from having the flow in clear is obvious. Behavioural patterns can be used to identify the person behind. The solutionm in my view, is not overloading the network, but instead by using a flow-break mechanism (like a mixer), which forms part of the public services offered by the platform. The monero's trick is probably limiting its scalability as well. but I am not an expert in monero's details. Just speak by intuition, somehow educated guess, as my knowledge comes from coding a comparable system.
On Sat, 06 Jun 2020 22:49:10 +0000 "other.arkitech" <other.arkitech@protonmail.com> wrote:
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 9:18 PM, Punk-Stasi 2.0 <punks@tfwno.gf> wrote:
so, I'd say that any 'second generation' cryptocurrency has to have a level of privacy that is at least as good as monero's.
My take on Monero is that it is an overengineered solution.
wait, first you said it had 'some obfuscation' but now it's overengineered? =)
Mu understanding of an anonymous public system includes:
*I should be able to see in clear all the money in circulation, all the public database.
why would you want that?
*I shouldn't be able to link anything to a particular person or group.
that makes little sense. Once you 'see all money in circulation' linking the circulation to the users isn't hard. Or by 'all money' you mean just one number for the total supply?
Monero fails the first one, bcs they focused on making it difficult to analyze the money flows, the cash in circulation,
monero doesn't fail. On the contrary it achieves something that's much needed.
and macro-economy parameters that are of public interest.
not sure what's that supposed to mean? Which parameters are of 'public interest'?
they instead made an opaque public system.
your previous statement and this one beg the question, what do you mean by "public". monero isn't an 'opaque public system'. It's an accounting system that tries to achieve some of the properties of physical cash. It's 'public' only in the sense that anybody can use it. Which is a basic and required property for money.
The privacy problem coming from having the flow in clear is obvious. Behavioural patterns can be used to identify the person behind.
that's just one way. There are other, more direct ways to 'deanonymize' people.
The solutionm in my view, is not overloading the network, but instead by using a flow-break mechanism (like a mixer), which forms part of the public services offered by the platform.
The monero's trick is probably limiting its scalability as well.
so far there's a tradeoff between privacy and scalability. But then again, privacy is a fundamental requirement, unless you're promoting systems to further enhance the power of the surveillance state.
but I am not an expert in monero's details. Just speak by intuition, somehow educated guess, as my knowledge comes from coding a comparable system.
Once you 'see all money in circulation' linking the circulation to the users isn't hard. Or by 'all money' you mean just one number for the total supply?
Cryptocurrencies don't necessarily need to "see all money in circulation" ie: able to go count it all up wherever whenever, or to count or know or decide or consensus on one single supply number stored somewhere. They can do those things, but it's not the only way. They can also rely on software in operation proofs. If SW prints one widget per day, and cannot print less or more, then 1000 days out there are exactly 1000 widgets, regardless if anyone can see/count them or not. Of course SW operations can be hard to prove in formal analysis. And Zcash-ZEC and other coins that did not do due formality got bit with that bugs and had to do turnstiles and other tricks to restore confidence. But the fundamentals of proven formal analysis can provide alternatives to first generation "must see track and spy it all" thoughts. Nor do cryptos need to see who is spending what, on what, where, when, from, to, amount, etc. The dawn of homomorphic / zkp crypto tech should give rise to fun future of formality and privacy constructs therein. They could also play a role in eliminating the stupid waste of growth per tx "blockchains", instead moving to per UTXO key. Bitcoin-BTC is not "leading" because it was some innately good coin, it's leading because it was first, and it still kinda works. It has massive privacy issues and refuses to do anything about them. People are taking coin privacy much more seriously now. And it has growing centralization risks due to limited scaling and ASIC abuse. Any fully distributed featureless coin that does privacy, does away with per tx growth, has maybe 100 to 1000 native tps rate, works with a DEX API... is going to be a strong contender.
Sent with ProtonMail Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Sunday, June 7, 2020 1:40 AM, Punk-Stasi 2.0 <punks@tfwno.gf> wrote:
On Sat, 06 Jun 2020 22:49:10 +0000 "other.arkitech" other.arkitech@protonmail.com wrote:
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 9:18 PM, Punk-Stasi 2.0 punks@tfwno.gf wrote:
so, I'd say that any 'second generation' cryptocurrency has to have a level of privacy that is at least as good as monero's.
My take on Monero is that it is an overengineered solution.
wait, first you said it had 'some obfuscation' but now it's overengineered? =)
both terms apply. I think they went beyond with the concept of privacy, and entered in public terrain with privacy concepts. In public arena privacy is not wanted.
Mu understanding of an anonymous public system includes: *I should be able to see in clear all the money in circulation, all the public database.
why would you want that?
public and private are opposite concepts. Public: all data is transparent, not obfuscated, easy access, traceable. Private: opaque, encrypted, authorized access, untraceable.
*I shouldn't be able to link anything to a particular person or group.
that makes little sense. Once you 'see all money in circulation' linking the circulation to the users isn't hard. Or by 'all money' you mean just one number for the total supply?
The public accounting shall be traceable if the money is public money , provided there is a protection where accounts cannot be traced to people. E.g. you and your friend decide to create a pot. this pot is public for you both, but private for the rest.
From your perspective you want the pot movements the in clear, because you share the ownership.
The same pattern applies to a world-wide public system. If you have a share of ownership on any account you want this account to be traceable. So you can verify public money goes where it is supposed to go according to public rules.
Monero fails the first one, bcs they focused on making it difficult to analyze the money flows, the cash in circulation,
monero doesn't fail. On the contrary it achieves something that's much needed.
fails in the sense they sacrificed public accounting, which motivated me to say it was overengineered, as they brough privacy concepts to an extreme. Analogy: Massive surveillance is an offence to privacy, right? Hidding my account is an offence to me cause I cannot verify my stuff. Hidding public accounts is an offence to a required transparency.
and macro-economy parameters that are of public interest.
not sure what's that supposed to mean? Which parameters are of 'public interest'?
e.g. I want to sell my bananas, I need to find buyers. I want to buy bananas, I need to find sellers whatever helps me to achieve this trade that can be considered public, regardles which role I take (seller/buyer) Or This anon guy HIJK is asking for a loan. I see HIJK was loaned before for X amount, and s/he repaid it. I can take the decision of taking the risk or not to contribute to this loan. Provided I cannot trace HIJK with any person, HIJK could be interested is making his credit history public so he increases his chances to find lenders.
they instead made an opaque public system.
your previous statement and this one beg the question, what do you mean by "public".
opposite of private.
monero isn't an 'opaque public system'. It's an accounting system that tries to achieve some of the properties of physical cash. It's 'public' only in the sense that anybody can use it. Which is a basic and required property for money.
The privacy problem coming from having the flow in clear is obvious. Behavioural patterns can be used to identify the person behind.
that's just one way. There are other, more direct ways to 'deanonymize' people.
The solutionm in my view, is not overloading the network, but instead by using a flow-break mechanism (like a mixer), which forms part of the public services offered by the platform. The monero's trick is probably limiting its scalability as well.
so far there's a tradeoff between privacy and scalability. But then again, privacy is a fundamental requirement, unless you're promoting systems to further enhance the power of the surveillance state.
but I am not an expert in monero's details. Just speak by intuition, somehow educated guess, as my knowledge comes from coding a comparable system.
On Sun, 07 Jun 2020 12:00:47 +0000 "other.arkitech" <other.arkitech@protonmail.com> wrote:
wait, first you said it had 'some obfuscation' but now it's overengineered? =)
both terms apply.
no they don't.
I think they went beyond with the concept of privacy, and entered in public terrain with privacy concepts.
your thinking is wrong.
*I shouldn't be able to link anything to a particular person or group.
that makes little sense. Once you 'see all money in circulation' linking the circulation to the users isn't hard. Or by 'all money' you mean just one number for the total supply?
The public accounting shall be traceable if the money is public money,
there's no such thing as public money. 'public money' is an euphemism for money stolen by govcorp.
provided there is a protection where accounts cannot be traced to people.
and even if there was such a thing as 'public money', tracing it obviously affects the private side of things.
E.g. you and your friend decide to create a pot. this pot is public for you both, but private for the rest.
that's not what public means.
From your perspective you want the pot movements the in clear, because you share the ownership.
shared ownership is a weak and problematic concept.
Monero fails the first one, bcs they focused on making it difficult to analyze the money flows, the cash in circulation,
monero doesn't fail. On the contrary it achieves something that's much needed.
fails in the sense they sacrificed public accounting, which motivated me to say it was overengineered, as they brough privacy concepts to an extreme.
monero doesn't fail, it didn't 'sacrifice' anything and the more privacy the better, so extreme privacy would be extremely good. FURTHERMORE, in monero, there's something called a view key, which allows the owner of an account to make transactions 'public'
Analogy:
Massive surveillance is an offence to privacy, right? Hidding my account is an offence to me cause I cannot verify my stuff. Hidding public accounts is an offence to a required transparency.
There are no public accounts in the sense you're using 'public'
and macro-economy parameters that are of public interest.
not sure what's that supposed to mean? Which parameters are of 'public interest'?
e.g. I want to sell my bananas, I need to find buyers. I want to buy bananas, I need to find sellers
whatever helps me to achieve this trade that can be considered public, regardles which role I take (seller/buyer)
so you want private commerce to be 'public'?
Or
This anon guy HIJK is asking for a loan. I see HIJK was loaned before for X amount, and s/he repaid it. I can take the decision of taking the risk or not to contribute to this loan.
you want global financial surveillance then
Provided I cannot trace HIJK with any person, HIJK could be interested is making his credit history public so he increases his chances to find lenders.
how are you going to keep separate the person from his 'credit history'?
monero isn't an 'opaque public system'. It's an accounting system that tries to achieve some of the properties of physical cash. It's 'public' only in the sense that anybody can use it. Which is a basic and required property for money.
The privacy problem coming from having the flow in clear is obvious. Behavioural patterns can be used to identify the person behind.
that's just one way. There are other, more direct ways to 'deanonymize' people.
so far there's a tradeoff between privacy and scalability. But then again, privacy is a fundamental requirement, unless you're promoting systems to further enhance the power of the surveillance state.
OA to clear one of these items up a bit, it is well known that you cannot have anonymity if the amount of stuff exchanged is observable. This is a problem called traffic analysis that has been a known vulnerability in tor for many many years now. There are ways to deter it but last I knew anything (which was some years ago) the problem is still unsolved. Doesn't it seem kind of impossible, "public anonymity"? It is like wearing a mask but being the only person in your community who buys fishfood. People who see you buy fishfood know you are the guy with the pet fish, whether you are masked or not. This is a big topic because the tor project demonstrated trust when they first released by disclosing that it was an unsolved problem in their software in some areas. To this day there are no mainstream systems that address the problem of traffic analysis, and it takes a lot of understanding of that problem to address it. On Sun, Jun 7, 2020, 8:01 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with ProtonMail Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Sunday, June 7, 2020 1:40 AM, Punk-Stasi 2.0 <punks@tfwno.gf> wrote:
On Sat, 06 Jun 2020 22:49:10 +0000 "other.arkitech" other.arkitech@protonmail.com wrote:
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 9:18 PM, Punk-Stasi 2.0 punks@tfwno.gf wrote:
so, I'd say that any 'second generation' cryptocurrency has to have a level of privacy that is at least as good as monero's.
My take on Monero is that it is an overengineered solution.
wait, first you said it had 'some obfuscation' but now it's overengineered? =)
both terms apply. I think they went beyond with the concept of privacy, and entered in public terrain with privacy concepts. In public arena privacy is not wanted.
Mu understanding of an anonymous public system includes: *I should be able to see in clear all the money in circulation, all
the public database.
why would you want that?
public and private are opposite concepts.
Public: all data is transparent, not obfuscated, easy access, traceable. Private: opaque, encrypted, authorized access, untraceable.
*I shouldn't be able to link anything to a particular person or group.
that makes little sense. Once you 'see all money in circulation' linking
the circulation to the users isn't hard. Or by 'all money' you mean just one number for the total supply?
The public accounting shall be traceable if the money is public money , provided there is a protection where accounts cannot be traced to people.
E.g. you and your friend decide to create a pot. this pot is public for you both, but private for the rest. From your perspective you want the pot movements the in clear, because you share the ownership.
The same pattern applies to a world-wide public system. If you have a share of ownership on any account you want this account to be traceable. So you can verify public money goes where it is supposed to go according to public rules.
Monero fails the first one, bcs they focused on making it difficult to
analyze the money flows, the cash in circulation,
monero doesn't fail. On the contrary it achieves something that's much
needed.
fails in the sense they sacrificed public accounting, which motivated me to say it was overengineered, as they brough privacy concepts to an extreme. Analogy:
Massive surveillance is an offence to privacy, right? Hidding my account is an offence to me cause I cannot verify my stuff. Hidding public accounts is an offence to a required transparency.
and macro-economy parameters that are of public interest.
not sure what's that supposed to mean? Which parameters are of 'public
interest'?
e.g. I want to sell my bananas, I need to find buyers. I want to buy bananas, I need to find sellers
whatever helps me to achieve this trade that can be considered public, regardles which role I take (seller/buyer)
Or
This anon guy HIJK is asking for a loan. I see HIJK was loaned before for X amount, and s/he repaid it. I can take the decision of taking the risk or not to contribute to this loan.
Provided I cannot trace HIJK with any person, HIJK could be interested is making his credit history public so he increases his chances to find lenders.
they instead made an opaque public system.
your previous statement and this one beg the question, what do you mean
by "public".
opposite of private.
monero isn't an 'opaque public system'. It's an accounting system that tries to achieve some of the properties of physical cash. It's 'public' only in the sense that anybody can use it. Which is a basic and required property for money.
The privacy problem coming from having the flow in clear is obvious. Behavioural patterns can be used to identify the person behind.
that's just one way. There are other, more direct ways to 'deanonymize' people.
The solutionm in my view, is not overloading the network, but instead by using a flow-break mechanism (like a mixer), which forms part of the public services offered by the platform. The monero's trick is probably limiting its scalability as well.
so far there's a tradeoff between privacy and scalability. But then again, privacy is a fundamental requirement, unless you're promoting systems to further enhance the power of the surveillance state.
but I am not an expert in monero's details. Just speak by intuition, somehow educated guess, as my knowledge comes from coding a comparable system.
Sent with [ProtonMail](https://protonmail.com) Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Monday, June 8, 2020 5:40 AM, Karl <gmkarl@gmail.com> wrote:
OA to clear one of these items up a bit, it is well known that you cannot have anonymity if the amount of stuff exchanged is observable. This is a problem called traffic analysis that has been a known vulnerability in tor for many many years now.
I Agree, but the you don't need to avoid clear transactions, the adresses are anonymous. hold on. you can study traffic and deduce this anan address corresponds to this guy, isn't it? ok. But you don't solve this vector like monero does, you solve it addressing the root of the problem, which is not the address in clear at all. traffic shall be masked or rndmly routed, fake packets (chaff traffic), etc. This job goes in a different place in the logic of the platform.
There are ways to deter it but last I knew anything (which was some years ago) the problem is still unsolved.
Doesn't it seem kind of impossible, "public anonymity"? It is like wearing a mask but being the only person in your community who buys fishfood. People who see you buy fishfood know you are the guy with the pet fish, whether you are masked or not.
yes, that's tricky. Because chances of breaking anonymity go high when more information is available. To counteract you can sybil yourself, using different addresses to break your patterns.
This is a big topic because the tor project demonstrated trust when they first released by disclosing that it was an unsolved problem in their software in some areas. To this day there are no mainstream systems that address the problem of traffic analysis, and it takes a lot of understanding of that problem to address it.
we'll get to that part, the anon overlay where chaff traffic is (supposed to be) working. In this scenario: *traffic analysis attacking vectors are addressed in the anon overlay *transactions of the blockchain go in clear, revealing source address, amount, dest address. You ca have an anonymous profile (I call it personality) that is publicly traceable (so trust can be vested on it) (for useful activitys like e.g. borrowing money) Still you can use multiple personalities to break your physical patterns, e.g. you have a coffee at starbucks, then pay parking, then ask for a loan, then go buy fish. If you use one personality that connects these 4 events an observer can narrow you. But if you use different personalities the problem becomes harder.
On Sun, Jun 7, 2020, 8:01 AM other.arkitech <other.arkitech@protonmail.com> wrote:
Sent with ProtonMail Secure Email.
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Sunday, June 7, 2020 1:40 AM, Punk-Stasi 2.0 <punks@tfwno.gf> wrote:
On Sat, 06 Jun 2020 22:49:10 +0000 "other.arkitech" other.arkitech@protonmail.com wrote:
‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 9:18 PM, Punk-Stasi 2.0 punks@tfwno.gf wrote:
so, I'd say that any 'second generation' cryptocurrency has to have a level of privacy that is at least as good as monero's.
My take on Monero is that it is an overengineered solution.
wait, first you said it had 'some obfuscation' but now it's overengineered? =)
both terms apply. I think they went beyond with the concept of privacy, and entered in public terrain with privacy concepts. In public arena privacy is not wanted.
Mu understanding of an anonymous public system includes: *I should be able to see in clear all the money in circulation, all the public database.
why would you want that?
public and private are opposite concepts.
Public: all data is transparent, not obfuscated, easy access, traceable. Private: opaque, encrypted, authorized access, untraceable.
*I shouldn't be able to link anything to a particular person or group.
that makes little sense. Once you 'see all money in circulation' linking the circulation to the users isn't hard. Or by 'all money' you mean just one number for the total supply?
The public accounting shall be traceable if the money is public money , provided there is a protection where accounts cannot be traced to people.
E.g. you and your friend decide to create a pot. this pot is public for you both, but private for the rest. From your perspective you want the pot movements the in clear, because you share the ownership.
The same pattern applies to a world-wide public system. If you have a share of ownership on any account you want this account to be traceable. So you can verify public money goes where it is supposed to go according to public rules.
Monero fails the first one, bcs they focused on making it difficult to analyze the money flows, the cash in circulation,
monero doesn't fail. On the contrary it achieves something that's much needed.
fails in the sense they sacrificed public accounting, which motivated me to say it was overengineered, as they brough privacy concepts to an extreme. Analogy:
Massive surveillance is an offence to privacy, right? Hidding my account is an offence to me cause I cannot verify my stuff. Hidding public accounts is an offence to a required transparency.
and macro-economy parameters that are of public interest.
not sure what's that supposed to mean? Which parameters are of 'public interest'?
e.g. I want to sell my bananas, I need to find buyers. I want to buy bananas, I need to find sellers
whatever helps me to achieve this trade that can be considered public, regardles which role I take (seller/buyer)
Or
This anon guy HIJK is asking for a loan. I see HIJK was loaned before for X amount, and s/he repaid it. I can take the decision of taking the risk or not to contribute to this loan.
Provided I cannot trace HIJK with any person, HIJK could be interested is making his credit history public so he increases his chances to find lenders.
they instead made an opaque public system.
your previous statement and this one beg the question, what do you mean by "public".
opposite of private.
monero isn't an 'opaque public system'. It's an accounting system that tries to achieve some of the properties of physical cash. It's 'public' only in the sense that anybody can use it. Which is a basic and required property for money.
The privacy problem coming from having the flow in clear is obvious. Behavioural patterns can be used to identify the person behind.
that's just one way. There are other, more direct ways to 'deanonymize' people.
The solutionm in my view, is not overloading the network, but instead by using a flow-break mechanism (like a mixer), which forms part of the public services offered by the platform. The monero's trick is probably limiting its scalability as well.
so far there's a tradeoff between privacy and scalability. But then again, privacy is a fundamental requirement, unless you're promoting systems to further enhance the power of the surveillance state.
but I am not an expert in monero's details. Just speak by intuition, somehow educated guess, as my knowledge comes from coding a comparable system.
On Mon, 08 Jun 2020 09:52:23 +0000 "other.arkitech" <other.arkitech@protonmail.com> wrote:
In this scenario: *traffic analysis attacking vectors are addressed in the anon overlay *transactions of the blockchain go in clear, revealing source address, amount, dest address.
is that what you are propsing?
Sent with ProtonMail Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Monday, June 8, 2020 9:03 PM, Punk-Stasi 2.0 <punks@tfwno.gf> wrote:
On Mon, 08 Jun 2020 09:52:23 +0000 "other.arkitech" other.arkitech@protonmail.com wrote:
In this scenario: *traffic analysis attacking vectors are addressed in the anon overlay *transactions of the blockchain go in clear, revealing source address, amount, dest address.
is that what you are propsing?
just talking, thinking about it. I'll stand on clear tx until any form of compromise in anonymity that cannot be tackled in the overlay that obfuscates network traffic
"other.arkitech" <other.arkitech@protonmail.com> wrote:
Privacy to me falls more on the ability to do real P2P end2end (real end2end) encrypted trades between 2 nodes without awareness of the rest.
how does that work? Is it something similar to the lightning network, using the 'public system' to settle potential disagreements?
Sent with ProtonMail Secure Email. ‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, June 6, 2020 10:15 PM, Punk-Stasi 2.0 <punks@tfwno.gf> wrote:
"other.arkitech" other.arkitech@protonmail.com wrote:
Privacy to me falls more on the ability to do real P2P end2end (real end2end) encrypted trades between 2 nodes without awareness of the rest.
how does that work? Is it something similar to the lightning network, using the 'public system' to settle potential disagreements?
it is fair comparison, but as opposed to LN, USPS does not use a different network. The same set of nodes that create the public system are building a separate mesh of P2P connections where they trade each other. The private system. The private system would be the main source of public transactions, both systems can create a closed economic ecosystem.
participants (6)
-
\0xDynamite
-
grarpamp
-
Karl
-
other.arkitech
-
Punk-Stasi 2.0
-
Zenaan Harkness