merkle tree Bitcoin News

Bob The Magic Custodian



Summary: Everyone knows that when you give your assets to someone else, they always keep them safe. If this is true for individuals, it is certainly true for businesses.
Custodians always tell the truth and manage funds properly. They won't have any interest in taking the assets as an exchange operator would. Auditors tell the truth and can't be misled. That's because organizations that are regulated are incapable of lying and don't make mistakes.

First, some background. Here is a summary of how custodians make us more secure:

Previously, we might give Alice our crypto assets to hold. There were risks:

But "no worries", Alice has a custodian named Bob. Bob is dressed in a nice suit. He knows some politicians. And he drives a Porsche. "So you have nothing to worry about!". And look at all the benefits we get:
See - all problems are solved! All we have to worry about now is:
It's pretty simple. Before we had to trust Alice. Now we only have to trust Alice, Bob, and all the ways in which they communicate. Just think of how much more secure we are!

"On top of that", Bob assures us, "we're using a special wallet structure". Bob shows Alice a diagram. "We've broken the balance up and store it in lots of smaller wallets. That way", he assures her, "a thief can't take it all at once". And he points to a historic case where a large sum was taken "because it was stored in a single wallet... how stupid".
"Very early on, we used to have all the crypto in one wallet", he said, "and then one Christmas a hacker came and took it all. We call him the Grinch. Now we individually wrap each crypto and stick it under a binary search tree. The Grinch has never been back since."

"As well", Bob continues, "even if someone were to get in, we've got insurance. It covers all thefts and even coercion, collusion, and misplaced keys - only subject to the policy terms and conditions." And with that, he pulls out a phone-book sized contract and slams it on the desk with a thud. "Yep", he continues, "we're paying top dollar for one of the best policies in the country!"
"Can I read it?' Alice asks. "Sure," Bob says, "just as soon as our legal team is done with it. They're almost through the first chapter." He pauses, then continues. "And can you believe that sales guy Mike? He has the same year Porsche as me. I mean, what are the odds?"

"Do you use multi-sig?", Alice asks. "Absolutely!" Bob replies. "All our engineers are fully trained in multi-sig. Whenever we want to set up a new wallet, we generate 2 separate keys in an air-gapped process and store them in this proprietary system here. Look, it even requires the biometric signature from one of our team members to initiate any withdrawal." He demonstrates by pressing his thumb into the display. "We use a third-party cloud validation API to match the thumbprint and authorize each withdrawal. The keys are also backed up daily to an off-site third-party."
"Wow that's really impressive," Alice says, "but what if we need access for a withdrawal outside of office hours?" "Well that's no issue", Bob says, "just send us an email, call, or text message and we always have someone on staff to help out. Just another part of our strong commitment to all our customers!"

"What about Proof of Reserve?", Alice asks. "Of course", Bob replies, "though rather than publish any blockchain addresses or signed transaction, for privacy we just do a SHA256 refactoring of the inverse hash modulus for each UTXO nonce and combine the smart contract coefficient consensus in our hyperledger lightning node. But it's really simple to use." He pushes a button and a large green checkmark appears on a screen. "See - the algorithm ran through and reserves are proven."
"Wow", Alice says, "you really know your stuff! And that is easy to use! What about fiat balances?" "Yeah, we have an auditor too", Bob replies, "Been using him for a long time so we have quite a strong relationship going! We have special books we give him every year and he's very efficient! Checks the fiat, crypto, and everything all at once!"

"We used to have a nice offline multi-sig setup we've been using without issue for the past 5 years, but I think we'll move all our funds over to your facility," Alice says. "Awesome", Bob replies, "Thanks so much! This is perfect timing too - my Porsche got a dent on it this morning. We have the paperwork right over here." "Great!", Alice replies.
And with that, Alice gets out her pen and Bob gets the contract. "Don't worry", he says, "you can take your crypto-assets back anytime you like - just subject to our cancellation policy. Our annual management fees are also super low and we don't adjust them often".

How many holes have to exist for your funds to get stolen?
Just one.

Why are we taking a powerful offline multi-sig setup, widely used globally in hundreds of different/lacking regulatory environments with 0 breaches to date, and circumventing it by a demonstrably weak third party layer? And paying a great expense to do so?
If you go through the list of breaches in the past 2 years to highly credible organizations, you go through the list of major corporate frauds (only the ones we know about), you go through the list of all the times platforms have lost funds, you go through the list of times and ways that people have lost their crypto from identity theft, hot wallet exploits, extortion, etc... and then you go through this custodian with a fine-tooth comb and truly believe they have value to add far beyond what you could, sticking your funds in a wallet (or set of wallets) they control exclusively is the absolute worst possible way to take advantage of that security.

The best way to add security for crypto-assets is to make a stronger multi-sig. With one custodian, what you are doing is giving them your cryptocurrency and hoping they're honest, competent, and flawlessly secure. It's no different than storing it on a really secure exchange. Maybe the insurance will cover you. Didn't work for Bitpay in 2015. Didn't work for Yapizon in 2017. Insurance has never paid a claim in the entire history of cryptocurrency. But maybe you'll get lucky. Maybe your exact scenario will buck the trend and be what they're willing to cover. After the large deductible and hopefully without a long and expensive court battle.

And you want to advertise this increase in risk, the lapse of judgement, an accident waiting to happen, as though it's some kind of benefit to customers ("Free institutional-grade storage for your digital assets.")? And then some people are writing to the OSC that custodians should be mandatory for all funds on every exchange platform? That this somehow will make Canadians as a whole more secure or better protected compared with standard air-gapped multi-sig? On what planet?

Most of the problems in Canada stemmed from one thing - a lack of transparency. If Canadians had known what a joke Quadriga was - it wouldn't have grown to lose $400m from hard-working Canadians from coast to coast to coast. And Gerald Cotten would be in jail, not wherever he is now (at best, rotting peacefully). EZ-BTC and mister Dave Smilie would have been a tiny little scam to his friends, not a multi-million dollar fraud. Einstein would have got their act together or been shut down BEFORE losing millions and millions more in people's funds generously donated to criminals. MapleChange wouldn't have even been a thing. And maybe we'd know a little more about CoinTradeNewNote - like how much was lost in there. Almost all of the major losses with cryptocurrency exchanges involve deception with unbacked funds.
So it's great to see transparency reports from BitBuy and ShakePay where someone independently verified the backing. The only thing we don't have is:
It's not complicated to validate cryptocurrency assets. They need to exist, they need to be spendable, and they need to cover the total balances. There are plenty of credible people and firms across the country that have the capacity to reasonably perform this validation. Having more frequent checks by different, independent, parties who publish transparent reports is far more valuable than an annual check by a single "more credible/official" party who does the exact same basic checks and may or may not publish anything. Here's an example set of requirements that could be mandated:
There are ways to structure audits such that neither crypto assets nor customer information are ever put at risk, and both can still be properly validated and publicly verifiable. There are also ways to structure audits such that they are completely reasonable for small platforms and don't inhibit innovation in any way. By making the process as reasonable as possible, we can completely eliminate any reason/excuse that an honest platform would have for not being audited. That is arguable far more important than any incremental improvement we might get from mandating "the best of the best" accountants. Right now we have nothing mandated and tons of Canadians using offshore exchanges with no oversight whatsoever.

Transparency does not prove crypto assets are safe. CoinTradeNewNote, Flexcoin ($600k), and Canadian Bitcoins ($100k) are examples where crypto-assets were breached from platforms in Canada. All of them were online wallets and used no multi-sig as far as any records show. This is consistent with what we see globally - air-gapped multi-sig wallets have an impeccable record, while other schemes tend to suffer breach after breach. We don't actually know how much CoinTrader lost because there was no visibility. Rather than publishing details of what happened, the co-founder of CoinTrader silently moved on to found another platform - the "most trusted way to buy and sell crypto" - a site that has no information whatsoever (that I could find) on the storage practices and a FAQ advising that “[t]rading cryptocurrency is completely safe” and that having your own wallet is “entirely up to you! You can certainly keep cryptocurrency, or fiat, or both, on the app.” Doesn't sound like much was learned here, which is really sad to see.
It's not that complicated or unreasonable to set up a proper hardware wallet. Multi-sig can be learned in a single course. Something the equivalent complexity of a driver's license test could prevent all the cold storage exploits we've seen to date - even globally. Platform operators have a key advantage in detecting and preventing fraud - they know their customers far better than any custodian ever would. The best job that custodians can do is to find high integrity individuals and train them to form even better wallet signatories. Rather than mandating that all platforms expose themselves to arbitrary third party risks, regulations should center around ensuring that all signatories are background-checked, properly trained, and using proper procedures. We also need to make sure that signatories are empowered with rights and responsibilities to reject and report fraud. They need to know that they can safely challenge and delay a transaction - even if it turns out they made a mistake. We need to have an environment where mistakes are brought to the surface and dealt with. Not one where firms and people feel the need to hide what happened. In addition to a knowledge-based test, an auditor can privately interview each signatory to make sure they're not in coercive situations, and we should make sure they can freely and anonymously report any issues without threat of retaliation.
A proper multi-sig has each signature held by a separate person and is governed by policies and mutual decisions instead of a hierarchy. It includes at least one redundant signature. For best results, 3of4, 3of5, 3of6, 4of5, 4of6, 4of7, 5of6, or 5of7.

History has demonstrated over and over again the risk of hot wallets even to highly credible organizations. Nonetheless, many platforms have hot wallets for convenience. While such losses are generally compensated by platforms without issue (for example Poloniex, Bitstamp, Bitfinex, Gatecoin, Coincheck, Bithumb, Zaif, CoinBene, Binance, Bitrue, Bitpoint, Upbit, VinDAX, and now KuCoin), the public tends to focus more on cases that didn't end well. Regardless of what systems are employed, there is always some level of risk. For that reason, most members of the public would prefer to see third party insurance.
Rather than trying to convince third party profit-seekers to provide comprehensive insurance and then relying on an expensive and slow legal system to enforce against whatever legal loopholes they manage to find each and every time something goes wrong, insurance could be run through multiple exchange operators and regulators, with the shared interest of having a reputable industry, keeping costs down, and taking care of Canadians. For example, a 4 of 7 multi-sig insurance fund held between 5 independent exchange operators and 2 regulatory bodies. All Canadian exchanges could pay premiums at a set rate based on their needed coverage, with a higher price paid for hot wallet coverage (anything not an air-gapped multi-sig cold wallet). Such a model would be much cheaper to manage, offer better coverage, and be much more reliable to payout when needed. The kind of coverage you could have under this model is unheard of. You could even create something like the CDIC to protect Canadians who get their trading accounts hacked if they can sufficiently prove the loss is legitimate. In cases of fraud, gross negligence, or insolvency, the fund can be used to pay affected users directly (utilizing the last transparent balance report in the worst case), something which private insurance would never touch. While it's recommended to have official policies for coverage, a model where members vote would fully cover edge cases. (Could be similar to the Supreme Court where justices vote based on case law.)
Such a model could fully protect all Canadians across all platforms. You can have a fiat coverage governed by legal agreements, and crypto-asset coverage governed by both multi-sig and legal agreements. It could be practical, affordable, and inclusive.

Now, we are at a crossroads. We can happily give up our freedom, our innovation, and our money. We can pay hefty expenses to auditors, lawyers, and regulators year after year (and make no mistake - this cost will grow to many millions or even billions as the industry grows - and it will be borne by all Canadians on every platform because platforms are not going to eat up these costs at a loss). We can make it nearly impossible for any new platform to enter the marketplace, forcing Canadians to use the same stagnant platforms year after year. We can centralize and consolidate the entire industry into 2 or 3 big players and have everyone else fail (possibly to heavy losses of users of those platforms). And when a flawed security model doesn't work and gets breached, we can make it even more complicated with even more people in suits making big money doing the job that blockchain was supposed to do in the first place. We can build a system which is so intertwined and dependent on big government, traditional finance, and central bankers that it's future depends entirely on that of the fiat system, of fractional banking, and of government bail-outs. If we choose this path, as history has shown us over and over again, we can not go back, save for revolution. Our children and grandchildren will still be paying the consequences of what we decided today.
Or, we can find solutions that work. We can maintain an open and innovative environment while making the adjustments we need to make to fully protect Canadian investors and cryptocurrency users, giving easy and affordable access to cryptocurrency for all Canadians on the platform of their choice, and creating an environment in which entrepreneurs and problem solvers can bring those solutions forward easily. None of the above precludes innovation in any way, or adds any unreasonable cost - and these three policies would demonstrably eliminate or resolve all 109 historic cases as studied here - that's every single case researched so far going back to 2011. It includes every loss that was studied so far not just in Canada but globally as well.
Unfortunately, finding answers is the least challenging part. Far more challenging is to get platform operators and regulators to agree on anything. My last post got no response whatsoever, and while the OSC has told me they're happy for industry feedback, I believe my opinion alone is fairly meaningless. This takes the whole community working together to solve. So please let me know your thoughts. Please take the time to upvote and share this with people. Please - let's get this solved and not leave it up to other people to do.

Facts/background/sources (skip if you like):



Thoughts?
submitted by azoundria2 to QuadrigaInitiative [link] [comments]

The Privacy Coin Guide Part 1

As interest picks up in crypto again, I want to share this post I made on privacy coins again to just give the basics of their evolution. This is only part 1, and parts 2 and 3 are not available in this format, but this part is informative and basic.
If you’re looking for a quick and easy way to assess what the best privacy coin in the current space is, which has the best features, or which is most likely to give high returns, then this is not that guide. My goal is to give you the power to make your own decisions, to clearly state my biases, and educate. I really wanted to understand this niche of the crypto-space due to my background and current loyalties[1], and grasp the nuances of the features, origins and timelines of technologies used in privacy coins, while not being anything close to a developer myself. This is going to be a 3-part series, starting with an overview and basic review of the technology, then looking at its implications, and ending with why I like a specific project. It might be mildly interesting or delightfully educational. Cryptocurrencies are young and existing privacy coins are deploying technology that is a work in progress. This series assumes a basic understanding of how blockchains work, specifically as used in cryptocurrencies. If you don’t have that understanding, might I suggest that you get it? [2],[3],[4] Because cryptocurrencies have a long way to go before reaching their end-game: when the world relies on the technology without understanding it. So, shall we do a deep dive into the privacy coin space?

FIRST THERE WAS BITCOIN

Cryptocurrencies allow you to tokenize value and track its exchange between hands over time, with transaction information verified by a distributed network of users. The most famous version of a cryptocurrency in use is Bitcoin, defined as peer-to-peer electronic cash. [5] Posted anonymously in 2008, the whitepaper seemed to be in direct response to the global financial meltdown and public distrust of the conventional banking and financing systems. Although cryptographic techniques are used in Bitcoin to ensure that (i) only the owner of a specific wallet has the authority to spend funds from that wallet, (ii) the public address is linked but cannot be traced by a third party to the private address (iii) the information is stored via cryptographic hashing in a merkle tree structure to ensure data integrity, the actual transaction information is publicly visible on the blockchain and can be traced back to the individual through chain analysis.[6] This has raised fears of possible financial censorship or the metaphorical tainting of money due to its origination point, as demonstrated in the Silk Road marketplace disaster.[7] This can happen because fiat money is usually exchanged for cryptocurrency at some point, as crypto-enthusiasts are born in the real world and inevitably cash out. There are already chain analysis firms and software that are increasingly efficient at tracking transactions on the Bitcoin blockchain.[8] This lack of privacy is one of the limitations of Bitcoin that has resulted in the creation of altcoins that experiment with the different features a cryptocurrency can have. Privacy coins are figuring out how to introduce privacy in addition to the payment network. The goal is to make the cryptocurrency fungible, each unit able to be exchanged for equal value without knowledge of its transaction history – like cash, while being publicly verifiable on a decentralized network. In other words, anyone can add the math up without being able to see the full details. Some privacy solutions and protocols have popped up as a result:

CRYPTONOTE – RING SIGNATURES AND STEALTH ADDRESSES

Used in: Monero and Particl as its successor RING-CT, Bytecoin
In December 2012, CryptoNote introduced the use of ring signatures and stealth addresses (along with other notable features such as its own codebase) to improve cryptocurrency privacy.[9] An updated CryptoNote version 2 came in October 2013 [10](though there is some dispute over this timeline [11]), also authored under the name Nicolas van Saberhagen. Ring signatures hide sender information by having the sender sign a transaction using a signature that could belong to multiple users. This makes a transaction untraceable. Stealth addresses allow a receiver to give a single address which generates a different public address for funds to be received at each time funds are sent to it. That makes a transaction unlinkable. In terms of privacy, CryptoNote gave us a protocol for untraceable and unlinkable transactions. The first implementation of CryptoNote technology was Bytecoin in March 2014 (timeline disputed [12]), which spawned many children (forks) in subsequent years, a notable example being Monero, based on CryptoNote v2 in April 2014.
RING SIGNATURES and STEALTH ADDRESSES

PROS

– Provides sender and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume
-Does not hide transaction information if not combined with another protocol.

COINJOIN

Used in: Dash
Bitcoin developer Gregory Maxwell proposed a set of solutions to bring privacy to Bitcoin and cryptocurrencies, the first being CoinJoin (January 28 – Aug 22, 2013).[13],[14] CoinJoin (sometimes called CoinSwap) allows multiple users to combine their transactions into a single transaction, by receiving inputs from multiple users, and then sending their outputs to the multiple users, irrespective of who in the group the inputs came from. So, the receiver will get whatever output amount they were supposed to, but it cannot be directly traced to its origination input. Similar proposals include Coinshuffle in 2014 and Tumblebit in 2016, building on CoinJoin but not terribly popular [15],[16]. They fixed the need for a trusted third party to ‘mix’ the transactions. There are CoinJoin implementations that are being actively worked on but are not the most popular privacy solutions of today. A notable coin that uses CoinJoin technology is Dash, launched in January 2014, with masternodes in place of a trusted party.
COINJOIN

PROS

– Provides sender and receiver privacy
– Easy to implement on any cryptocurrency
– Lightweight
– Greater scalability with bulletproofs
– Mature technology

CONS

– Least anonymous privacy solution. Transaction amounts can be calculated
– Even without third-party mixer, depends on wealth centralization of masternodes

ZEROCOIN

Used in: Zcoin, PIVX
In May 2013, the Zerocoin protocol was introduced by John Hopkins University professor Matthew D. Green and his graduate students Ian Miers and Christina Garman.[17] In response to the need for use of a third party to do CoinJoin, the Zerocoin proposal allowed for a coin to be destroyed and remade in order to erase its history whenever it is spent. Zero-knowledge cryptography and zero-knowledge proofs are used to prove that the new coins for spending are being appropriately made. A zero-knowledge proof allows one party to prove to another that they know specific information, without revealing any information about it, other than the fact that they know it. Zerocoin was not accepted by the Bitcoin community as an implementation to be added to Bitcoin, so a new cryptocurrency had to be formed. Zcoin was the first cryptocurrency to implement the Zerocoin protocol in 2016. [18]
ZEROCOIN

PROS

– Provides sender and receiver privacy
– Supply can be audited
– Relatively mature technology
– Does not require a third-party

CONS

– Requires trusted setup (May not be required with Sigma protocol)
– Large proof sizes (not lightweight)
– Does not provide full privacy for transaction amounts

ZEROCASH

Used in: Zcash, Horizen, Komodo, Zclassic, Bitcoin Private
In May 2014, the current successor to the Zerocoin protocol, Zerocash, was created, also by Matthew Green and others (Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza).[19] It improved upon the Zerocoin concept by taking advantage of zero-knowledge proofs called zk-snarks (zero knowledge succinct non-interactive arguments of knowledge). Unlike Zerocoin, which hid coin origins and payment history, Zerocash was faster, with smaller transaction sizes, and hides transaction information on the sender, receiver and amount. Zcash is the first cryptocurrency to implement the Zerocash protocol in 2016. [20]
ZEROCASH

PROS

– Provides full anonymity. Sender, receiver and amount hidden.
– Privacy can be default?
– Fast due to small proof sizes.
– Payment amount can be optionally disclosed for auditing
– Does not require any third-party

CONS

– Requires trusted setup. (May be improved with zt-starks technology)
– Supply cannot be audited. And coins can potentially be forged without proper implementation.
– Private transactions computationally intensive (improved with Sapling upgrade)

CONFIDENTIAL TRANSACTIONS

Used in: Monero and Particl with Ring Signatures as RING-CT
The next proposal from Maxwell was that of confidential transactions, proposed in June 2015 as part of the Sidechain Elements project from Blockstream, where Maxwell was Chief Technical Officer.[21],[22] It proposed to hide the transaction amount and asset type (e.g. deposits, currencies, shares), so that only the sender and receiver are aware of the amount, unless they choose to make the amount public. It uses homomorphic encryption[23] to encrypt the inputs and outputs by using blinding factors and a kind of ring signature in a commitment scheme, so the amount can be ‘committed’ to, without the amount actually being known. I’m terribly sorry if you now have the urge to go and research exactly what that means. The takeaway is that the transaction amount can be hidden from outsiders while being verifiable.
CONFIDENTIAL TRANSACTIONS

PROS

– Hides transaction amounts
– Privacy can be default
– Mature technology
– Does not require any third-party

CONS

– Only provides transaction amount privacy when used alone

RING-CT

Used in: Monero, Particl
Then came Ring Confidential transactions, proposed by Shen-Noether of Monero Research Labs in October 2015.[24] RingCT combines the use of ring signatures for hiding sender information, with the use of confidential transactions (which also uses ring signatures) for hiding amounts. The proposal described a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature which “allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation”.[25] RingCT was implemented in Monero in January 2017 and made mandatory after September 2017.
RING -CONFIDENTIAL TRANSACTIONS

PROS

– Provides full anonymity. Hides transaction amounts and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume

MIMBLEWIMBLE

Used in: Grin
Mimblewimble was proposed in July 2016 by pseudonymous contributor Tom Elvis Jedusorand further developed in October 2016 by Andrew Poelstra.[26],[27] Mimblewimble is a “privacy and fungibility focused cryptocoin transaction structure proposal”.[28] The key words are transaction structure proposal, so the way the blockchain is built is different, in order to accommodate privacy and fungibility features. Mimblewimble uses the concept of Confidential transactions to keep amounts hidden, looks at private keys and transaction information to prove ownership of funds rather than using addresses, and bundles transactions together instead of listing them separately on the blockchain. It also introduces a novel method of pruning the blockchain. Grin is a cryptocurrency in development that is applying Mimblewimble. Mimblewimble is early in development and you can understand it more here [29].
MIMBLEWIMBLE

PROS

– Hides transaction amounts and receiver privacy
– Privacy is on by default
– Lightweight
– No public addresses?

CONS

– Privacy not very effective without high volume
– Sender and receiver must both be online
– Relatively new technology

ZEXE

Fresh off the minds of brilliant cryptographers (Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu), in October 2018 Zexe proposed a new cryptographic primitive called ‘decentralized private computation.[30] It allows users of a decentralized ledger to “execute offline computations that result in transactions”[31], but also keeps transaction amounts hidden and allows transaction validation to happen at any time regardless of computations being done online. This can have far reaching implications for privacy coins in the future. Consider cases where transactions need to be automatic and private, without both parties being present.

NETWORK PRIVACY

Privacy technologies that look at network privacy as nodes communicate with each other on the network are important considerations, rather than just looking at privacy on the blockchain itself. Anonymous layers encrypt and/or reroute data as it moves among peers, so it is not obvious who they originate from on the network. They are used to protect against surveillance or censorship from ISPs and governments. The Invisible Internet Project (I2P) is an anonymous network layer that uses end to end encryption for peers on a network to communicate with each other.[32] Its history dates back to 2003. Kovri is a Monero created implementation of I2P.[33] The Onion Router (Tor) is another anonymity layer [34]) that Verge is a privacy cryptocurrency that uses. But its historical link to the US government may be is concerning to some[35]. Dandelion transaction relay is also an upcoming Bitcoin improvement proposal (BIP) that scrambles IP data that will provide network privacy for Bitcoin as transaction and other information is transmitted.[36],[37],[38]

UPCOMING

Monero completed bulletproofs protocol updates that reduce RINGCT transaction sizes and thus transaction fee costs. (Bulletproofs are a replacement for range proofs used in confidential transactions that aid in encrypting inputs and outputs by making sure they add to zero).
Sigma Protocol – being actively researched by Zcoin team as of 2018 to replace Zerocoin protocol so that a trusted setup is not required.[39] There is a possible replacement for zk-snarks, called zk-starks, another form of zero-knowledge proof technology, that may make a trusted set-up unnecessary for zero-knowledege proof coins.[40]

PART 1 CONCLUSION OF THE PRIVACY COIN GUIDE ON THE TECHNOLOGY BEHIND PRIVACY COINS

Although Bitcoin is still a groundbreaking technology that gives us a trust-less transaction system, it has failed to live up to its expectations of privacy. Over time, new privacy technologies have arrived and are arriving with innovative and exciting solutions for Bitcoin’s lack of fungibility. It is important to note that these technologies are built on prior research and application, but we are considering their use in cryptocurrencies. Protocols are proposed based on cryptographic concepts that show how they would work, and then developers actually implement them. Please note that I did not include the possibility of improper implementation as a disadvantage, and the advantages assume that the technical development is well done. A very important point is that coins can also adapt new privacy technologies as their merits become obvious, even as they start with a specific privacy protocol. Furthermore, I am, unfortunately, positive that this is not an exhaustive overview and I am only covering publicized solutions. Next, we’ll talk more about the pros and cons and give an idea of how the coins can be compared.

There's a video version that can be watched, and you can find out how to get the second two parts if you want on my website (video link on the page): https://cryptoramble.com/guide-on-privacy-coins/
submitted by CryptoRamble to ethereum [link] [comments]

A breakdown of the aelf blockchain whitepaper — Part 2

A breakdown of the aelf blockchain whitepaper — Part 2

https://preview.redd.it/p9cf7c4cpri51.png?width=512&format=png&auto=webp&s=006d466a2d0ad4d4afbbffe340eb2ad44631ad27

Breaking down the aelf side-chain

Cloud computing, parallel processing, and AEDPoS have greatly improved the execution performance of any kind of smart contract, but when they are applied to enterprise-level scenarios, new problems crop up. To begin with, in software design, it is a rather bad idea to program all the methods in the same class. We always write a series of classes to inherit a base class, in order to decouple the functionalities and make the class extensible whenever needed. The same also applies to blockchain design. Second, since all the data and transactions are accessible to anyone through a blockchain explorer, if we put the smart contract and data of different enterprises or government sectors on a single blockchain, then everyone can see them, which means there will be no data privacy. Although there are encryption techniques which can mask data, such as zero knowledge proof, it is always better to put the data of different enterprises on different blockchains.
Based on these considerations, long before other projects even realized it, aelf proposed that side-chain technology should be applied to this scenario. Unfortunately, for someone who is new to blockchain, it is almost impossible to understand how side-chain works. Side-chain is not what it literally means, it is not subordinate to the main chain. On the contrary, a side chain is a blockchain distributed system with the same functions and nodes as a main chain (say, the aelf blockchain). As mentioned above, we can put the data of different enterprises on different blockchains. This means we can build many blockchains, and work magic (of course not magic in its literal sense) to make these chains connect to the aelf main chain (in fact, we can call any of these blockchains a main chain and the rest side chains). Currently, the most popular method of connecting any two blockchains, which we also call cross-chain, is using a middle-man. When we want to use bitcoin to play a decentralized game on Ethereum, we need to send a transaction with some amount of bitcoin to a locking bitcoin address, then the middle-man will exchange the locked BTC for ETH at a certain exchange rate and allocate to you the equivalent amount of ETH on Ethereum, which you can use for playing games.
But in aelf, we use a metadata indexing method, which is more straightforward. Unlike other projects who built on the blockchains of those already successful projects (such as Ethereum or the HyperLedger fabric framework for consortium blockchains), the aelf team has writen all the code and build the infrastructure from scratch. From the beginning, the aelf team has defined how the data structure of a blockchain, a block, a transaction etc. should look like in C#. In an aelf blockchain data structure, there is an attribute called blockchain ID, which is a unique hash; and in block data structure, there are several attributes called blockchain ID , Merkle tree root and related side chain block list. There is also one more important thing: all of aelf’s data structures are serialized and stored in Redis (a popular key-value pair database system), so is the side chain information. As a result, as the aelf main chain is growing with block production by BPs, other side chains can send transactions to cross-chain contracts, which then execute the related code to connect to the main chain’s network port and request the main chain to index the side chain block and pay the indexing fee.
The core issue here is how to index a side chain: when a main chain (the block data structure on the main chain, or the data records with main chain ID in Redis), receives a request from a side chain, it adds the side chain’s block head data structure to the related side chain block list, which means theoretically we have indexed or related a side chain. We have mentioned that there is also a blockchain ID in each block, this attribute allows a main chain to index blocks from different side chains. When a user on a main chain wants to access data on a side chain or vise versa, they just need to find the target block on the main chain and its related side chain block list, and then find the target block on the side chain via key indexing.
As we will explain later, blockchains for different application scenarios generate blocks at different speeds. Under such circumstances, a chain with slower speed might index many blocks from a chain that produces blocks faster. This method can be applied to scenarios such as forking.
In practice, we can build any number of blockchains, and relate it via indexing to the aelf main chain, with a specific category of smart contracts running on each of them. For example, we can allow only banking-related smart contracts deployed on a specific blockchain, and e-commerce smart contracts on another. Our whitepaper summarizes it best:
One chain, one contract.
Moreover, the indexing method can make many blockchains into a hierarchical tree structure, the root being the so-called main chain. That’s because a related blockchain can then again index another blockchain as its side chain, and the process can keep going on. Logically, this is in perfect accordance with hierarchical taxonomy, for example, the financial sector has many subcategories, such as banking, lending, investment and insurance, and under investment banking, there are venture capital, investment bank etc… Each subcategory is supported by an indexed blockchain.
So how do these blockchains collaborate in a distributed system? First we need to be know that any node in a distributed system is just a software instance running on your computer, or a process. In TCP/IP, a node is allocated a port number, so we can run any number of this type of instances on a computer. However, each instance has its own port number: we can run several blockchain nodes, one IPFS node, one bit-torrent node and etc. simultaneously. In aelf, you should first start a main chain instance, and then you can build and run a side chain instance. Transactions broadcast on the side chain are collected by the BP nodes (block production nodes) on the main chain. When smart contracts deployed on the side chain is triggered, the BP and full nodes on the main chain will run them.

Aelf — a blockchain based operating system

To perfect the design of our software system, aelf made the system extensible, flexible and pluggable. Just as there are thousands of Linux OS with only one Linux kernel. As Ethereum Founder Vitalik Buterin has explained, Ethereum can be seen as a world computer because there are lots of smart contracts running on it, and the contract execution results are consistent in all the distributed systems around the world. This idea is also embedded in aelf’s system and we call it a “blockchain infrastructure operating system”, or a distributed operating system.
Just like any OS, aelf has a kernel and a shell. In fact, aelf’s kernel is not something like a Linux kernel, it is just an analogy. There is a special concept in aelf’s kernel called the minimum viable blockchain system, which defines the most fundamental aspect of a blockchain. If a developer wants to create a new blockchain system or a new blockchain project, he does’t have to start from scratch, instead, he can directly extend and customize using the aelf blockchain open-source code. The technologies described above are all included in the minimum viable blockchain system. With these, anyone can customize:
  • Block property: block data structure, block packaging speed, transaction data structure, etc.
  • Consensus type: AEDPoS is used by default, but you can also use incentive consensus, like PoW and PoS. And you can also use the consensus of traditional distributed systems, like PoS and Practical Byzantine Fault Tolerance, or PBFT. In fact, the f evil nodes of 3f+1 nodes are the upper limit for any distributed system to reach a consensus, which is called the Byzantine Fault Tolerance, or BFT. In order to do this, there is a specific algorithm, but in 1999, a much more efficient algorithm to reach this consensus came along, that is the PBFT. In scenarios like private blockchain or consortium blockchain where there is no need for a incentive model, PBFT will be a good option.
  • Smart contract collection: In aelf, there are many predefined smart contracts that can be used directly by other contracts, such as token contract, cross-chain contract (also called CCTP, or cross chain transfer protocol), consensus contract, organization voting contracts, etc. Of course, you can also create your own contract with a brand new implementation logic.
  • Others.

Summary

So this is our breakdown of the aelf blockchain whitepaper. In previous articles, we first introduced two basic concepts which are often misinterpreted by other articles. After helping you get these two concepts straight, we then introduced aelf’s vast arsenal of powerful technology. If these articles helped you understand the aelf blockchain better, then I have reached my goal. But I must advise you to read the whitepaper for a more detailed explanation. With all this knowledge at your disposal, I believe you will be much more comfortable developing DApps on aelf.
Check Part 1 here: https://medium.com/aelfblockchain/a-breakdown-of-the-aelf-blockchain-whitepaper-part-1-a63fc2e3e2e7
submitted by Floris-Jan to aelfofficial [link] [comments]

One Year after the Public Chain Takeoff, the New Era of Blockchain 3.0 has Arrived

One Year after the Public Chain Takeoff, the New Era of Blockchain 3.0 has Arrived

https://preview.redd.it/gflezdzc0rh51.png?width=512&format=png&auto=webp&s=b93d52868ac1216ffc51cbf4f3e9280db500c329
Everyone said that 2019 is the year public blockchains took off, and 2020 will be the first year blockchain began to achieve business adoption. Although the coronavirus pandemic continues to wreak havoc on all walks of life worldwide, the blockchain industry is making great strides forward.
In just a few years, the blockchain sector has developed from 1.0 to 3.0, and each upgrade has brought about some changes in the world. As we all know, blockchain 1.0 generally refers to cryptocurrency centered around Bitcoin. Blockchain 2.0 is public chains represented by Ethereum, which can develop smart contracts. In the era of blockchain 3.0, people think that thousands of blockchains can coexist and interoperate.
In the past two years, people have had high expectations of many public chains. However, some of the so-called “blockchain 3.0” projects have either shown slow progress or failed to live up to the expectations after their mainnet went live. People then began to expect to see a killer DApp achieving wide adoption of blockchain. At the same time, as the underlying technology for blockchain connectivity, multi-chain structure and cross-chain technology have become an important part of ‘blockchain 3.0’.
aelf and other Web 3.0 projects can be seen as the underlying technology providers for the Internet of Value. On the aelf blockchain, whether it is valuable information or digital currency, everything can be connected and shared, which is where the magic of cross-chain technology lies.
If the consensus mechanism is the core competitiveness of blockchain, then the cross-chain technology is the key to realizing the Internet of Value for blockchain, particularly for alliance chains and private chains. It is the key to preventing different blockchains from being isolated islands and serves as a bridge connecting blockchain and the outside world.

Cross-chain technology is designed to prevent blockchain from being isolated islands of data

At present, although these public chain projects have seen their performance improved, none of them is able to build the much-anticipated “underlying blockchain highway’ singlehandedly. In particular, driven by the prevailing view that each public chain should be an independent ecosystem, public chains today have become isolated islands of data with different architectures incompatible systems, which poses real difficulty to DApp developers.
The cross-chain technology, as the name suggests, is aimed to realize asset circulation, information exchange and application collaboration between different blockchain platforms. It can be likened to a bridge linking different public chains, which can help realize data transmission between different blockchain networks and greatly reduce transmission costs.
It is obvious that the demand for cross-chain technology is very urgent in today’s blockchain world.
Cross-chain communication can be divided into homogeneous and heterogeneous cross-chain according to different underlying blockchain technology platforms. Cross-chain interaction between homogeneous chains is simple, since their security mechanisms, consensus algorithms, network topology, block generation verification logic are consistent. Cross-chain interaction between heterogeneous chains is quite different. For example, Bitcoin uses PoW algorithm while the alliance chain Fabric uses traditional deterministic consensus algorithm, and its block form and deterministic guarantee mechanism are very different. Since designing a direct cross-chain communication mechanism is not easy, cross-chain interaction between heterogeneous chains generally requires third-party services.

aelf is doubling down on heterogeneous cross-chain research

At present, cross-chain technology mainly includes notary schemes, hash-locking, side chains or relays, and distributed private key control. aelf uses the side chain or relay scheme.
aelf’s cross-chain logic is ‘main chain + side chain’, with an emphasis on ‘one chain, one scenario’, where each side chain can be a scenario, such as a DApp, or a DeFi app. aelf’s cross-chain architecture is centered around the main chain.

https://preview.redd.it/n6q32zae0rh51.png?width=512&format=png&auto=webp&s=53aa5f093279c65b1a529ccefdf840a11382dc9d
In the cross-chain process, aelf achieves intercommunication between different chains via indexing. An index is the transfer of data from one chain to another in a defined structure. The cross-chain index has two steps: parent chain indexing child chain and child chain indexing parent chain.
  • The parent chain requests data from the child-chain and the data are then sent from the child chain to the parent chain.
  • The parent chain processes all the child chain’s index data, generating a Merkle tree, and stores it on the chain. The child chain block has been indexed by the parent chain, and must wait for the data to be confirmed by the network.
The above steps include the whole process of the parent chain indexing the child chain’s block and the child chain re-indexing the parent chain’s block. It’s worth noting that only irreversible blocks can be indexed by other chains.

https://preview.redd.it/cx381n9f0rh51.png?width=512&format=png&auto=webp&s=48bbb33731e42ba1d6c0a21a57e325274f150283
As a result, aelf does not need a Hub or a relay chain and is more of a decentralized cross-chain model. This is because communication between different chains does not necessarily require the permission of the aelf’s only main chain each time. The multi-layer child chains under the side chain can also communicate with each other with the index of the upper-layer parent chain and without the main chain getting involved.
On the premise of decentralization, aelf established that only confirmed blocks can be indexed, because only irreversible data can be trusted to ensure the network’s security. aelf also has its own solution for communicating with the Ethereum ecosystem, which can be interfaced with the Ethereum and other blockchain systems via adapters, making it compatible with existing mainstream ecosystems.
It can be seen that aelf has done a great job in homogeneous cross-chain technology, whereas some public chain projects have yet to pull it off. aelf has also begun to develop heterogeneous cross-chain technology, which will allow external chains such as Bitcoin and Ethereum to lock tokens into smart contracts and generate ccorresponding tokens on the aelf chain through contracts to achieve cross-chain communication. It is clear that aelf has taken the lead in cross-chain development.
While it’s still too early to talk about blockchain 3.0 and most projects are still trying to figure out where the underlying technologies are heading, solving the scalability issue public chains are facing today through the cross-chain technology has become the general trend. Cross-chain technology can realize communication between different chains, greatly improve blockchain’s ability to transfer value, and promote the development of IoT and cloud computing. On the other hand, without cross-chain technology, all kinds of blockchain platforms information will just be isolated islands of data, putting a significant limit on the applications of blockchain platforms.
We believe that the cross-chain mechanisms will greatly increase the value of blockchain and usher in a new era of blockchain development. With strong technical prowess and the ability to achieve commercial application, aelf will continue to explore the cross chain technology and provide strong technical support for the rapid and steady development of the industry!
submitted by Floris-Jan to aelfofficial [link] [comments]

The Privacy Coin Guide Part 1

As interest picks up in crypto again, I want to share this post I made on privacy coins again to just give the basics of their evolution. This is only part 1, and parts 2 and 3 are not available in this format, but this part is informative and basic.
If you’re looking for a quick and easy way to assess what the best privacy coin in the current space is, which has the best features, or which is most likely to give high returns, then this is not that guide. My goal is to give you the power to make your own decisions, to clearly state my biases, and educate. I really wanted to understand this niche of the crypto-space due to my background and current loyalties[1], and grasp the nuances of the features, origins and timelines of technologies used in privacy coins, while not being anything close to a developer myself. This is going to be a 3-part series, starting with an overview and basic review of the technology, then looking at its implications, and ending with why I like a specific project. It might be mildly interesting or delightfully educational. Cryptocurrencies are young and existing privacy coins are deploying technology that is a work in progress. This series assumes a basic understanding of how blockchains work, specifically as used in cryptocurrencies. If you don’t have that understanding, might I suggest that you get it? [2],[3],[4] Because cryptocurrencies have a long way to go before reaching their end-game: when the world relies on the technology without understanding it. So, shall we do a deep dive into the privacy coin space?

FIRST THERE WAS BITCOIN

Cryptocurrencies allow you to tokenize value and track its exchange between hands over time, with transaction information verified by a distributed network of users. The most famous version of a cryptocurrency in use is Bitcoin, defined as peer-to-peer electronic cash. [5] Posted anonymously in 2008, the whitepaper seemed to be in direct response to the global financial meltdown and public distrust of the conventional banking and financing systems. Although cryptographic techniques are used in Bitcoin to ensure that (i) only the owner of a specific wallet has the authority to spend funds from that wallet, (ii) the public address is linked but cannot be traced by a third party to the private address (iii) the information is stored via cryptographic hashing in a merkle tree structure to ensure data integrity, the actual transaction information is publicly visible on the blockchain and can be traced back to the individual through chain analysis.[6] This has raised fears of possible financial censorship or the metaphorical tainting of money due to its origination point, as demonstrated in the Silk Road marketplace disaster.[7] This can happen because fiat money is usually exchanged for cryptocurrency at some point, as crypto-enthusiasts are born in the real world and inevitably cash out. There are already chain analysis firms and software that are increasingly efficient at tracking transactions on the Bitcoin blockchain.[8] This lack of privacy is one of the limitations of Bitcoin that has resulted in the creation of altcoins that experiment with the different features a cryptocurrency can have. Privacy coins are figuring out how to introduce privacy in addition to the payment network. The goal is to make the cryptocurrency fungible, each unit able to be exchanged for equal value without knowledge of its transaction history – like cash, while being publicly verifiable on a decentralized network. In other words, anyone can add the math up without being able to see the full details. Some privacy solutions and protocols have popped up as a result:

CRYPTONOTE – RING SIGNATURES AND STEALTH ADDRESSES

Used in: Monero and Particl as its successor RING-CT, Bytecoin
In December 2012, CryptoNote introduced the use of ring signatures and stealth addresses (along with other notable features such as its own codebase) to improve cryptocurrency privacy.[9] An updated CryptoNote version 2 came in October 2013 [10](though there is some dispute over this timeline [11]), also authored under the name Nicolas van Saberhagen. Ring signatures hide sender information by having the sender sign a transaction using a signature that could belong to multiple users. This makes a transaction untraceable. Stealth addresses allow a receiver to give a single address which generates a different public address for funds to be received at each time funds are sent to it. That makes a transaction unlinkable. In terms of privacy, CryptoNote gave us a protocol for untraceable and unlinkable transactions. The first implementation of CryptoNote technology was Bytecoin in March 2014 (timeline disputed [12]), which spawned many children (forks) in subsequent years, a notable example being Monero, based on CryptoNote v2 in April 2014.
RING SIGNATURES and STEALTH ADDRESSES

PROS

– Provides sender and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume
-Does not hide transaction information if not combined with another protocol.

COINJOIN

Used in: Dash
Bitcoin developer Gregory Maxwell proposed a set of solutions to bring privacy to Bitcoin and cryptocurrencies, the first being CoinJoin (January 28 – Aug 22, 2013).[13],[14] CoinJoin (sometimes called CoinSwap) allows multiple users to combine their transactions into a single transaction, by receiving inputs from multiple users, and then sending their outputs to the multiple users, irrespective of who in the group the inputs came from. So, the receiver will get whatever output amount they were supposed to, but it cannot be directly traced to its origination input. Similar proposals include Coinshuffle in 2014 and Tumblebit in 2016, building on CoinJoin but not terribly popular [15],[16]. They fixed the need for a trusted third party to ‘mix’ the transactions. There are CoinJoin implementations that are being actively worked on but are not the most popular privacy solutions of today. A notable coin that uses CoinJoin technology is Dash, launched in January 2014, with masternodes in place of a trusted party.
COINJOIN

PROS

– Provides sender and receiver privacy
– Easy to implement on any cryptocurrency
– Lightweight
– Greater scalability with bulletproofs
– Mature technology

CONS

– Least anonymous privacy solution. Transaction amounts can be calculated
– Even without third-party mixer, depends on wealth centralization of masternodes

ZEROCOIN

Used in: Zcoin, PIVX
In May 2013, the Zerocoin protocol was introduced by John Hopkins University professor Matthew D. Green and his graduate students Ian Miers and Christina Garman.[17] In response to the need for use of a third party to do CoinJoin, the Zerocoin proposal allowed for a coin to be destroyed and remade in order to erase its history whenever it is spent. Zero-knowledge cryptography and zero-knowledge proofs are used to prove that the new coins for spending are being appropriately made. A zero-knowledge proof allows one party to prove to another that they know specific information, without revealing any information about it, other than the fact that they know it. Zerocoin was not accepted by the Bitcoin community as an implementation to be added to Bitcoin, so a new cryptocurrency had to be formed. Zcoin was the first cryptocurrency to implement the Zerocoin protocol in 2016. [18]
ZEROCOIN

PROS

– Provides sender and receiver privacy
– Supply can be audited
– Relatively mature technology
– Does not require a third-party

CONS

– Requires trusted setup (May not be required with Sigma protocol)
– Large proof sizes (not lightweight)
– Does not provide full privacy for transaction amounts

ZEROCASH

Used in: Zcash, Horizen, Komodo, Zclassic, Bitcoin Private
In May 2014, the current successor to the Zerocoin protocol, Zerocash, was created, also by Matthew Green and others (Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza).[19] It improved upon the Zerocoin concept by taking advantage of zero-knowledge proofs called zk-snarks (zero knowledge succinct non-interactive arguments of knowledge). Unlike Zerocoin, which hid coin origins and payment history, Zerocash was faster, with smaller transaction sizes, and hides transaction information on the sender, receiver and amount. Zcash is the first cryptocurrency to implement the Zerocash protocol in 2016. [20]
ZEROCASH

PROS

– Provides full anonymity. Sender, receiver and amount hidden.
– Privacy can be default?
– Fast due to small proof sizes.
– Payment amount can be optionally disclosed for auditing
– Does not require any third-party

CONS

– Requires trusted setup. (May be improved with zt-starks technology)
– Supply cannot be audited. And coins can potentially be forged without proper implementation.
– Private transactions computationally intensive (improved with Sapling upgrade)

CONFIDENTIAL TRANSACTIONS

Used in: Monero and Particl with Ring Signatures as RING-CT
The next proposal from Maxwell was that of confidential transactions, proposed in June 2015 as part of the Sidechain Elements project from Blockstream, where Maxwell was Chief Technical Officer.[21],[22] It proposed to hide the transaction amount and asset type (e.g. deposits, currencies, shares), so that only the sender and receiver are aware of the amount, unless they choose to make the amount public. It uses homomorphic encryption[23] to encrypt the inputs and outputs by using blinding factors and a kind of ring signature in a commitment scheme, so the amount can be ‘committed’ to, without the amount actually being known. I’m terribly sorry if you now have the urge to go and research exactly what that means. The takeaway is that the transaction amount can be hidden from outsiders while being verifiable.
CONFIDENTIAL TRANSACTIONS

PROS

– Hides transaction amounts
– Privacy can be default
– Mature technology
– Does not require any third-party

CONS

– Only provides transaction amount privacy when used alone

RING-CT

Used in: Monero, Particl
Then came Ring Confidential transactions, proposed by Shen-Noether of Monero Research Labs in October 2015.[24] RingCT combines the use of ring signatures for hiding sender information, with the use of confidential transactions (which also uses ring signatures) for hiding amounts. The proposal described a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature which “allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation”.[25] RingCT was implemented in Monero in January 2017 and made mandatory after September 2017.
RING -CONFIDENTIAL TRANSACTIONS

PROS

– Provides full anonymity. Hides transaction amounts and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume

MIMBLEWIMBLE

Used in: Grin
Mimblewimble was proposed in July 2016 by pseudonymous contributor Tom Elvis Jedusorand further developed in October 2016 by Andrew Poelstra.[26],[27] Mimblewimble is a “privacy and fungibility focused cryptocoin transaction structure proposal”.[28] The key words are transaction structure proposal, so the way the blockchain is built is different, in order to accommodate privacy and fungibility features. Mimblewimble uses the concept of Confidential transactions to keep amounts hidden, looks at private keys and transaction information to prove ownership of funds rather than using addresses, and bundles transactions together instead of listing them separately on the blockchain. It also introduces a novel method of pruning the blockchain. Grin is a cryptocurrency in development that is applying Mimblewimble. Mimblewimble is early in development and you can understand it more here [29].
MIMBLEWIMBLE

PROS

– Hides transaction amounts and receiver privacy
– Privacy is on by default
– Lightweight
– No public addresses?

CONS

– Privacy not very effective without high volume
– Sender and receiver must both be online
– Relatively new technology

ZEXE

Fresh off the minds of brilliant cryptographers (Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu), in October 2018 Zexe proposed a new cryptographic primitive called ‘decentralized private computation.[30] It allows users of a decentralized ledger to “execute offline computations that result in transactions”[31], but also keeps transaction amounts hidden and allows transaction validation to happen at any time regardless of computations being done online. This can have far reaching implications for privacy coins in the future. Consider cases where transactions need to be automatic and private, without both parties being present.

NETWORK PRIVACY

Privacy technologies that look at network privacy as nodes communicate with each other on the network are important considerations, rather than just looking at privacy on the blockchain itself. Anonymous layers encrypt and/or reroute data as it moves among peers, so it is not obvious who they originate from on the network. They are used to protect against surveillance or censorship from ISPs and governments. The Invisible Internet Project (I2P) is an anonymous network layer that uses end to end encryption for peers on a network to communicate with each other.[32] Its history dates back to 2003. Kovri is a Monero created implementation of I2P.[33] The Onion Router (Tor) is another anonymity layer [34]) that Verge is a privacy cryptocurrency that uses. But its historical link to the US government may be is concerning to some[35]. Dandelion transaction relay is also an upcoming Bitcoin improvement proposal (BIP) that scrambles IP data that will provide network privacy for Bitcoin as transaction and other information is transmitted.[36],[37],[38]

UPCOMING

Monero completed bulletproofs protocol updates that reduce RINGCT transaction sizes and thus transaction fee costs. (Bulletproofs are a replacement for range proofs used in confidential transactions that aid in encrypting inputs and outputs by making sure they add to zero).
Sigma Protocol – being actively researched by Zcoin team as of 2018 to replace Zerocoin protocol so that a trusted setup is not required.[39] There is a possible replacement for zk-snarks, called zk-starks, another form of zero-knowledge proof technology, that may make a trusted set-up unnecessary for zero-knowledege proof coins.[40]

PART 1 CONCLUSION OF THE PRIVACY COIN GUIDE ON THE TECHNOLOGY BEHIND PRIVACY COINS

Although Bitcoin is still a groundbreaking technology that gives us a trust-less transaction system, it has failed to live up to its expectations of privacy. Over time, new privacy technologies have arrived and are arriving with innovative and exciting solutions for Bitcoin’s lack of fungibility. It is important to note that these technologies are built on prior research and application, but we are considering their use in cryptocurrencies. Protocols are proposed based on cryptographic concepts that show how they would work, and then developers actually implement them. Please note that I did not include the possibility of improper implementation as a disadvantage, and the advantages assume that the technical development is well done. A very important point is that coins can also adapt new privacy technologies as their merits become obvious, even as they start with a specific privacy protocol. Furthermore, I am, unfortunately, positive that this is not an exhaustive overview and I am only covering publicized solutions. Next, we’ll talk more about the pros and cons and give an idea of how the coins can be compared.

There's a video version that can be watched, and you can find out how to get the second two parts if you want on my website (video link on the page): https://cryptoramble.com/guide-on-privacy-coins/
submitted by CryptoRamble to privacycoins [link] [comments]

08-13 21:45 - 'Building the Infrastructure for the Future Decentralized Financial Market, Coinbase Included HBTC.Com Debut DeFi Project - Nest Protocol' (self.Bitcoin) by /u/Nest_Fan removed from /r/Bitcoin within 24-34min

'''
As the world’s leading regulatory compliant digital asset exchange, Coinbase sets one of the most stringent requirements for digital asset listing which includes technical evaluation of projects, legal and risk analysis, market supply and demand analysis, and crypto-economics. Coinbase holds a strong reputation in the digital asset industry, and thus the “Coinbase Standard” is considered as the industry benchmark for other digital asset projects, and the market has even seen the “Coinbase effect”.
On July 25 2020, Coinbase quietly launched the pricing chart of a decentralized oracle project, NEST Protocol (NEST), into its portal. Although Coinbase has yet to announce the inclusion of the project in its evaluation list, it represents a keen interest in the DeFi sector, and particularly in the DeFi price oracle projects.
NEST Protocol is the rising star in the decentralized price oracle sector
Decentralized financial services offered by the current mainstream DeFi platforms such as MakerDAO, Compound, dYdX, etc. rely heavily on the market data provided by the oracle projects. Oracle projects act as reliable information sources to feed these price data to other DeFi Projects, connecting the price data from the centralized world to the DeFi space. As such, the price oracle is an integral part of the decentralized financial services infrastructure.
Traditionally, the price oracle collects data from different platforms and feeds these data points to the DeFi space to create data reference points to enable them to function properly. However, many problems currently exist in the DeFi space, for example, blockchain network congestion, malicious attacks, wild market fluctuations, and other factors that may cause the data given by the price oracle to deviate from the true market data. These ultimately cause users to trade on wrong information in the DeFi space and increases such transaction costs.
Decentralized finance requires a fast, secure, and reliable price oracle. The birth of the decentralized price oracle is the embodiment of the blockchain industry’s thinking, and the current market projects offering decentralized price oracle services which includes NEST Protocol, Chainlink, Band Protocol, Tellor, Witness, Oraclize, and many others.
The innovation of NEST-Price is that every data point has been agreed upon by market validators, in line with the blockchain consensus mechanism. NEST-Price synchronizes the off-chain price in a highly decentralized manner, creating real and valid price data on-chain. This is the unique differentiator between NEST-Price and other price oracles.
Compared with other price oracle projects, NEST also has other features and advantages, such as the proposed peer-to-peer quotation matching as well as its unique verifier verification structure, making NEST more resilient to malicious attacks, resulting in a more decentralized network, and it’s on-chain prices closer to the fair market price. All of this has resulted in the NEST Protocol becoming a rising star in the DeFi price oracle sector. HBTC.com selects high-quality projects to list and partnering with NEST to promote the development of DeFi ecosystem
During the selection of quality assets, exchanges like [HBTC.com]1 and Coinbase adhere to the principle of a rigorous selection of assets from different projects to enable a proper range of digital assets. At the same time, in order to solve existing pain points in the digital asset industry, which currently lacks a market-making management solution, HBTC.com also has launched its own “coin listing crowdsourcing [liquidity initiative]2 “, redefining the exchange market making model.
HBTC.com, through its coin listing strategy, effectively reduces the problem of low liquidity in the early stages of high-quality projects, ensuring the smoothness of the user experience, and achieves a win-win situation for traders, the community, and the respective trading platform. These initiatives, coupled with reliable user protection and a responsible attitude, have earned a positive reputation among users.
Since its inception, the HBTC.com exchange has been committed to the discovery of both quality and promising digital asset projects. At a time when DeFi is growing rapidly, HBTC.com has a unique perspective for the decentralized price oracle sector and has prioritized NEST as a premium partner to debut the project alongside with its global branding upgrade. In addition, HBTC.com has [100% proof of reserves]3 for traders to validate the existence of assets via the Merkle tree, which brings transparency to the extreme.
In May 2020, NEST token delivered a 883.29% of return, at its peak, after its global debut on HBTC.com. At present, HBTC Exchange addresses holding NEST token accounts in a total of 141 million, ranked first in the overall network. At the same time, the HBTC Exchange network exclusively releases NEST staking mining and data show that NEST 24-hour turnover has reached $20.4 million.
Post-listing of the NEST token, HBTC.com has also listed DeFi projects such as DF, OKS, NEST, SWTH, JST, NVT, and other DeFi projects with market potential; some projects have achieved astonishing performance in the secondary market.
HBTC.com’s path to DeFi: developing public chains to prepare for the future ecosystem breakout.
In terms of the DeFi product and ecosystem infrastructure, HBTC has deployed HBTC Chain since launched in 2018, an infrastructure designed for decentralized finance and DeFi business with patented Bluehelix decentralized cross-chain clearing and custody technology.
The HBTC Chain is the DeFi ecosystem infrastructure that the team has spent a significant amount of effort to build. It is based on decentralization and community consensus and integrates cryptography and blockchain technologies to support decentralized association-based governance capabilities at the technical level. Based on decentralized key management, combining various cryptography tools including ECDSA, commitment, zero-knowledge proof, and multi-party computation, It implements the distributed private key generation and signature for cross-chain assets among all validators. On top of that, this technology can realize light-weight and non-intrusive cross-chain asset custody. On the clearing layer, HBTC Chain employs BHPOS consensus and horizontal sharding mechanisms to achieve high-performing transaction clearing, and implementation of OpenDex protocol to help the development of the DeFi ecosystem.
In addition, with the success experience of Bluehelix Cloud SaaS and white label solutions and the HBTC Brokerage system, HBTC’s public chain also innovatively supports CEX+DEX mixed matchmaking model and OpenDex protocol and proposes the three-tier node system which consists of standard node + consensus node + core node. This structure provides HBTC public chain certain advantages in terms of performance and cross-chain transactions. Users can easily establish a DEX with OpenDex protocol at nearly zero cost, and all DEX will share the liquidity and support customized user interface and trading parameters. The trading experience can be completely comparable to centralized spot exchanges.
With the launch of its test network, it is now possible to develop various DeFi applications on the HBTC public chain, such as decentralized swap, so that private keys are not controlled by any party; no KYC, which can prevent personal information leakage; and asset security through the setting of invalidation, cancellation of transactions and other functions, cross-chain asset mappings, such as the ability to issue cross-chain cBTC or other chain tokens, fully decentralized asset mapping contracts, and 100% reserves.
Conclusion
In the past few months, the DeFi market has been extremely active, the price of DeFi tokens has been rising, and a new round of competition with the centralized exchanges has started. HBTC Chain relies on the powerful technology of Bluehelix and [HBTC.com]1 , giving all public chains the ability to interconnect, and put into both DeFi and SaaS levels. Undoubtedly, as one of the first exchanges to build the DeFi ecosystem, HBTC is leading the breakout in the current DeFi craze and has now become the first choice of users to engage with quality DeFi projects.

From BITCOIN news([[link]6 )
'''
Building the Infrastructure for the Future Decentralized Financial Market, Coinbase Included HBTC.Com Debut DeFi Project - Nest Protocol
Go1dfish undelete link
unreddit undelete link
Author: Nest_Fan
1: *btc*com/ 2: m*diu**com/hbt***ficia*/hbt*-launches-ba**liquidi*y***owd*unding-li*ti*g-plan-redefine-t*e*exch*nge-*i*tin**m*d*l***6*58f*f1d* 3: hbtc.ze**e*k*co*/hc/*n-us/a**icles/3***46287754-HBT*-10*-*ro***of*Reserve 4: hb*c.co*/ 5: n*ws.bitcoin.c*m*bu*ld*ng-t**-infr***ructur*-f*r-the*fut*re*decen**ali**d-*inanc*a*-market-coi**as*-*ncluded-h*t*-*o*-*ebut-de**-p*oject-n*st-**otocol* 6: n**s.bit*oin*com/building-th*-infrast*u*ture*for-t*e-fut****decen**a**zed**inancia*-m*rket-coinbase-**c*uded-*b*c-c***deb***defi-**oject-*est**r**ocol/]^^5
Unknown links are censored to prevent spreading illicit content.
submitted by removalbot to removalbot [link] [comments]

The Privacy Coin Guide Part 1

As interest picks up in crypto again, I want to share this post I made on privacy coins again to just give the basics of their evolution. This is only part 1, and parts 2 and 3 are not available in this format, but this part is informative and basic.
If you’re looking for a quick and easy way to assess what the best privacy coin in the current space is, which has the best features, or which is most likely to give high returns, then this is not that guide. My goal is to give you the power to make your own decisions, to clearly state my biases, and educate. I really wanted to understand this niche of the crypto-space due to my background and current loyalties[1], and grasp the nuances of the features, origins and timelines of technologies used in privacy coins, while not being anything close to a developer myself. This is going to be a 3-part series, starting with an overview and basic review of the technology, then looking at its implications, and ending with why I like a specific project. It might be mildly interesting or delightfully educational. Cryptocurrencies are young and existing privacy coins are deploying technology that is a work in progress. This series assumes a basic understanding of how blockchains work, specifically as used in cryptocurrencies. If you don’t have that understanding, might I suggest that you get it? [2],[3],[4] Because cryptocurrencies have a long way to go before reaching their end-game: when the world relies on the technology without understanding it. So, shall we do a deep dive into the privacy coin space?

FIRST THERE WAS BITCOIN

Cryptocurrencies allow you to tokenize value and track its exchange between hands over time, with transaction information verified by a distributed network of users. The most famous version of a cryptocurrency in use is Bitcoin, defined as peer-to-peer electronic cash. [5] Posted anonymously in 2008, the whitepaper seemed to be in direct response to the global financial meltdown and public distrust of the conventional banking and financing systems. Although cryptographic techniques are used in Bitcoin to ensure that (i) only the owner of a specific wallet has the authority to spend funds from that wallet, (ii) the public address is linked but cannot be traced by a third party to the private address (iii) the information is stored via cryptographic hashing in a merkle tree structure to ensure data integrity, the actual transaction information is publicly visible on the blockchain and can be traced back to the individual through chain analysis.[6] This has raised fears of possible financial censorship or the metaphorical tainting of money due to its origination point, as demonstrated in the Silk Road marketplace disaster.[7] This can happen because fiat money is usually exchanged for cryptocurrency at some point, as crypto-enthusiasts are born in the real world and inevitably cash out. There are already chain analysis firms and software that are increasingly efficient at tracking transactions on the Bitcoin blockchain.[8] This lack of privacy is one of the limitations of Bitcoin that has resulted in the creation of altcoins that experiment with the different features a cryptocurrency can have. Privacy coins are figuring out how to introduce privacy in addition to the payment network. The goal is to make the cryptocurrency fungible, each unit able to be exchanged for equal value without knowledge of its transaction history – like cash, while being publicly verifiable on a decentralized network. In other words, anyone can add the math up without being able to see the full details. Some privacy solutions and protocols have popped up as a result:

CRYPTONOTE – RING SIGNATURES AND STEALTH ADDRESSES

Used in: Monero and Particl as its successor RING-CT, Bytecoin
In December 2012, CryptoNote introduced the use of ring signatures and stealth addresses (along with other notable features such as its own codebase) to improve cryptocurrency privacy.[9] An updated CryptoNote version 2 came in October 2013 [10](though there is some dispute over this timeline [11]), also authored under the name Nicolas van Saberhagen. Ring signatures hide sender information by having the sender sign a transaction using a signature that could belong to multiple users. This makes a transaction untraceable. Stealth addresses allow a receiver to give a single address which generates a different public address for funds to be received at each time funds are sent to it. That makes a transaction unlinkable. In terms of privacy, CryptoNote gave us a protocol for untraceable and unlinkable transactions. The first implementation of CryptoNote technology was Bytecoin in March 2014 (timeline disputed [12]), which spawned many children (forks) in subsequent years, a notable example being Monero, based on CryptoNote v2 in April 2014.
RING SIGNATURES and STEALTH ADDRESSES

PROS

– Provides sender and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume
-Does not hide transaction information if not combined with another protocol.

COINJOIN

Used in: Dash
Bitcoin developer Gregory Maxwell proposed a set of solutions to bring privacy to Bitcoin and cryptocurrencies, the first being CoinJoin (January 28 – Aug 22, 2013).[13],[14] CoinJoin (sometimes called CoinSwap) allows multiple users to combine their transactions into a single transaction, by receiving inputs from multiple users, and then sending their outputs to the multiple users, irrespective of who in the group the inputs came from. So, the receiver will get whatever output amount they were supposed to, but it cannot be directly traced to its origination input. Similar proposals include Coinshuffle in 2014 and Tumblebit in 2016, building on CoinJoin but not terribly popular [15],[16]. They fixed the need for a trusted third party to ‘mix’ the transactions. There are CoinJoin implementations that are being actively worked on but are not the most popular privacy solutions of today. A notable coin that uses CoinJoin technology is Dash, launched in January 2014, with masternodes in place of a trusted party.
COINJOIN

PROS

– Provides sender and receiver privacy
– Easy to implement on any cryptocurrency
– Lightweight
– Greater scalability with bulletproofs
– Mature technology

CONS

– Least anonymous privacy solution. Transaction amounts can be calculated
– Even without third-party mixer, depends on wealth centralization of masternodes

ZEROCOIN

Used in: Zcoin, PIVX
In May 2013, the Zerocoin protocol was introduced by John Hopkins University professor Matthew D. Green and his graduate students Ian Miers and Christina Garman.[17] In response to the need for use of a third party to do CoinJoin, the Zerocoin proposal allowed for a coin to be destroyed and remade in order to erase its history whenever it is spent. Zero-knowledge cryptography and zero-knowledge proofs are used to prove that the new coins for spending are being appropriately made. A zero-knowledge proof allows one party to prove to another that they know specific information, without revealing any information about it, other than the fact that they know it. Zerocoin was not accepted by the Bitcoin community as an implementation to be added to Bitcoin, so a new cryptocurrency had to be formed. Zcoin was the first cryptocurrency to implement the Zerocoin protocol in 2016. [18]
ZEROCOIN

PROS

– Provides sender and receiver privacy
– Supply can be audited
– Relatively mature technology
– Does not require a third-party

CONS

– Requires trusted setup (May not be required with Sigma protocol)
– Large proof sizes (not lightweight)
– Does not provide full privacy for transaction amounts

ZEROCASH

Used in: Zcash, Horizen, Komodo, Zclassic, Bitcoin Private
In May 2014, the current successor to the Zerocoin protocol, Zerocash, was created, also by Matthew Green and others (Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza).[19] It improved upon the Zerocoin concept by taking advantage of zero-knowledge proofs called zk-snarks (zero knowledge succinct non-interactive arguments of knowledge). Unlike Zerocoin, which hid coin origins and payment history, Zerocash was faster, with smaller transaction sizes, and hides transaction information on the sender, receiver and amount. Zcash is the first cryptocurrency to implement the Zerocash protocol in 2016. [20]
ZEROCASH

PROS

– Provides full anonymity. Sender, receiver and amount hidden.
– Privacy can be default?
– Fast due to small proof sizes.
– Payment amount can be optionally disclosed for auditing
– Does not require any third-party

CONS

– Requires trusted setup. (May be improved with zt-starks technology)
– Supply cannot be audited. And coins can potentially be forged without proper implementation.
– Private transactions computationally intensive (improved with Sapling upgrade)

CONFIDENTIAL TRANSACTIONS

Used in: Monero and Particl with Ring Signatures as RING-CT
The next proposal from Maxwell was that of confidential transactions, proposed in June 2015 as part of the Sidechain Elements project from Blockstream, where Maxwell was Chief Technical Officer.[21],[22] It proposed to hide the transaction amount and asset type (e.g. deposits, currencies, shares), so that only the sender and receiver are aware of the amount, unless they choose to make the amount public. It uses homomorphic encryption[23] to encrypt the inputs and outputs by using blinding factors and a kind of ring signature in a commitment scheme, so the amount can be ‘committed’ to, without the amount actually being known. I’m terribly sorry if you now have the urge to go and research exactly what that means. The takeaway is that the transaction amount can be hidden from outsiders while being verifiable.
CONFIDENTIAL TRANSACTIONS

PROS

– Hides transaction amounts
– Privacy can be default
– Mature technology
– Does not require any third-party

CONS

– Only provides transaction amount privacy when used alone

RING-CT

Used in: Monero, Particl
Then came Ring Confidential transactions, proposed by Shen-Noether of Monero Research Labs in October 2015.[24] RingCT combines the use of ring signatures for hiding sender information, with the use of confidential transactions (which also uses ring signatures) for hiding amounts. The proposal described a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature which “allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation”.[25] RingCT was implemented in Monero in January 2017 and made mandatory after September 2017.
RING -CONFIDENTIAL TRANSACTIONS

PROS

– Provides full anonymity. Hides transaction amounts and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume

MIMBLEWIMBLE

Used in: Grin
Mimblewimble was proposed in July 2016 by pseudonymous contributor Tom Elvis Jedusorand further developed in October 2016 by Andrew Poelstra.[26],[27] Mimblewimble is a “privacy and fungibility focused cryptocoin transaction structure proposal”.[28] The key words are transaction structure proposal, so the way the blockchain is built is different, in order to accommodate privacy and fungibility features. Mimblewimble uses the concept of Confidential transactions to keep amounts hidden, looks at private keys and transaction information to prove ownership of funds rather than using addresses, and bundles transactions together instead of listing them separately on the blockchain. It also introduces a novel method of pruning the blockchain. Grin is a cryptocurrency in development that is applying Mimblewimble. Mimblewimble is early in development and you can understand it more here [29].
MIMBLEWIMBLE

PROS

– Hides transaction amounts and receiver privacy
– Privacy is on by default
– Lightweight
– No public addresses?

CONS

– Privacy not very effective without high volume
– Sender and receiver must both be online
– Relatively new technology

ZEXE

Fresh off the minds of brilliant cryptographers (Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu), in October 2018 Zexe proposed a new cryptographic primitive called ‘decentralized private computation.[30] It allows users of a decentralized ledger to “execute offline computations that result in transactions”[31], but also keeps transaction amounts hidden and allows transaction validation to happen at any time regardless of computations being done online. This can have far reaching implications for privacy coins in the future. Consider cases where transactions need to be automatic and private, without both parties being present.

NETWORK PRIVACY

Privacy technologies that look at network privacy as nodes communicate with each other on the network are important considerations, rather than just looking at privacy on the blockchain itself. Anonymous layers encrypt and/or reroute data as it moves among peers, so it is not obvious who they originate from on the network. They are used to protect against surveillance or censorship from ISPs and governments. The Invisible Internet Project (I2P) is an anonymous network layer that uses end to end encryption for peers on a network to communicate with each other.[32] Its history dates back to 2003. Kovri is a Monero created implementation of I2P.[33] The Onion Router (Tor) is another anonymity layer [34]) that Verge is a privacy cryptocurrency that uses. But its historical link to the US government may be is concerning to some[35]. Dandelion transaction relay is also an upcoming Bitcoin improvement proposal (BIP) that scrambles IP data that will provide network privacy for Bitcoin as transaction and other information is transmitted.[36],[37],[38]

UPCOMING

Monero completed bulletproofs protocol updates that reduce RINGCT transaction sizes and thus transaction fee costs. (Bulletproofs are a replacement for range proofs used in confidential transactions that aid in encrypting inputs and outputs by making sure they add to zero).
Sigma Protocol – being actively researched by Zcoin team as of 2018 to replace Zerocoin protocol so that a trusted setup is not required.[39] There is a possible replacement for zk-snarks, called zk-starks, another form of zero-knowledge proof technology, that may make a trusted set-up unnecessary for zero-knowledege proof coins.[40]

PART 1 CONCLUSION OF THE PRIVACY COIN GUIDE ON THE TECHNOLOGY BEHIND PRIVACY COINS

Although Bitcoin is still a groundbreaking technology that gives us a trust-less transaction system, it has failed to live up to its expectations of privacy. Over time, new privacy technologies have arrived and are arriving with innovative and exciting solutions for Bitcoin’s lack of fungibility. It is important to note that these technologies are built on prior research and application, but we are considering their use in cryptocurrencies. Protocols are proposed based on cryptographic concepts that show how they would work, and then developers actually implement them. Please note that I did not include the possibility of improper implementation as a disadvantage, and the advantages assume that the technical development is well done. A very important point is that coins can also adapt new privacy technologies as their merits become obvious, even as they start with a specific privacy protocol. Furthermore, I am, unfortunately, positive that this is not an exhaustive overview and I am only covering publicized solutions. Next, we’ll talk more about the pros and cons and give an idea of how the coins can be compared.

There's a video version that can be watched, and you can find out how to get the second two parts if you want on my website (video link on the page): https://cryptoramble.com/guide-on-privacy-coins/
submitted by CryptoRamble to CryptoCurrencies [link] [comments]

The Privacy Coin Guide Part 1

As interest picks up in crypto again, I want to share this post I made on privacy coins again to just give the basics of their evolution. This is only part 1, and parts 2 and 3 are not available in this format, but this part is informative and basic.
If you’re looking for a quick and easy way to assess what the best privacy coin in the current space is, which has the best features, or which is most likely to give high returns, then this is not that guide. My goal is to give you the power to make your own decisions, to clearly state my biases, and educate. I really wanted to understand this niche of the crypto-space due to my background and current loyalties[1], and grasp the nuances of the features, origins and timelines of technologies used in privacy coins, while not being anything close to a developer myself. This is going to be a 3-part series, starting with an overview and basic review of the technology, then looking at its implications, and ending with why I like a specific project. It might be mildly interesting or delightfully educational. Cryptocurrencies are young and existing privacy coins are deploying technology that is a work in progress. This series assumes a basic understanding of how blockchains work, specifically as used in cryptocurrencies. If you don’t have that understanding, might I suggest that you get it? [2],[3],[4] Because cryptocurrencies have a long way to go before reaching their end-game: when the world relies on the technology without understanding it. So, shall we do a deep dive into the privacy coin space?

FIRST THERE WAS BITCOIN

Cryptocurrencies allow you to tokenize value and track its exchange between hands over time, with transaction information verified by a distributed network of users. The most famous version of a cryptocurrency in use is Bitcoin, defined as peer-to-peer electronic cash. [5] Posted anonymously in 2008, the whitepaper seemed to be in direct response to the global financial meltdown and public distrust of the conventional banking and financing systems. Although cryptographic techniques are used in Bitcoin to ensure that (i) only the owner of a specific wallet has the authority to spend funds from that wallet, (ii) the public address is linked but cannot be traced by a third party to the private address (iii) the information is stored via cryptographic hashing in a merkle tree structure to ensure data integrity, the actual transaction information is publicly visible on the blockchain and can be traced back to the individual through chain analysis.[6] This has raised fears of possible financial censorship or the metaphorical tainting of money due to its origination point, as demonstrated in the Silk Road marketplace disaster.[7] This can happen because fiat money is usually exchanged for cryptocurrency at some point, as crypto-enthusiasts are born in the real world and inevitably cash out. There are already chain analysis firms and software that are increasingly efficient at tracking transactions on the Bitcoin blockchain.[8] This lack of privacy is one of the limitations of Bitcoin that has resulted in the creation of altcoins that experiment with the different features a cryptocurrency can have. Privacy coins are figuring out how to introduce privacy in addition to the payment network. The goal is to make the cryptocurrency fungible, each unit able to be exchanged for equal value without knowledge of its transaction history – like cash, while being publicly verifiable on a decentralized network. In other words, anyone can add the math up without being able to see the full details. Some privacy solutions and protocols have popped up as a result:

CRYPTONOTE – RING SIGNATURES AND STEALTH ADDRESSES

Used in: Monero and Particl as its successor RING-CT, Bytecoin
In December 2012, CryptoNote introduced the use of ring signatures and stealth addresses (along with other notable features such as its own codebase) to improve cryptocurrency privacy.[9] An updated CryptoNote version 2 came in October 2013 [10](though there is some dispute over this timeline [11]), also authored under the name Nicolas van Saberhagen. Ring signatures hide sender information by having the sender sign a transaction using a signature that could belong to multiple users. This makes a transaction untraceable. Stealth addresses allow a receiver to give a single address which generates a different public address for funds to be received at each time funds are sent to it. That makes a transaction unlinkable. In terms of privacy, CryptoNote gave us a protocol for untraceable and unlinkable transactions. The first implementation of CryptoNote technology was Bytecoin in March 2014 (timeline disputed [12]), which spawned many children (forks) in subsequent years, a notable example being Monero, based on CryptoNote v2 in April 2014.
RING SIGNATURES and STEALTH ADDRESSES

PROS

– Provides sender and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume
-Does not hide transaction information if not combined with another protocol.

COINJOIN

Used in: Dash
Bitcoin developer Gregory Maxwell proposed a set of solutions to bring privacy to Bitcoin and cryptocurrencies, the first being CoinJoin (January 28 – Aug 22, 2013).[13],[14] CoinJoin (sometimes called CoinSwap) allows multiple users to combine their transactions into a single transaction, by receiving inputs from multiple users, and then sending their outputs to the multiple users, irrespective of who in the group the inputs came from. So, the receiver will get whatever output amount they were supposed to, but it cannot be directly traced to its origination input. Similar proposals include Coinshuffle in 2014 and Tumblebit in 2016, building on CoinJoin but not terribly popular [15],[16]. They fixed the need for a trusted third party to ‘mix’ the transactions. There are CoinJoin implementations that are being actively worked on but are not the most popular privacy solutions of today. A notable coin that uses CoinJoin technology is Dash, launched in January 2014, with masternodes in place of a trusted party.
COINJOIN

PROS

– Provides sender and receiver privacy
– Easy to implement on any cryptocurrency
– Lightweight
– Greater scalability with bulletproofs
– Mature technology

CONS

– Least anonymous privacy solution. Transaction amounts can be calculated
– Even without third-party mixer, depends on wealth centralization of masternodes

ZEROCOIN

Used in: Zcoin, PIVX
In May 2013, the Zerocoin protocol was introduced by John Hopkins University professor Matthew D. Green and his graduate students Ian Miers and Christina Garman.[17] In response to the need for use of a third party to do CoinJoin, the Zerocoin proposal allowed for a coin to be destroyed and remade in order to erase its history whenever it is spent. Zero-knowledge cryptography and zero-knowledge proofs are used to prove that the new coins for spending are being appropriately made. A zero-knowledge proof allows one party to prove to another that they know specific information, without revealing any information about it, other than the fact that they know it. Zerocoin was not accepted by the Bitcoin community as an implementation to be added to Bitcoin, so a new cryptocurrency had to be formed. Zcoin was the first cryptocurrency to implement the Zerocoin protocol in 2016. [18]
ZEROCOIN

PROS

– Provides sender and receiver privacy
– Supply can be audited
– Relatively mature technology
– Does not require a third-party

CONS

– Requires trusted setup (May not be required with Sigma protocol)
– Large proof sizes (not lightweight)
– Does not provide full privacy for transaction amounts

ZEROCASH

Used in: Zcash, Horizen, Komodo, Zclassic, Bitcoin Private
In May 2014, the current successor to the Zerocoin protocol, Zerocash, was created, also by Matthew Green and others (Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza).[19] It improved upon the Zerocoin concept by taking advantage of zero-knowledge proofs called zk-snarks (zero knowledge succinct non-interactive arguments of knowledge). Unlike Zerocoin, which hid coin origins and payment history, Zerocash was faster, with smaller transaction sizes, and hides transaction information on the sender, receiver and amount. Zcash is the first cryptocurrency to implement the Zerocash protocol in 2016. [20]
ZEROCASH

PROS

– Provides full anonymity. Sender, receiver and amount hidden.
– Privacy can be default?
– Fast due to small proof sizes.
– Payment amount can be optionally disclosed for auditing
– Does not require any third-party

CONS

– Requires trusted setup. (May be improved with zt-starks technology)
– Supply cannot be audited. And coins can potentially be forged without proper implementation.
– Private transactions computationally intensive (improved with Sapling upgrade)

CONFIDENTIAL TRANSACTIONS

Used in: Monero and Particl with Ring Signatures as RING-CT
The next proposal from Maxwell was that of confidential transactions, proposed in June 2015 as part of the Sidechain Elements project from Blockstream, where Maxwell was Chief Technical Officer.[21],[22] It proposed to hide the transaction amount and asset type (e.g. deposits, currencies, shares), so that only the sender and receiver are aware of the amount, unless they choose to make the amount public. It uses homomorphic encryption[23] to encrypt the inputs and outputs by using blinding factors and a kind of ring signature in a commitment scheme, so the amount can be ‘committed’ to, without the amount actually being known. I’m terribly sorry if you now have the urge to go and research exactly what that means. The takeaway is that the transaction amount can be hidden from outsiders while being verifiable.
CONFIDENTIAL TRANSACTIONS

PROS

– Hides transaction amounts
– Privacy can be default
– Mature technology
– Does not require any third-party

CONS

– Only provides transaction amount privacy when used alone

RING-CT

Used in: Monero, Particl
Then came Ring Confidential transactions, proposed by Shen-Noether of Monero Research Labs in October 2015.[24] RingCT combines the use of ring signatures for hiding sender information, with the use of confidential transactions (which also uses ring signatures) for hiding amounts. The proposal described a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature which “allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation”.[25] RingCT was implemented in Monero in January 2017 and made mandatory after September 2017.
RING -CONFIDENTIAL TRANSACTIONS

PROS

– Provides full anonymity. Hides transaction amounts and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume

MIMBLEWIMBLE

Used in: Grin
Mimblewimble was proposed in July 2016 by pseudonymous contributor Tom Elvis Jedusorand further developed in October 2016 by Andrew Poelstra.[26],[27] Mimblewimble is a “privacy and fungibility focused cryptocoin transaction structure proposal”.[28] The key words are transaction structure proposal, so the way the blockchain is built is different, in order to accommodate privacy and fungibility features. Mimblewimble uses the concept of Confidential transactions to keep amounts hidden, looks at private keys and transaction information to prove ownership of funds rather than using addresses, and bundles transactions together instead of listing them separately on the blockchain. It also introduces a novel method of pruning the blockchain. Grin is a cryptocurrency in development that is applying Mimblewimble. Mimblewimble is early in development and you can understand it more here [29].
MIMBLEWIMBLE

PROS

– Hides transaction amounts and receiver privacy
– Privacy is on by default
– Lightweight
– No public addresses?

CONS

– Privacy not very effective without high volume
– Sender and receiver must both be online
– Relatively new technology

ZEXE

Fresh off the minds of brilliant cryptographers (Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu), in October 2018 Zexe proposed a new cryptographic primitive called ‘decentralized private computation.[30] It allows users of a decentralized ledger to “execute offline computations that result in transactions”[31], but also keeps transaction amounts hidden and allows transaction validation to happen at any time regardless of computations being done online. This can have far reaching implications for privacy coins in the future. Consider cases where transactions need to be automatic and private, without both parties being present.

NETWORK PRIVACY

Privacy technologies that look at network privacy as nodes communicate with each other on the network are important considerations, rather than just looking at privacy on the blockchain itself. Anonymous layers encrypt and/or reroute data as it moves among peers, so it is not obvious who they originate from on the network. They are used to protect against surveillance or censorship from ISPs and governments. The Invisible Internet Project (I2P) is an anonymous network layer that uses end to end encryption for peers on a network to communicate with each other.[32] Its history dates back to 2003. Kovri is a Monero created implementation of I2P.[33] The Onion Router (Tor) is another anonymity layer [34]) that Verge is a privacy cryptocurrency that uses. But its historical link to the US government may be is concerning to some[35]. Dandelion transaction relay is also an upcoming Bitcoin improvement proposal (BIP) that scrambles IP data that will provide network privacy for Bitcoin as transaction and other information is transmitted.[36],[37],[38]

UPCOMING

Monero completed bulletproofs protocol updates that reduce RINGCT transaction sizes and thus transaction fee costs. (Bulletproofs are a replacement for range proofs used in confidential transactions that aid in encrypting inputs and outputs by making sure they add to zero).
Sigma Protocol – being actively researched by Zcoin team as of 2018 to replace Zerocoin protocol so that a trusted setup is not required.[39] There is a possible replacement for zk-snarks, called zk-starks, another form of zero-knowledge proof technology, that may make a trusted set-up unnecessary for zero-knowledege proof coins.[40]

PART 1 CONCLUSION OF THE PRIVACY COIN GUIDE ON THE TECHNOLOGY BEHIND PRIVACY COINS

Although Bitcoin is still a groundbreaking technology that gives us a trust-less transaction system, it has failed to live up to its expectations of privacy. Over time, new privacy technologies have arrived and are arriving with innovative and exciting solutions for Bitcoin’s lack of fungibility. It is important to note that these technologies are built on prior research and application, but we are considering their use in cryptocurrencies. Protocols are proposed based on cryptographic concepts that show how they would work, and then developers actually implement them. Please note that I did not include the possibility of improper implementation as a disadvantage, and the advantages assume that the technical development is well done. A very important point is that coins can also adapt new privacy technologies as their merits become obvious, even as they start with a specific privacy protocol. Furthermore, I am, unfortunately, positive that this is not an exhaustive overview and I am only covering publicized solutions. Next, we’ll talk more about the pros and cons and give an idea of how the coins can be compared.

There's a video version that can be watched, and you can find out how to get the second two parts if you want on my website (video link on the page): https://cryptoramble.com/guide-on-privacy-coins/
submitted by CryptoRamble to ethtrader [link] [comments]

UMI scales quickly and integrates easily 🚀

UMI scales quickly and integrates easily 🚀

https://preview.redd.it/cn2daera0n951.jpg?width=1023&format=pjpg&auto=webp&s=34e3dbd5efd01bec9248ab9d36afabb594a14be5
Despite the emergence of new technological solutions, only about 2000 transactions are still placed in the Bitcoin network block, and the block itself is created in about 10 minutes. For 11 years, developers have not been able to agree and implement a solution that would allow to scale the system and improve performance qualitatively.

Most other cryptocurrencies have a similar problem. They are launched and continue to work almost in their original form even after the appearance of numerous innovative solutions. So, the Ethereum network has been trying to switch to the PoS algorithm for more than two years, but due to code complexities, security threats and problems with reaching the necessary consensus, this causes enormous inconvenience. When creating UMI, all these problems were taken into account.

⭐️UMI code ensures the safe implementation of any updates. The network is easily modified and scaled with new high-tech solutions.

Thanks to the Proof-of-Authority technology, you can increase the block size or introduce any development without hard forks and threats to the network. Moreover, UMI makes full use of the Merkle tree and has high-quality API and SDK tools that allow you to interact with all kinds of crypto platforms.

❗️UMI features provide easy integration with existing payment systems, exchangers and cryptocurrency exchanges.
submitted by UMITop to u/UMITop [link] [comments]

HEX juicy importance

Typical Bitcoin forks have a couple of issues Frail security: Double spends On the off chance that the fork utilizes a similar evidence of work, or mining equipment, it's inconsequential for diggers from the bigger unique venture to assault it.
Medium BitcoinHEX utilizes the very much tried ERC20 standard to keep away from any of these issues. Powerless advancement: Fewer engineers In principle, a bigger network of engineers will attempt more cool things and complete in excess of a littler network.
BitcoinHEX by being an ERC20 token gets full favorable position of the biggest pool of designers in crypto (Ethereum engineers), and the entirety of the cool new innovations they make, for example, appropriated trades, nuclear swaps, and so forth
Poor motivator arrangement: Free riders You and your cooperation difficult to make something new and cool, to have a whale wake up one day and glimmer crash the market on you. Why? Free loaders suck.
BitcoinHEX "We're all Satoshi" include which gives every unclaimed coin to individuals that claimed at 2% per week more than 50 weeks implies that in under a year, just genuinely invested individuals will hold the token.
Out of line dissemination Should the person that lives in china with free power and about free work accessible get most of all the recently stamped coins (expansion)? While expanding centralization, and not wanting to haggle with the journalists of the product they run (center designers.) BitcoinHEX is genuinely circulated to those that advance it through: the 5% referral hold it, through staking, or on the other hand help get the undertaking to minimum amount and appropriation (rewards for cases and guarantee size.)
The rich getting more extravagant unreasonably Trades and assets reward themselves while offering nothing to the little folks whose Bitcoin they should be in guardianship of. Trades are something contrary to what Bitcoin was made for. Distributed money. Not companion to trade to peer money. They're large security openings that have l ost a large number of dollars of client reserves.
Whales asserting BitcoinHEX are punished 50-75% on the grounds that who actually needs some mammoth trade or store guaranteeing an enormous part of your token to dump on you at their recreation? Punishment triggers from 1k-10k+ coins.
Expansion for security Though Bitcoin has expanded its stockpile by 17 million coins over its reality by paying diggers to mine (square rewards.) BitcoinHEX needn't bother with expansion for security. Enough individuals are digging Ethereum for a wide range of reasons that we don't need to pay them BitcoinHEX to do as such.
Disparagement of the first A few forks like to imagine they're the genuine article, and not only a duplicate. They do this by having a fundamentally the same as name, logo, and even purchase twitter handles and sites that used to advance the genuine article, to advance the duplicate. In reality a duplicate does best when it separates itself with better highlights, evaluating, or promoting. In the event that your plan of action incorporates claiming to be something you're not, it's a terrible plan of action. BitcoinHEX isn't Satoshi's vision, it's likewise not Bitcoin. It's Bitcoin forked into Ethereum. That has focal points ordinary Bitcoin forks don't. It is amusing to prod different forks when satoshisvision.com focuses to BitcoinHEX.com however Smiley They earned that prodding.
Why BitcoinHEX is incredible Low expansion
All the cool game hypothesis that quickens appropriation of the undertaking ends in under 1 year. At that point the main expansion in the undertaking originates from individuals that've removed coins from flow by staking. At the point when the main swelling you have is from remunerations to individuals that have trustlessly and safely bolted up their tokens for an extensive stretch of time, that is incredible for esteem.
No paying excavators for security with square rewards Conveyance to those well on the way to have been in crypto the longest Simple for trades to coordinate because of recognition and trust of ERC20 standard. Works with appropriated trades no problem at all Works with nuclear swaps no problem at all Most devs in the crypto (Ethereum) Simple case apparatus, asserts all UTXOs in a location without a moment's delay
Incredible advertising. Howdy Smiley Low charges. A bitcoinHEX exchange would just cost around 27 pennies or less on 5/24/2018 Scaling arrangements not too far off. Vitalik Buterin has been distributing take a shot at evidence of stake and sharding which could lessen waste and increment exchange limit incredibly.
Incredible practice, particularly in the event that you've never encountered the biggest crypto environment and second biggest by marketcap.
Advances free discourse. You can transmit your business and financial vitality that used to just exist in the Bitcoin language, in the Ethereum language. Broadens your scope of individuals you can exchange with, talk tokens to.
Tokenomics Moment Referral Bonus Individuals you allude get came up with all required funds, and you get a 5% referral reward. Appropriation rewards to stakers (end on 50th week, since all cases will be finished)
We're all Satoshi (week after week) Like clockwork a reward equivalent to 2% of unclaimed assets is dispersed to individuals that claimed. Reward topped at 100% of unclaimed tokens. For example, if Satoshi doesn't guarantee, individuals who willed get a reward equivalent to his coins after some time, however not more.
Speed Bonus (paid to petitioner on guarantee) Claimable: Balance in addition to [math below] first week 10%< second week (10% x (.95 to the intensity of [week number]) SpeedBonuss Viral Bonus (week by week) The more individuals that guarantee, the bigger the rewards Complete reward upmod (Guarantee % of 1/3 all out conceivable case occasions)/10 Minimum amount Bonus (week by week) The bigger the cases the bigger the rewards. All out reward upmod (Guarantee % of all out potential coins)/10 A debt of gratitude is in order for the rewards Inception contract gets a similar reward you do. Selection rewards to stakers (end on 50th week, since all cases will be finished)
Senseless whales Singular cases 1k to 10k+ btc punished 50 to 75% directly scaled before rewards.
Goxmenot Gox trustee addresses can't guarantee Typical Staking (Not thought about a reward and doesn't end at 50 weeks) 1% per 10 days. Longer lockup= impetus multiplier Example Time reward: multi day lockup = 129.6% (on the grounds that 3.6 occasions 36%= 129.6%)
Time divider As % of profit tokens is bolted up, decreases reward multiplier. In the event that half bolted up at start, at that point multiplier decreased half Early winged creatures get the worms.
Guaranteeing A depiction of the Bitcoin UTXO will be taken at square tallness (to be reported after agreement is reviewed). The UTXO set will be smoothed for gas effectiveness, and the Merkle tree foundation of that set will be implanted in an ERC20 token agreement to permit Bitcoin holders to reclaim their tokens.
HEX links: Website: https://hex.win/ Twitter page: https://twitter.com/HEXCrypto Facebook page: https://www.facebook.com/HEXcrypto Telegram page: https://t.me/HEXcrypto Github: https://github.com/bitcoinHEX Reddit page: https://hexcrypto.reddit.com/ Medium page: https://medium.com/hex-crypto/ Ann: https://bitcointalk.org/index.php?topic=4523610.0
Author information; Bitcointalk username: Corneafx Bitcointalk profile: https://bitcointalk.org/index.php?action=profile;u=2649614
submitted by Corneafx to Cryptocoinworld [link] [comments]

[Discord Conv.] Salute to Crazy ones

Disclaimer:
This is my editing. So there could be some misunderstandings.
Even if u/longfld posted similar screenshots already(thanks to him/her), I'd like to share this summary again, 'cause it has some more contents.
Sometimes, we need more enjoyable stuff to read on this rough, dynamic ride to a new world.

2/18
*** Here's to the crazy ones. The misfits. The rebels. The troublemakers. The round pegs in the square holes. The ones who see things differently. They're not fond of rules. And they have no respect for the status quo. You can quote them, disagree with them, glorify or vilify them. About the only thing you can't do is ignore them. Because they change things. They push the human race forward. And while some may see them as the crazy ones, we see genius. Because the one who are crazy enough to think they can change the world are the ones who do. *** from 'think different' ad campaign

TCP/IP
TCP/IP, or the Transmission Control Protocol/Internet Protocol, is a suite of communication protocols used to interconnect network devices on the internet.
TCP/IP specifies how data is exchanged over the internet by providing end-to-end communications that identify how it should be broken into packets, addressed, transmitted, routed and received at the destination.

DAPP
DApp is an abbreviated form for decentralized application.
A DApp has its backend code running on a decentralized peer-to-peer network. Contrast this with an app where the backend code is running on centralized servers.

Ontology
a set of concepts and categories in a subject area or domain that shows their properties and the relations between them.

Hans Moog [IF]어제 오후 9:00
[about the release of GoShimmer v0.2.0?]
Originally we wanted to release the new version end of next week but due to the hack this might be a bit delayed
but yeah we have a pretty concrete plan
the next version will be pretty interesting as it will introduce the changes that will turn IOTA into a general purpose DLT platform that can run pretty much anything that is even remotely related to DLT on it
I will write a bit more about that when there is time (maybe even do a video)

Hans Moog [IF]어제 오후 9:02
value transfers will essentially be the first DAPP that runs on the tangle
so we need that before we can integrate the ledger

Hans Moog [IF]어제 오후 9:04
[are you talking about the atomic transaction layout?]
not just that
also a different layered architecture which we call "the ontologies concept"
but its one of the building blocks yeah
tangle will essentially be like the decentralized version of TCP/IP
a general purpose protocol
once value transfers are implemented I have already a few interesting ideas for additional DAPPS
Coordicide is pretty "complex" as it requires a lot of different protocols - being able to completely separate the building blocks makes it much easier to get them "secure"

Hans Moog [IF]어제 오후 9:08
the decentralized randomness required for FPC will for example be an app running on the tangle
DRAND App

Hans Moog [IF]어제 오후 9:14
[about the new ontologies concept]
It's not really layed out in a public forum post yet but we discussed and finalized the specs on the last research summit last week

Hans Moog [IF]어제 오후 9:19
[isn't this new ontology almost like part of multiverse consensus?]
yes
a lot of the idea that were part of the original multiverse concepts are useful also for the current coordicide
we will for example be able to separate the fate of data transactions and value transactions, which means that you can send data txs without having to be worried that they are rejected, because they attach to a double spend,
which is a requirement for a general purpose protocol anyway

Hans Moog [IF]어제 오후 9:20
[that sounds awesome!! To have a "base" tangle, and on this base tangle different "subtangles" for different applications - value transfers, DRAND, messaging, ...]
Archiving, DRAND, chat, MAM, DID, ...
you could even have phone calls on the tangle

Hans Moog [IF]어제 오후 9:21
but i guess for these kind of things it makes more sense to have a 1:1 connection
its extremely simple
the point is that it makes the code much simpler

Hans Moog [IF]어제 오후 9:22
you can even have different consensus mechanisms next to each other for different apps
some apps like decentralized chats for example don't even need consensus
or if you want to build a decentralized version of facebook

Hans Moog [IF]어제 오후 9:22
you don't need consensus here
and it not going to be "separate tangles" that have nothing to do with each other
everything runs in the same main tangle

Hans Moog [IF]어제 오후 9:30
it's not very complex - that's the beautiful thing
in fact it makes stuff much easier

Hans Moog [IF]어제 오후 9:31
Maybe I can do a video about it in the coming days
writing a network application if you can use TCP/IP is much easier than if you would have to implement the networking from scatch and communicate with the wires in your pc

Hans Moog [IF]어제 오후 9:39
**[**Is the "base decentralized TCP/IP layer" already spec out and ready to be implemented? As this will become the "heart" of the tangle.]
yep
its coded already
we started merging the code

Hans Moog [IF]어제 오후 9:44
[Doesn't "DRNG via committee" still make the network somewhat centralized?]
Not really.
1. The committee members do not "control" consensus.
2. If committee members get taken offline by for example government intervention, then the next highest mana holder just joins the committee.
So you still maintain all the benefits of a decentralized network.
resilience against outside actors, no single actor controls the system

Hans Moog [IF]어제 오후 9:46
[How does commitee get chosen, by who, which parameters?]
as the first version of goshimmer we will most probably have a fixed committee of some IF nodes + selected community members, but in the final protocol, the highest mana nodes will just issue a randomness beacon according to the protocol
so the committee is dynamic

Hans Moog [IF]어제 오후 9:47
[Does commitee agree on the same number and then broadcast it or...?]
If I am informed correctly, then its based on threshold signatures
But I didn't work on that part, so I am not 100% sure how exactly it works
its a bit hard to keep track of everything and also code at the same time

Hans Moog [IF]어제 오후 9:47
we have a few teams in the research department where every team specs one of the building blocks for engineering

Hans Moog [IF]어제 오후 9:49
[You know perhaps if this drand stuff has been coded already as well?]
yeah, but don't ask me in which branch

Hans Moog [IF]어제 오후 9:49
and it will be adjusted to the new ontologies concepts

Hans Moog [IF]어제 오후 9:50
[isn't this approach with DAPPs similar to ICT and IXIs?]
in a way, yes but its a bit more powerful now, as the DAPPS are completely isolated and "rejecting" transactions in one app does not cause all of the transactions that approve it to be rejected
in IXI and ICT a chat message would disappear if it approved a double spend

Hans Moog [IF]어제 오후 9:56
[if Jaguar would implement a new DAPP with a "new coin" on the tangle with a custom DAPP consensus mechanism?]
yeah you could create new coins on top of the tangle with their custom consensus mechanism
but every one of these new coins would need to be able to also understand IOTA transfers
and the nodes would ultimately have to have mana to be able to take part in the network
so if somebody would for example implement bitcoin on top of the tangle, then the bitcoin miners would need to buy IOTA to be able to send messages in the network
We will most probably see a lot of companies also build proprietary stuff on the tangle
you can even have "private" apps on the tangle
that are encrypted
so you can have stuff that would require a "private inhouse blockchain" to use the global infrastructure of the tangle
its extremely powerful

Hans Moog [IF]어제 오후 9:59
[making a "new coin" that is private like monero on the basis of the tangle - using a private DAPP? Crazy powerful!]
yeah you can have a "privacy coin" on top of the tangle
that is maybe not as fast and scalable as IOTA itself and might even have fees

Hans Moog [IF]어제 오후 9:59
but if people are willing to pay for this extra service then you can have private transactions without having to "leave" the ecosystem
and without having to give up scalability for the IOTA base layer

Hans Moog [IF]어제 오후 10:05
[Crazy powerful!
and everything would need IOTAs...
Qubic and Oracles would also be a base DAPP on this tangle ...]
exactly

Hans Moog [IF]어제 오후 10:08
[So if i understand correct, other coins on the Tangle would not have a negative impact on the value of the IOTA. Even the other way around.****]
IOTA would always be the native coin which would be the fastest and most secure one, yeah
if there would ever be a coin that would be faster and more secure, then it would make sense to implement that in IOTA core

Hans Moog [IF]어제 오후 10:10
[so no transaction will be rejected anymore from the base tangle layer? In the worst case - if in every DAPP consense mechanism this transaction would be rejected, because of double spend or not useful for this DAPP - it is just seen as data transaction?!]
yeah more or less
you might still have to reattach a value transfer rare edge cases (if your node is out of sync or sth) but you will never have to reattach a "non-value-transfer"
or well ...
if you attach sth to a part of the tangle that is really old and everybody has snapshotted that already then you would still have to reattach
but a tx does not "depend" on other apps anymore
so if 1 app says its bad and we want to orphan it, then this happens on another layer

Hans Moog [IF]어제 오후 10:16
[So weaker nodes may work without ledger, like just a hub?]
nah you always need to support iota value transfers for the rate control

Hans Moog [IF]어제 오후 10:16
[because of the mana?!]
but a node that is not interested in the decentralized facebook and only wants to process MAM messages can do so
yeah mana is the thing that ties everything together and to know the mana you need to know IOTA value transfers
I mean ... you could rely on a centralized service that provides you the mana balances, so even very hardware-constraint nodes could theoretically take part in the network
but then you might process a few txs that others drop if this centralized service would give you the wrong balances
but the whole point of IOTA is to be shardable and lightweight
so you wont need much for the value transfer layer anyway

Hans Moog [IF]어제 오후 10:21
[Have you ever thought about how much storage (permanode) you need if IOTA becomes the new TCP/IP ?]
but if you want to only "issue" transactions and receive your mana by people assigning it to you (i.e. a company remotely loading up their sensors with mana), then you can essentially do that.
one of the first applications I will implement is an "archiving APP" that records the activity in the tangle and allows you to "prove" that a certain tx was part of the tangle at some point in the past.
recording 100 years of activity in the tangle (independently of the TPS) will require less than 1 GB
much less actually
the magic of merkle trees

Hans Moog [IF]어제 오후 10:23
[of all transactions of every DAPP?]
yes
everything that ever happened in the tangle

Hans Moog [IF]어제 오후 10:25
[Is the sharding the ontology concept ]
nah its not related
or well everything is somehow related but these APPS are not the "shards"

Hans Moog [IF]어제 오후 10:33
its an essential part of coordicide - this is the next step before integrating the value transfers
so next major version of goshimmer
2-3 weeks max

Hans Moog [IF]어제 오후 10:36
[Nice, so value transfers will probably be implemented till the end of march]
that's the plan, yeah
might be like 1-2 weeks late now due to the hack but we will see
we try our best to catch up after this is sorted out

Hans Moog [IF]오늘 오전 2:24
[so next goshimmer version will be binary too!!!]
yes, I think the next (major) goshimmer version will bring a few of the most fundamental changes in how we perceive the protocol as a whole
not just binary <-> tinary but also regarding its "expressiveness"
and it's really funny because it is essentially just a slight shift of perception regarding the already established principles, that interestingly directly converts into better architecture and simpler code
submitted by btlkhs to Iota [link] [comments]

How Merkle Trees Enable the Decentralized Web! - YouTube Random Crypto-Currency Concept #1 - Merkle Trees Merkle Trees Explained Blockchain/Bitcoin for beginners 7: Blockchain header: Merkle roots and SPV transaction verification Bitcoin Sidechains & SPV Proofs

Although Bitcoin was the first blockchain to implement Merkle trees, many other blockchains implement similar Merkle tree structures or even more complex versions. Further, Merkle tree implementation is not only limited to blockchains and is applied to a variety of other systems. Building the Merkle tree and responding with the paths of matching transaction is a minor cost compared to that. – Pieter Wuille 2 days ago. add a comment Your Answer Thanks for contributing an answer to Bitcoin Stack Exchange! Please be sure to answer the question. Provide details and share your research! But avoid … Asking for help, clarification, or responding to other answers. Making ... For one, the specific Bitcoin application of the Merkle tree means that “pruning” of the chain to optimize space saving. In a nutshell, what it all comes down to on the Bitcoin blockchain is that old blocks are able to be pruned while preserving what intel is needed to generate the Merkle proof. How Merkle Tree Works in Bitcoin. A hash function is a process of converting input data into a bit string of a specified length. The received string, the hash, is very dependent on the array of incoming data. If even one character from the entire array is changed, the resulting hash will take on a completely different value. All transactions in the Bitcoin block are strings in hexadecimal ... Cartoon: There’s a lot of Monies in Merkle Trees The post Cartoon: Lots of Monies in Merkle Trees appeared first on BitcoinNews.com . This entry was posted in Bitcoin News , BitcoinNews.com , Blockchain , cartoon , Cartoon Corner , Cryptocurrency , merkle , merkle tree , News on January 24, 2019 by adminbtc .

[index] [48266] [30915] [2114] [27294] [22238] [44450] [31167] [9386] [5200] [46233]

How Merkle Trees Enable the Decentralized Web! - YouTube

In this lesson, taken from the course, you will see what is a Merkle Tree as well as a Merkle Root, and how they are an integral part of the Bitcoin blockchain. Using a concept called a Merkle tree - in this video I break it down in depth with a simple example and show how a SPV node (Simple Payment Verification) node that does not keep a full copy of the ... Bitcoin 101 - Merkle Roots and Merkle Trees - Bitcoin Coding and Software - The Block Header - Duration: 24:18. CRI 41,575 views. 24:18. Joseph Poon- Plasma and the Public Ethereum Chain ... Seals with clubs arrest warrant Coincenter's regulatory framework for digital currencies California and Canada's legislative progress. Editing Monitors : https://amzn.to/2RfKWgL https://amzn.to/2Q665JW https://amzn.to/2OUP21a. Check out our website: http://www.telusko.com Follow Telusko on T...

#