Darkcoin still uses inputs and outputs though right? Where does the ring
come in, at signing? How do it stop guarantee the facilitator can't map
inputs with outputs?
On 05/19/2014 08:57 PM, Kristov Atlas wrote:
> You join a group of people (ring) and share pubkeys, forming an
> aggregate ring pubkey. The crypto works so that others can confirm
> that a tx was signed with the appropriate privkey to spend, but they
> won't be able to tell which party in the ring signed it. I imagine
> this could work ad hoc using another party to orchestrate (e.g.
> obelisk server) or it could be arranged ahead of time and be performed
> asynchronously. All the parties need to do is exchange pubkeys, they
> don't need to continue signing each tx in the future. I'm not sure on
> this, but it may be even possible to scale that ring up to the size of
> all users of a crypto-currency willing to pre-publish their pubkey.
>
> More details: http://en.wikipedia.org/wiki/Ring_signature
>
> I talked about this in the most recent episode of Dark News (timestamp
> in the video description): https://www.youtube.com/watch?v=s1oGuJv-Mbs
>
> -Kristov
>
> On 05/19/2014 08:44 PM, Chris Pacia wrote:
>> How do the ring signatures work in practice? Does it still require
>> connecting to server sending the outputs, disconnecting/reconnecting,
>> sending the inputs to remain private? Or can you just upload one
>> chunk of data to the server?
>>
>> On 05/19/2014 05:00 PM, Kristov Atlas wrote:
>>> A multi party protocol for distributing the responsibility of
>>> generating that entropy might help.
>>>
>>> Right now I'm more excited about the ring signature tech going into
>>> the next version of Darkcoin's DarkSend. What do people think about
>>> ring signatures?
>>>
>>> -Kristov Atlas
>>>
>>> On May 19, 2014, at 13:04, Thomas Hartman <thomas@???
>>> <mailto:thomas@standardcrypto.com>> wrote:
>>>
>>>> You have to trust whoever generates the entropy for super duper
>>>> private key as a one time thing. Otherwise the key owner can steal
>>>> coins.
>>>>
>>>> Seems like a showstopper to me.
>>>>
>>>> Maybe doable with side chains, so if any one chain is compromised
>>>> the other chains can still work.
>>>>
>>>> But we don't have side chains.
>>>>
>>>> So, it's very proof of concept and maybe in the future.
>>>>
>>>>
>>>> On Mon, May 19, 2014 at 9:16 AM, Amir Taaki <genjix@???
>>>> <mailto:genjix@riseup.net>> wrote:
>>>>
>>>> http://zerocash-project.org/media/pdf/zerocash-extended-20140518.pdf
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> unSYSTEM mailing list: http://unsystem.net
>>>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem
>>>>
>>>>
>>>> _______________________________________________
>>>> unSYSTEM mailing list: http://unsystem.net
>>>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem
>>>
>>>
>>> _______________________________________________
>>> unSYSTEM mailing list: http://unsystem.net
>>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem
>>
>>
>>
>> _______________________________________________
>> unSYSTEM mailing list: http://unsystem.net
>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem
>
>
>
> _______________________________________________
> unSYSTEM mailing list: http://unsystem.net
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem
::
Re: [unSYSTEM] ZeroCash - zero know…
