:: Re: [unSYSTEM] ZeroCash - zero know…
Kezdőlap
Delete this message
Reply to this message
Szerző: Kristov Atlas
Dátum:  
Címzett: System undo crew
Tárgy: Re: [unSYSTEM] ZeroCash - zero knowledge proof, seems promising
You join a group of people (ring) and share pubkeys, forming an
aggregate ring pubkey. The crypto works so that others can confirm that
a tx was signed with the appropriate privkey to spend, but they won't be
able to tell which party in the ring signed it. I imagine this could
work ad hoc using another party to orchestrate (e.g. obelisk server) or
it could be arranged ahead of time and be performed asynchronously. All
the parties need to do is exchange pubkeys, they don't need to continue
signing each tx in the future. I'm not sure on this, but it may be even
possible to scale that ring up to the size of all users of a
crypto-currency willing to pre-publish their pubkey.

More details: http://en.wikipedia.org/wiki/Ring_signature

I talked about this in the most recent episode of Dark News (timestamp
in the video description): https://www.youtube.com/watch?v=s1oGuJv-Mbs

-Kristov

On 05/19/2014 08:44 PM, Chris Pacia wrote:
> How do the ring signatures work in practice? Does it still require
> connecting to server sending the outputs, disconnecting/reconnecting,
> sending the inputs to remain private? Or can you just upload one chunk
> of data to the server?
>
> On 05/19/2014 05:00 PM, Kristov Atlas wrote:
>> A multi party protocol for distributing the responsibility of
>> generating that entropy might help.
>>
>> Right now I'm more excited about the ring signature tech going into
>> the next version of Darkcoin's DarkSend. What do people think about
>> ring signatures?
>>
>> -Kristov Atlas
>>
>> On May 19, 2014, at 13:04, Thomas Hartman <thomas@???
>> <mailto:thomas@standardcrypto.com>> wrote:
>>
>>> You have to trust whoever generates the entropy for super duper
>>> private key as a one time thing. Otherwise the key owner can steal
>>> coins.
>>>
>>> Seems like a showstopper to me.
>>>
>>> Maybe doable with side chains, so if any one chain is compromised
>>> the other chains can still work.
>>>
>>> But we don't have side chains.
>>>
>>> So, it's very proof of concept and maybe in the future.
>>>
>>>
>>> On Mon, May 19, 2014 at 9:16 AM, Amir Taaki <genjix@???
>>> <mailto:genjix@riseup.net>> wrote:
>>>
>>>     http://zerocash-project.org/media/pdf/zerocash-extended-20140518.pdf

>>>
>>>
>>>
>>>     _______________________________________________
>>>     unSYSTEM mailing list: http://unsystem.net
>>>     https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem

>>>
>>>
>>> _______________________________________________
>>> unSYSTEM mailing list: http://unsystem.net
>>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem
>>
>>
>> _______________________________________________
>> unSYSTEM mailing list:http://unsystem.net
>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem
>
>
>
> _______________________________________________
> unSYSTEM mailing list: http://unsystem.net
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem