:: Re: [unSYSTEM] DarkCoin
Top Page
Delete this message
Reply to this message
Author: Kristov Atlas
Date:  
To: System undo crew
Subject: Re: [unSYSTEM] DarkCoin
Thanks for the commentary, Odinn. I wanted to just briefly clarify a few
points from my vantage:

On 05/22/2014 08:16 AM, Odinn Cyberguerrilla wrote:
> Darkcoin is indeed out and based on a coinjoin concept, but I'm not sure
> that Darkcoin is actually anonymous strictly. Additionally from what I
> have observed, the master nodes are a serious vulnerability at present in
> Darkcoin.

Keep in mind that nothing is "anonymous" -- anonymity is a mathematical
term for measuring the number of actors you can be mistaken for.
Therefore phrases like "strictly anonymous" do not have meaning.

> Zerocash on the other hand which will run based on bitcoin 0.9.1 code,
> will present anonymity.
> http://zerocash-project.org/how_zerocash_works.html
> Apparently, all its code is not yet out in public view, it's different /
> lighter than the initial zerocoin implementation, and the zerocash stuff
> being discussed won't be out supposedly for sometime between 3 to 6
> months, as discussed here
> https://twitter.com/secparam/status/468799366489047042
>
> See also this https://twitter.com/secparam/status/468784402558771200

The main challenge with Zerocash is reliance on setup by a trusted
party. Quoted from the latest zerocash paper:

"System setup: The algorithm generates a list of public parameters:
inputs: security parameter
outputs: public parameters pp
The algorithm is executed by a trusted party. The resulting public
parameters pp are published and made available to all parties (e.g., by
embedding them into the protocol's implementation). The setup is done
only once; afterwards, no trusted party is needed, and no global secrets
or trapdoors are kept."

Who do YOU trust do perform this setup step? I don't trust anyone,
including myself since my hardware could be tampered with. I think
they'll need to devise a multi-party computation protocol to do this so
that the risk of untrustworthiness is at least distributed among many
actors.

>
>
> I see the ecology of anonymous cryptos as just in the blossoming stages,
> but really taking off in 2015, at which point there will be several
> anonymous currencies based on bitcoin that anyone can use from a full
> client wallet or a light wallet, probably the following:
>
> Anoncoin


As far as I can tell, Anoncoin has accomplished nothing and will
continue not to until they are able to incorporate the Zerocash tech. I
believe they aspire to be a Zerocash fork.

> Darkcoin
> Zerocash (which will work with bitcoin or other non-anonymous 'basecoin'
> as described in the zerocash site)

The other one that is missing is the crypto-currencies based on the
CryptoNote technology, using ring signatures to provide input anonymity.
See such instantiations as ByteCoin, Monero, etc.

>
> Additionally, I see the following developments as significant that will
> aid adoption:
> https://darkwallet.is/
> from spesmilo/sx at https://github.com/spesmilo/sx
> https://github.com/spesmilo/sx/tree/master/tools
> see also http://abis.io


I hope we can get the sx folks to produce a binary soon so we can get it
working with Tails linux. :-)

-Kristov