Cryptocurrencies: alpha-11 US-Public System released

[other.arkitech]

‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐
On Tuesday, February 4, 2020 12:22 PM, grarpamp <grarpamp at gmail.com> wrote:

> On 1/31/20, other.arkitech other.arkitech at protonmail.com wrote:
>
> > coining the abbreviation USPS
>
> It seems like a coin, coins have tickers.
> It's not much of a good one, sounds too much like
> Postal Services, United Parcel, too much USA.
>
> > Important: SSH only applies to nodes I control because owners voluntarily
> > allowed for development.
>
> > No one else but you enter the box.
>
> If past is right, it was enabled by default in the image and could login
> to all the users machines, and required all users to register their
> IP to you before they could run their nodes.
>
> > There is a reason for using IP4, see below.


I have a ssh access to many of the existing nodes, as people who run them, (some I know, some I don't know who is behind), understands I need it for development purposes.
This is ok for alpha status and is also low risk while the value is low.



>
> It's invalidated by both easy and inexpensive attack models.
> Especially before masses supercede over Sybil.
> So there is not point to this IPv4, early, or later.
> Unless there is some whitepaper to show different.
>

The whitepaper is in the kitchen, but is a slow cook.
Remember that this system is in late-development stage. It won't be officially released until the current alpha-11 evolve to 1.0


> > Users have a linux box with root access protecting their wallet.
>
> No, users have a closed source USPS box that they have
> no idea what it is doing with their funds and their interaction
> with it. There is zero protection there. Users would be insane
> to put funds on closed source remotely accessible box that
> some license and mandatory autoupdates further shove
> centralized counterparty control risk down users throats.
>
> > Software updates are pulled like your OS pulls updates from repositories.
>
> Ask your local FinTech dayjob how scary that is.... no, no, no.

I bet they all have their operating system automatic updates turned on as they ought to do to keep their systems updated.

>
> > You can find a number of devices at your home fitting this model: Router,
> > TV, Windows.
>
> All of those closed devices are untrustable surveillance, attack,
> and propaganda boxes that should be hit with a hammer.
>

USPS this node will be trustable and secure on 1.0
because the dev-tools that are present during alpha will be gone, an the software will be released open-source.


> > It is not an irrelevant parallelism. USPS box is debian Linux where you can
> > login as root. Most routers that run proprietary software inside don't let
> > you in as root, but you still run it.
>
> An opensource BSD/linux router that users can hack
> on is an irrelavant nonexample.
>
> Root access to USPS doesn't matter much when USPS users cannot
> hack on and run USPS however they want due to closedsource and
> license. That's a relavant distributed fintech security issue,
>
> > it is a system that cares about your private data.
> > not only financial data, everithing fits, medical records, pics, ...
> > Security is maxed in this project.
>
> Needs a whitepaper to evaluate this.

This is a project aimed to maximize privacy, the whitepaper will tell the details.

>
> > The consensus algorithms do not exchange private data.
> > redundancy of information makes its potential utility unneccesary,
> > man-in-the-middle modifying traffic does not impact in the consensus.
> > TLS comes important only in private P2P trades.
>
> Was a basic analyse the failure modes and breadth of possible attack even done.
> At minimum, every users transaction is spyable... srcIP, dstIP, content,
> as it is broadcast across the network.
> "Private P2P trades" are probably not private because they
> too need to ripple information across the spy network to
> register in consensus crunching pools, etc.
> All the miners mempools or whatever you call them
> will know exactly what IP hops the tx came from.
>

Using encrypted communication is impossible (provably impossible) to determine the originating node of a transaction.
Using clear communication, is a not easy problem to deduce the originating address of a transaction.

A transaction contains input and output addresses, which are already anonymized.

So it offers pretty good privacy.

The most you can know is that a particular IP address operates a node, difficult to breach privacy.
Only "The Man" and your Internet Company could transform IP4 into your personna.



> > TLS does little for security,
> > That's why BTC does not need encryption.
> > Also USPS doesn't need it
>
> Haha, that was the bad joke the NSA police politician propaganda
> played on you :)

I am connected to politics in no way.


> Everything that traverses clearnet needs at least some basic TLS
> mode... TOFU, PSK, oppurtunistic... or other good crypto.
> TLS is free, to refuse to crypt every single connection today, looks even more
> stupid than it did in 2010 and 2000. Regardless even if it only make
> it tiny little
> harder for adversary, it is non optional today.
>

There is no security issue in transmitting a public key in clear, and there is a notable gain in performance. Tradeoff.


> > > But auto rolling updates to the users fintech without users
> > > permission risks wiping out the entire network, and peoples
> > > coins with it.
>
> > That's foolish reasoning because pulling and auto-pulling differs little.
>
> No, auto-pull auto-run is vastly different from manual-pull manual-run.
>

No, manual-pulling and auto-pulling differs little. The difference is the former requires human intervention.

An automatic system with a human loop is an error.
You can always turn in to manual for debugging or other purposes, but not as a stable node in the network, which needs to evolve without leaving nodes behind.


> > You voluntarily allow or disallow your binaries are in sync with the rest of
> > the network, one-time setting.
>
> Users should set it to OFF until they can eval and test
> and talk about it with others.
>
> > Only when the project gains user base an open source community will be
> > started, with reproducible builds of course and ALL code open.
> > Not before, there is no point to opensource it before time.
> > Honestly, what are you going to do with 40K lines of C++ code? without user
> > base you would not review a single file. Pointless at this stage to open
> > source.
>
> These ways is not how true opensource projects operate.
>

of course not, because until 1.0 the software is closed-source.


> > I do share the code with devs for specific patches under NDA.
>
> As before, how exactly are you going to enforce that NDA?
> How exactly are you going to enforce your nonfree License /
Copyright?


I am not going to enforce anything legal, nor particularly control or dedicate resources on that route. These are just legalities that prevent corps to misuse the tech.

NDA or written agreements state that nobody with access to the source code will publish it before I decide when. They work as a compromise of collaboration under non-disclose conditions.

Do I need to explain private trades are 100% legitimate?


> How exactly are you going to stop users plugging it into overlay networks?


I encourage overlay networks. In fact I run more than one.

>
> Do you think cryptoanarchy cares about those things?
>

It does care about the values I've put in this system: self-autonomy, privacy, P2P, no intermediaries, fair, flat societies.

> Are you going to beg and vote and pay for the State to go shoot people dead?
>
> > It is fully AGPL only of the software is executed on a licenced mainnet
>
> Then it seems not AGPL, it seems some proprietary license that cannot
> use the name AGPL. Good luck...
>
> https://www.gnu.org/licenses/agpl-3.0.en.html
>


The source code was AGPL, available and compiled by all nodes to generate their own binaries from 2017 to 2019. Then I closed sources on alpha-10 until 1.0


> > The point is that to perform Sybil carries a considerable cost. That's the
> > fundamental law sustaining hashcash (BTC's PoW)
>
> PoW is hard real work. IPv4 are artificial and cheap,
> entire CIDRs and neighborhoods will be rented, and cracked
> boxes, and source code changed, and more.
>
> The only reason distributed real cryptos work is mutual financial
> disincentive against breaking the rules. If Sybil breaks the rules,
> Sybil loses value in proportion to the breakage, therefore Sybil
> does not break the rules.
>
> IPv4 seems artifical restriction upon users freedom and privacy.

It is a preventive artificial restriction.
(Think Bitcoin 1Mb block max size limit). It prevents a form of attack in which many evil nodes are created biasing the consensus algorithm and overtaking the network.



>
> Unless there is whitepaper formally showing why it is not.
>

It will exist before release of 1.0.

> > > > I first solve the system assuming IP4 disclosure is OK for 80% of the
> > > > people.

I said 80% of the people do not care about telling the world their IP address. (when I don't know real number I apply 80-20 rule as an asumption)


>
> You said 100% of the people must disclose their IPv4 to run
> their node, seems assume that 100% of people will be happy with
> no privacy. Now you say 80%. But how can that 20% happen if you
> don't let users run over overlay networks?
>

I didn't say that. You misinterpreted what I meant with 80%


> > And this is to allow a resiliency model based on number of nodes (as oposed
> > to CPU power), which is much more aligned with democracy, as every node
> > benefits from the profit generated by the system evenly.
>
> Where is the whitepaper on this democracy.
>

1 node-1 vote. this is the democratic model.


> > It is not premine, everything 'mined' so far has done in the clear.
>
> USPS meets one of crypto internets definition of crypto premine already above.
>
> USPS had private selected closed-invitation-only-mode for ~4 months,
> and secret hush hush cabal for 1+ year, and no sourcecode ever.
>
> That's hardly free, fair, opensource, and in the clear, freedom
> for all to come and play from day one of Genesis no restrictions.
> USPS is going to take heat for that.
>
> > It is easy to verify how many 'satoshis' should be a in circulation since
> > genesis.
>
> What if there "should be" 10, how are you going to show the users
> that there "are exactly" 10?
> How are they going to know the bags in the current network hold exactly 9?
>
> > And easy to verify the theoretical number matches the actual amount in
> > circulation.
> > Proving that no alterations to cryptoeconomics has been done since then.
>
> Even privacy coin like ZEC XMR has ways to evaluate the coinbase and inflation.
>
> With no code and no paper, users cannot.
>
> > ask to restart
>
> Many from the crypto internet would suggest USPS a new Genesis.
>
> > How this action would be taken by people who are running a node since long
> > ago?
>
> USPS and them was not a fair and open start, it seems a premine,
> so this question does not matter.
>
> > I could not do this announcements because there wasn't resources to do so.
> > Although discrete announcements was made on public forums like reddit,
> > https://www.reddit.com/r/cryptodevs/comments/abs2yj/low_cost_public_system/
>
> That's a low traffic niche dev forum, not something mass popular like
> /r/cryptocurrency,
> /r/raspberry_pi, or even /r/btc, /r/netsec, /r/privacy, etc. Post cost
> is $zero resource.
>
> > So, from your perspective this could be a premine, from the perspective of
> > current running nodes the network is going on.
>
> Go ask popular reddit cryptocurrency forums what they think
> the modes and effects of a premine is. Don't ask me.
>
> > Premine means reserving a share of tokens before launch. USPS didn't do
> > this.
>
> USPS hush team have received a share of tokens before
> general public release launch. Matters they did, not how.
>


There is no team, hus hus team or anything like this.
There are nodes, some of them are run by FFF and others are organic growth (friends of friends, or random people I meet in my journey)


> > What USPS did was to grow slow in the open.
>
> No, it seems was to selected FFF and hush hush team.
>
> > Anyway, Satoshi Nakamoto accumulated million bitcoins, you accuse me of
> > pre-mining and if I did, Satoshi did.
>
> Satoshi released opensource code and whitepaper, no restrictions,
> freedom for all, to the world, new Genesis, first... certainly before
> mining any significant like millions. Most definitely nor for over year
> before wide release in relative quiet.
>
> > USPS is not a coin.
> > USPS is more than a coin
> > You can create your own coin in it though.
> > Dont call it coin please. It is not a coin.
>
> You said and implied in times and places that it is a coin.
> It seems fundamental underpinning is as a coin function.

It is not a Coin, A Coin is an element of a platform that can run multiple Coins.


> It proposed to buy/sell/trade as a coin.
> Whatever social wrappers anyone put around it, it still seems coin function.
>
> > I don't know what you nmean by privacy coin.
>
> Search: "privacy coins"
>

UPSP doesn't fit the definition of Privacy Coin, as a
privacy Coin encrypt their transactions to protect public keys/addresses/signatures from being observed.
This is not strictly the case of USPS where the protocol can safely
operate in clear and transactuions are public. The relay model of USPS works exactly like bitcoin does.


> > You can always join to be earlier than the rest, everyone is invited to join
> > the earliers.
> > Obviously there are people who are already running nodes, they all deserve
> > every penny they earnt since they joined.
>
> Most sane people are going to want to see paper and source before
> they invest any time or money in buying, setting up, and running
> something. If that takes long maybe they will consider it likely to
> be mined out and decline to adopt, which drives pennies to zero.
>


Those would need to wail until 1.0 is released with all the documentation and source code.
Early birds now are those who accept the development status of the system and do not complain about the current restrictions. Instead, they would operate a node as user and test the conveniente of the features, the performance, and usability.


> > When user base is big enough a dev-community will be started. GPL
>
> GPL? Then where did AGPL go.
>

That was picky. Not incoherent from my side, I used GPL as a way to say GPL-ish. Free software in any case.


> > >     Else you will have everyone publicly declaring you and
> > >     these 60 nodes of 1+ year worth of premine as frauds,
> > >
> >
> > This would be real FUD in an excercise of twisting the reality.
>
> The internet of cryptocurrency is very likely to view USPS
> as a premine. That is just information for your consideration.
>
> The internet is not my retarded self, and is not on this list,
> the internet is out there somewhere :)
>
> > You can do basic macroeconomic math as explained above.
>
> Potential adopters cannot do that without the paper and source.
>
> > Anyway who cares about how much crypto has been generated so far
>
> Yes, if amount in the coinbase and inflation mean nothing to them,
> then they should just stick to Fiat, because then Fiat is what they will get.
>
> > still in alpha, there's plenty of time and little amount has been pumped in
> > comparison with the max. [int64 space]
>
> Meaningless without paper and source.
>
> > I cannot let them down restarting the blockchain.
>
> But you just said there is plenty of "int64" left for them ;-)


I accept there exist premine if is is understood that
at the moment of the public announcement of version 1.0

353114361543892 out of an int64 have been issued among the ~100 nodes that secured the network from alpha-rc1 to 1.0
This is 0.0038285%

See ref: http://otheravu4v6pitvw.onion/misc/screenshots_gov.txt
search for "cash in circulation"

Call it premine. I don't care. I only care of securing a ledger and it takes skill, time and descomunal effort to listen to people complaining about premine, specially if we are talking about a ridiculous number.



>
> > Basically the number every node has earned are directly proportional to the
> > time they've been in. Fair.
>
> Better to ask the internet of cryptocurrency about any fair.