:: Re: [unSYSTEM] ZeroCash - zero know…
Página Principal
Delete this message
Reply to this message
Autor: Chris Pacia
Data:  
Para: unsystem
Assunto: Re: [unSYSTEM] ZeroCash - zero knowledge proof, seems promising
Darkcoin still uses inputs and outputs though right? Where does the ring
come in, at signing? How do it stop guarantee the facilitator can't map
inputs with outputs?


On 05/19/2014 08:57 PM, Kristov Atlas wrote:
> You join a group of people (ring) and share pubkeys, forming an
> aggregate ring pubkey. The crypto works so that others can confirm
> that a tx was signed with the appropriate privkey to spend, but they
> won't be able to tell which party in the ring signed it. I imagine
> this could work ad hoc using another party to orchestrate (e.g.
> obelisk server) or it could be arranged ahead of time and be performed
> asynchronously. All the parties need to do is exchange pubkeys, they
> don't need to continue signing each tx in the future. I'm not sure on
> this, but it may be even possible to scale that ring up to the size of
> all users of a crypto-currency willing to pre-publish their pubkey.
>
> More details: http://en.wikipedia.org/wiki/Ring_signature
>
> I talked about this in the most recent episode of Dark News (timestamp
> in the video description): https://www.youtube.com/watch?v=s1oGuJv-Mbs
>
> -Kristov
>
> On 05/19/2014 08:44 PM, Chris Pacia wrote:
>> How do the ring signatures work in practice? Does it still require
>> connecting to server sending the outputs, disconnecting/reconnecting,
>> sending the inputs to remain private? Or can you just upload one
>> chunk of data to the server?
>>
>> On 05/19/2014 05:00 PM, Kristov Atlas wrote:
>>> A multi party protocol for distributing the responsibility of
>>> generating that entropy might help.
>>>
>>> Right now I'm more excited about the ring signature tech going into
>>> the next version of Darkcoin's DarkSend. What do people think about
>>> ring signatures?
>>>
>>> -Kristov Atlas
>>>
>>> On May 19, 2014, at 13:04, Thomas Hartman <thomas@???
>>> <mailto:thomas@standardcrypto.com>> wrote:
>>>
>>>> You have to trust whoever generates the entropy for super duper
>>>> private key as a one time thing. Otherwise the key owner can steal
>>>> coins.
>>>>
>>>> Seems like a showstopper to me.
>>>>
>>>> Maybe doable with side chains, so if any one chain is compromised
>>>> the other chains can still work.
>>>>
>>>> But we don't have side chains.
>>>>
>>>> So, it's very proof of concept and maybe in the future.
>>>>
>>>>
>>>> On Mon, May 19, 2014 at 9:16 AM, Amir Taaki <genjix@???
>>>> <mailto:genjix@riseup.net>> wrote:
>>>>
>>>>     http://zerocash-project.org/media/pdf/zerocash-extended-20140518.pdf

>>>>
>>>>
>>>>
>>>>     _______________________________________________
>>>>     unSYSTEM mailing list: http://unsystem.net
>>>>     https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem

>>>>
>>>>
>>>> _______________________________________________
>>>> unSYSTEM mailing list: http://unsystem.net
>>>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem
>>>
>>>
>>> _______________________________________________
>>> unSYSTEM mailing list: http://unsystem.net
>>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem
>>
>>
>>
>> _______________________________________________
>> unSYSTEM mailing list: http://unsystem.net
>> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem
>
>
>
> _______________________________________________
> unSYSTEM mailing list: http://unsystem.net
> https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/unsystem