SHA-3 und Keccak: Mehr als nur Hashing - Golem.de

BitcoinSoV

BSoV: The first mine-able, deflationary, open sourced, decentralized cryptocurrency Hedge to act as a Store of Value against the monetary inflation of fiat currency. BSoV is mined using a simple Keccak256 (Sha3) algorithm. There is No ICO, No Pre-mine, and No Governance. This allows for BSoV to be completely decentralized and fairly distributed. With each transfer of BSoV tokens, 1% of the total transaction is burned forever.
[link]

Slothcoinproject

Slothcoin a modernized and fun peer 2 peer currency, based on Dogecoin and Bitcoin.
[link]

Ethereum Classic (ETC) Suffers Another 51% Attack

Ethereum Classic (ETC) Suffers Another 51% Attack submitted by Solodeji to CryptoCurrencies [link] [comments]

How are Ethereum addresses created?

This says that an Ethereum address is basically a Keccak-256 (SHA-3) with some truncation, basically 20 bytes.
https://cryptoticker.io/en/ethereum-addresses-generation/
Bitcoin by comparison has this nice article: https://en.bitcoin.it/wiki/Technical_background_of_version_1_Bitcoin_addresses
I also found the EIP for checksum addresses, but that of course needs an address to be constructed first: https://eips.ethereum.org/EIPS/eip-55
submitted by Zamicol to ethdev [link] [comments]

Waltonchain adds GNU General Public License details to code - BUT does the code contain this?

Waltonchain adds GNU General Public License details to code - BUT does the code contain this?
Dear Crypto community,
Yesterday we saw Waltonchain release their Open Source code which resulted in huge criticism regarding the oversight of removing the original copyright to the original codebase, Ethereum Go, on which it is based.
Following this, the team have now updated the code to show the original copyright:
Image from Github
Source: https://github.com/WaltonChain/WaltonChain_Gwtc_Src/blob/mastep2p/rlpx.go?utm_source=share&utm_medium=ios_app
Github: https://github.com/WaltonChain?tab=repositories

I'd like to say thank you to the community for having such strong opinion on this matter, and for all the subreddit admins that assisted in creating clarity toward this. As a global community we should hold every blockchain up to the same standards, and I am grateful that this was shown in regard to the GNU General Public License.

Now that the issue is resolved, and since Waltonchain is currently a hot topic, I implore all the coders and devs out there to delve deep into the code to see exactly what Waltonchain have released. Not just the modification to the eth codebase, but the additional code. What does the code allow?

What we've been told as a community is that the Waltonchain source code has changes that allows for:
  • Security - DASH X11 - Most cryptographic algorithms used in cryptocurrencies use only one hash function for calculation. There are 11 of them in X11, which provides a higher degree of protection against hackers and scams. Waltonchain has customised the DASH X11 hashing algorithm to fit their purpose.
  • More secure than Bitcoin. The Bitcoin algorithm is SHA-256 is based on a previous secure hash algorithm family of standards, namely SHA-2, the hash functions within the X11 algorithm all successfully made it into the second-round in search for a new, more secure standard — SHA-3. Keccak, the function which won the competition and is therefore the new standard on which SHA-3 is based on, can at the very least be considered more secure that SHA-256.
  • Efficiency — Waltonchain have produced ASICs with the equivalent hashing power of 200GPUs (32–40kW) whilst using only 135W, thus helping the parent chain become decentralised
  • PoS aspect works in tandem with PoW, in that it adds a reduced difficulty based on number of coins held and time between blocks. Effectively the longer coins are held and the longer the time between blocks, the lower the difficulty for mining blocks. This again enhances the power efficiency of the network in its entirety.
  • Fast cross-chain searching via Proof of Labour —PoL enables hash values or indices from sub-chains (child chains) to be synced with the parent chain in a ‘cross chain index mechanism’ to enable fast searches for data via the parent chain.
  • Scalibility — Unlimited scalibility due to child chains; each CC is an independent blockchain (or DAG) using its own consensus mechanism (PoS, PoA, PoW, PoeT, etc) and can store data within itself. The parent chain by nature therefore cannot become bloated.
  • Atomic Swaps — PoL by nature ensures a record of every inter-chain transaction is held, and allows the function of atomic swaps between currencies.

Also to note is that the code has been audited by Knownsec, the same company that audited projects like HPB and NANO.

Lets have an open dialogue and talk about these features of the code - but firstly, do they exist? Hopefully people will approach this with the same enthusiasm as they did yesterday.

EDIT 1st June: A user on the Waltonchain sub has done an analysis which by the looks of it, disproves the initial assessment by many of the 'blockchain experts' in cc that have said the open source code is simply a copy and paste . https://www.reddit.com/waltonchain/comments/bveqea/changeset_goethereum_v171_to_gwtc_v110/
It is interesting to see just how much people love to hate Waltonchain that they spread misinformation either intentionally, or unintentionally, and that it gets the most attention out of any announcement.

For reference:
Block explorer: www.Waltonchain.pro (all wallets, mining wallet, documentation etc is available via that link)
submitted by Yayowam to CryptoCurrency [link] [comments]

CODE FUD: Resolved.

Dear Waltonchain community,
Yesterday we saw Waltonchain release their Open Source code which resulted in huge criticism regarding the oversight of removing the original copyright to the original codebase, Ethereum Go, on which it is based.
Following this, the team have now updated the code to show the original copyright:
Source: https://github.com/WaltonChain/WaltonChain_Gwtc_Src/blob/mastep2p/rlpx.go?utm_source=share&utm_medium=ios_app
Github: https://github.com/WaltonChain?tab=repositories

I'd like to say thank you to the community for having such strong opinion on this matter, and for all the subreddit admins that assisted in creating clarity toward this. As a global community we should hold every blockchain up to the same standards, and I am grateful that this was shown in regard to the GNU General Public License.

Now that the issue is resolved, and since Waltonchain is currently a hot topic, I implore all the coders and devs out there to delve deep into the code to see exactly what Waltonchain have released. Not just the modification to the eth codebase, but the additional code. What does the code allow?

What we've been told as a community is that the Waltonchain source code has changes that allows for:

Also to note is that the code has been audited by Knownsec, the same company that audited projects like HPB and NANO.

Lets have an open dialogue and talk about these features of the code - but firstly, do they exist? Hopefully people will approach this with the same enthusiasm as they did yesterday.

For reference:
Block explorer: www.Waltonchain.pro (all wallets, mining wallet, documentation etc is available via that link)
submitted by Yayowam to waltonchain [link] [comments]

FUD Copy Pastas

**Last updated: May 30, 2018: Updated wallet info with release of Trinity.
This 4 part series from the IOTA foundation covers most of the technical FUD centered at IOTA.
https://blog.iota.org/official-iota-foundation-response-to-the-digital-currency-initiative-at-the-mit-media-lab-part-1-72434583a2
Also the official IOTA faq on iota.org answers nearly all of these questions if you want to hear the answers directly.
Purpose of Writing
Since posting FUD is so ridiculously low-effort in comparison to setting the record straight, I felt it necessary to put a log of copy-pastas together to balance the scales so its just as easy to answer the FUD as it was to generate it. So next time you hear someone say "IOTA is centralized", you no longer have to take an hour out of your day and spin your wheels with someone who likely had an agenda to begin with. You just copy-paste away and move on.
It's also worth mentioning IOTA devs are too damn busy working on the protocol and doing their job to answer FUD. So I felt a semblance of responsibility.
Here they are. These answers are too my understanding so if you see something that doesn't look right let me know! They are divided into the following categories so if you are interested in a specific aspect of IOTA you can scroll to that section.
1) WALLET
2) COMMUNITY
3) INVESTING
4) TECHNICAL

WALLET

IOTA was hacked and users funds were stolen!

First, IOTA was not hacked. The term “hacked” is thrown around way too brazingly nowadays and often used to describe events that weren’t hacks to begin with. Its a symptom of this space growing way too fast creating situations of the blind leading the blind and causing hysteria.
What happened:
Many IOTA users trusted a certain 3rd party website to create their seed for their wallets. This website silently sent copies of all the seeds generated to an email address and waited till it felt it had enough funds, then it took everyones money simultaneously. That was the ”hack”.
https://blog.iota.org/the-secret-to-security-is-secrecy-d32b5b7f25ef
The lesson:
The absolute #1 marketed feature of crypto is that you are your own bank. Of everything that is common knowledge about crypto, this is at the top. But being your own bank means you are responsible for the security of your own funds. There is no safety net or centralized system in place that is going to bail you out.
For those that don’t know (and you really should if you’ve invested in anything crypto), your seed is your username-pw-security question-backup email all rolled into one. Would you trust a no-name 3rd party website to produce your username+pw for your bank account? Because thats essentially what users did.
The fix:
Make your seed offline with the generators in the sidebar or use dice. This is outlined in the “how to generate wallet and seed” directly following.
The trinity and carriota wallets will have seed generators within them upon their release.

How to generate wallet and seed

1) Download official trinity wallet here
2) follow the instructions on the app.
3) Do not run any apps in conjunction with the trinity app. Make sure all other apps are completely closed out on your device.

Are you sure a computer can’t just guess my seed?

An IOTA seed is 81 characters long. There are more IOTA seed combinations than atoms in the universe. All the computers in the world combined would take millions billions of years just to find your randomly generated one that’s located somewhere between the 0th and the 2781st combination. The chance for someone to randomly generate the exact same seed as yours is 1 / (2781).
If you can’t fathom the number 27 ^ 81, this video should help:
https://www.youtube.com/watch?v=p8YIdmwcubc

Why is Trinity wallet taking so long!!??

Trinity is out. https://trinity.iota.org/

COMMUNITY

IOTA introduction video to share with family

https://youtu.be/LyC04NrJ3yA

Tangle visualizers

http://tangle.glumb.de/

How to setup a full node

Download Bolero and run! Bolero is an all-in-one full node install package with the latest IOTA IRI and Nelson all under a one-click install!
https://github.com/SemkoDev/bolero.fun/releases
"If you want to help the network then spam the network. If you really want to help the network then create a full node and let others spam you!"

No questions or concerns get upvoted, only downvoted!

That’s just the nature of this business. Everyone in these communities has money at stake and are extremely incentivized to keep only positive news at the top of the front page. There is nothing you're going to do about that on this subreddit or any crypto subreddit. It's just a reddit fact of life we have to deal with. Everyone has a downvote and everyone has an upvote. But what can be done is just simply answer the questions even if they are downvoted to hell. Yea most people wont' see the answers or discussion but that one person will. every little bit counts.
I will say that there are most certainly answers to nearly every FUD topic out there. Every single one. A lot of the posts I'm seeing as of late especially since the price spike are rehashed from months ago. They are often not answered not because there isn't an answeexplanation, but because regulars who have the answers simply don't see them (for the reason listed above). I can see how it's easy for this to be interpreted (especially by new users) as there not being an answer or "the FUDsters are on to something" but thats just not the case.

Developer's candidness (aka dev's are assholes!)

http://www.reddit.com/Iota/comments/7obyyx/serious_talk_about_pr_system_iota_and_david/ds8ouvc
http://www.reddit.com/Iota/comments/7obyyx/serious_talk_about_pr_system_iota_and_david/ds8rega
http://www.reddit.com/Iota/comments/7oi9g8/why_is_everyone_so_critical_of_david_this_has_to/ds9rtbb
https://i.redd.it/qb0ik4tgny401.jpg
Lastly and to no surprise, David conducts himself very professionally in this interview even when asked several tough questions about the coordinator and MIT criticism.

IOTA Devs do not respond appropriately to criticism

When critiquers provide feedback that is ACTUALLY useful to the devs, then sure they'll be glad to hear it. So far not once has an outside dev brought up something that the IOTA devs found useful. Every single time it ends up being something that was already taken into consideration with the design and if the critiquer did an ounce of research they would know that. Thus you often find the IOTA devs dismissing their opinion as FUD and responding with hostility because all their critique is really doing is sending the message to their supporters that they are not supposed to like IOTA anymore.
Nick Johnson was a perfect example of this. The Ethereum community was co-existing [peacefully]with IOTA’s community (as they do with nearly all alt coins) until Nick wrote his infamous article. Then almost overnight Ethereum decided it didn’t like IOTA anymore and we’ve been dealing with that shit since. As of today, add LTC to that list with Charlie’s (even admitting) ignorant judgement of IOTA.
12/17/2017: Add John McAfee (bitcoin cash) and Peter Todd (bitcoin) to the list of public figures who have posted ignorantly on IOTA.

A lot of crypto communities certainly like to hate on IOTA...

IOTA is disrupting the disrupters. It invented a completely new distributed ledger infrastructure (the tangle) that replaces the blockchain and solves all of its fundamental problems (namely fees and scaling). To give you an idea of this significance, 99% of the cryptocurrencies that exist are built on a block chain. These projects have billions of dollars invested into them meaning everyone in their communities are incentivized to see IOTA fail and spread as much FUD about it as possible. This includes well known organizations, public figures, and brands. Everyone commenting in these subreddits and crypto communities have their own personal money at stake and skin in the game. Misinformation campaigns, paid reddit posters, upvote/downvote bots, and corrupt moderators are all very real in this space.

INVESTING

How do I buy IOTA

https://medium.com/@fuo213/how-to-buy-iota-the-complete-guide-for-crypto-dummies-e63560caf921

What is the IOTA foundation?

IOTA foundation is a non-profit established in Germany and recognized by the European Union. Blog post here: https://blog.iota.org/iota-foundation-fb61937c9a7e

How many companies and organizations are interested, partnered or actively using IOTA?

A lot, and often too many to keep up with.
https://reddit.com/Iota/comments/7f3dmx/list_of_known_iota_partnerships_corporate/

How was IOTA distributed?

All IOTAs that will ever exist were sold at the ICO in 2015. There was no % reserved for development. Devs had to buy in with their personal money. Community donated back 5% of all IOTA so the IOTA foundation could be setup.

No inflation schedule? No additional coins? How is this sustainable?

Interestingly enough, IOTA is actually the only crypto that does not run into any problems with a currency cap and deflationaryism. Because there are zero fees, you will always be able to pay for something for exactly what it's worth using IOTA, no matter how small the value. If by chance in the future a single iota grows so large in value that it no longer allows someone to pay for something in fractions of a penny, the foundation would just add decimal points allowing for a tenth or a hundreth or a thousandth of an iota to be transacted with.
To give you some perspective, if a single IOTA equals 1 penny, IOTA would have a 27 trillion dollar market cap (100x that of Bitcoin's today)

IOTA is not for P2P, only for M2M

With the release of the trinity wallet, it's now dead simple for anyone to use IOTA funds for P2P. Try it out.

Companies technically don’t have to use the IOTA token

Yes they do
Worth clarifying that 0 iota data transactions are perfectly fine and are welcomed since they still provide pow for 2 other transactions and help secure the network. In the early stages, these types of transactions will probably be what give us the tps/pow needed to remove the coordinator and allow the network defend 34% attacks organically.
But... if someone does not want to sell or exchange their data for free (0 IOTA transaction), then Dominic is saying that the IOTA token must be used for that or any exchange in value on the network.
This is inherently healthy for the ecosystem since it provides a neutral and non-profit middle ground that all parties/companies can trust. If one company made their own token it wouldn’t be trusted since companies are incentivized by profits and nothing is stopping them from manipulating their token to make them more money. Thus, the IOTA foundation will not partner with anyone who refuses to take this option off the table.

All these companies are going to influence IOTA development!!

These companies have no influence on the development of IOTA. They either choose to use it or they don’t.

Internet of things is cheap and will stay cheap

Internet of things is one application of IOTA and considered by many to be the 4th industrial revolution. Go do some googling. IOTA having zero fees enables M2M for the first time in history. Also, if a crypto can do M2M it sure as shit can do M2P and P2P. M2M is hard mode.

IOTA surpassing speculation

IOTA, through the data marketplace and [qubic](qubic.iota.org), will be the first crypto to surpass speculation and actually be used in the real world for something. From there, it will branch out into other use cases, such as P2P. Or maybe P2P use of IOTA will grow in parallel with M2M, because why not?
https://blog.iota.org/iota-data-marketplace-cb6be463ac7f
12/19/17 update: Bosch reinforces IOTA's break-out from speculation by buying IOTA tokens for its future use in the data marketplace. https://i.redd.it/8e5b8bi9ov401.png
http://www.bosch-presse.de/pressportal/de/en/robert-bosch-venture-capital-makes-first-investment-in-distributed-ledger-technology-137411.html

Investing in a new project barely off the ground

Investing in a project in its early stages was something typically reserved for wealthy individuals/organizations before ICO’s became a thing. With early investing comes much less hand holding and more responsibility on the user to know what they are doing. If you have a hard time accepting this responsibility, don’t invest and wait for the technology to get easier for you. How many people actually knew how to use and mine bitcoin in 2009 before it had all its gui infrastructure?
IOTA is a tangle, the first of its kind. NOT a copy paste blockchain. As a result wallets and applications for IOTA are the first of their kind and translating the tangle into a nice clean user-friendly blockchain experience for the masses is even more taxing.

Why is the price of my coin falling?!

This may be the most asked question on any crypto subreddit but it's also the easiest to explain. The price typically falls when bad things happen to a coin or media fabricates bad news about a coin and a portion of investors take it seriously. The price increases when good things happen to a coin, such as a new exchange listing or a partnership announced etc.. The one piece that is often forgotten but trumps all these effects is something called "market forces".
Market forces is what happens to your coin when another coin gets a big news hit or a group of other coins get big news hits together. For example, when IOTA data marketplace released, IOTA hit a x5 bull run in a single week. But did you notice all the other alt coins in the red? There are a LOT of traders that are looking at the space as a whole and looking to get in on ANY bull action and will sell their other coins to do so. This effect can also be compounded over a long period of time such as what we witnessed when the bitcoin fork FOMO was going on and alt coins were squeezed continuously to feed it for weeks/months.
These examples really just scratch the surface of market forces but the big takeaway is that your coin or any coin will most certainly fall (or rise) in price at the result of what other coins are doing, with the most well known example being bitcoin’s correlation to every coin on the market. If you don't want to play the market-force game or don't have time for it, then you can never go wrong buying and holding.
It's also important to note that there are layers of investors. There's a top layer of light-stepping investors that are a mixture of day traders and gamblers trying to jump in and jump out to make quick money then look for the next buying (or shorting) opportunity at another coin. There's a middle layer of buyers and holders who did their research, believe in the tech and placing their bets it will win out in the long run. And the bottom layer are the founders and devs that are in it till the bitter end and there to see the vision realized. When a coin goes on a bull run, always expect that any day the top layer is going to pack up and leave to the next coin. But the long game is all about that middle layer. That is the layer that will be giving the bear markets their price-drop resistance. That is why the meme "HODL" is so effective because it very elegantly simplifies this whole concept for the common joe and makes them a part of that middle layer regardless if they understand whats going on or not.

TECHNICAL

How is IOTA free and how does it scale

IOTA is an altruistic system. Proof of work is done in IOTA just like bitcoin. Only a user’s device/phone must do pow for 2 other transactions before issuing one of its own. Therefore no miners and no fees. And the network becomes faster the more transactions are posted. Because of this, spamming the network is encouraged since they provide pow for 2 other transactions and speed up the network.

IOTA is centralized

IOTA is more decentralized than any blockchain crypto that relies on 5 pools of miners, all largely based in China. Furthermore, the coordinator is not a server in the dev’s basement that secretly processes all the transactions. It’s several nodes all around the globe that add milestone transactions to show the direction of the IF’s tangle within the DAG so people don’t accidentally follow a fork from a malicious actor. Anyone with the know-how can fork the tangle right now with a double-spend. But no one would follow their fork because the coordinator reveals which tangle is the legit IF one. If the coordinator wasn’t there (assuming low honest-transaction volume), there would be no way to discern which path to follow especially after the tangle diverges into forks of forks. Once throughout of honest transactions is significant enough, the “honest tangle” will replace the coordinated one and people will know which one to follow simply because it’s the biggest one in the room.
Referencing the coordinator is also optional.
Also, if you research and understand how IOTA intends to work without the coordinator, it’s easier to accept it for now as training wheels. I suggest reading pg 15 and on of the white paper analyzing in great depth how the network will defend different attack scenarios without a coordinator. For the past several months, IOTA foundation has been using St Petersburg college’s super computer to stress test IOTA and learn when they can turn the coordinator off. There will likely be a blog about the results soon.
This is another great read covering double spends on IOTA without a coordinator: www.tangleblog.com/2017/07/10/is-double-spending-possible-with-iota/
This too: http://www.reddit.com/Iota/comments/7eix4a/any_iota_guru_that_can_explain_what_this_guy_is/dq5ijrm
Also this correspondence with Vitalik and Come_from_Beyond https://twitter.com/DavidSonstebo/status/932510087301779456
At the end of the day, outstanding claims require outstanding evidence and folks approaching IOTA with a “I’ll believe it when I see it” attitude is completely understandable. It’s all about your risk tolerance.

Can IOTA defend double spend attacks?

99% of these “but did they think about double spend attacks?” type questions could just be answered if people went and did their own research. Yes of course they thought about that. That’s like crypto101…
www.tangleblog.com/2017/07/10/is-double-spending-possible-with-iota/

Will IOTA have smart contracts?

Yes - qubic.iota.org

Trinary vs binary?

"By using a ternary number system, the amount of devices and cycles can be reduced significantly. In contrast to two-state devices, multistate devices provide better radix economy with the option for further scaling"
https://www.nature.com/articles/srep36652
https://www.reddit.com/CryptoCurrency/comments/6jgbvb/iota_isnt_it_the_perfect_cryptocurrency/dje8os2/

Bitcoin with lightning network will make IOTA obsolete.

If you want lightning network, IOTA already released it. Called flash channels.
https://blog.iota.org/instant-feeless-flash-channels-88572d9a4385

IOTA rolled its own crypto!

https://blog.iota.org/official-iota-foundation-response-to-the-digital-currency-initiative-at-the-mit-media-lab-part-1-72434583a2
This is why: https://blog.iota.org/the-transparency-compendium-26aa5bb8e260
Cybercrypt has been hired to review and audit it. IOTA is currently running SHA-3/KECCAK now until Curl is ready.

MIT said bad things about IOTA

https://blog.iota.org/official-iota-foundation-response-to-the-digital-currency-initiative-at-the-mit-media-lab-part-1-72434583a2
And for official formal closure that MIT was completely wrong:
https://www.reddit.com/CryptoCurrency/comments/7svr8mit_media_lab_dci_allegations_proven_wrong_iotas/
https://blog.iota.org/curl-disclosure-beyond-the-headline-1814048d08ef
https://medium.com/@comefrombeyond/cfbs-comments-on-https-www-media-mit-edu-posts-iota-response-5834c7f8172d

Nick Johnson says IOTA is bad!

Nick Johnson is an ethereum dev who is incentivized to see IOTA fail, see CFBs twitter responses here.
https://mobile.twitter.com/nicksdjohnson/status/912676954184323073?lang=en
And this
https://t.co/1HgfPhg2lP
And this
https://www.reddit.com/Iota/comments/72lly0/comment/dnjk9f5?st=JB2VKUBB&sh=a2892548
And this
https://blog.iota.org/official-iota-foundation-response-to-the-digital-currency-initiative-at-the-mit-media-lab-part-1-72434583a2

IOTA is not private!

Masked authenticated messages exist right now so data can be transferred privately. Very important for businesses.

Coin privacy

Centralized coin mixer is out that foundation runs. Logs are kept so they can collect data and improve it Folks can copy the coin mixer code and run it themselves. Goal is for mixer to be decentralized and ran by any node.

How do nodes scale? How on earth can all that data be stored?

Full nodes store, update and verify from the last snapshot, which happens roughly every month. Its on the roadmap to make snapshotting automatic and up to each full node’s discretion.With automatic snapshots, each full node will act as a partial perma-node and choose when to snapshot its tangle data. If someone wants to keep their tangle data for several months or even years, they could just choose not to snapshot. Or if they are limited on hard drive space, they could snapshot every week.
Perma-nodes would store the entire history of the tangle from the genesis. These are optional and would likely only be created by companies who wish to sell historical access of the tangle as a service or companies who heavily use the tangle for their own data and want to have quick, convenient access to their data’s history.
Swarm nodes are also in development which will ease the burden on full nodes. https://blog.iota.org/iota-development-roadmap-74741f37ed01

Node discovery is manual? Wtf?

Nelson is fixing has fixed this:
https://medium.com/deviota/carriota-nelson-automatic-peer-discovery-for-iota-bdca9b8b8750
https://medium.com/deviota/carriota-nelson-in-a-nutshell-1ee5317d8f19
https://github.com/SemkoDev/nelson.cli

IOTA open source?

https://blog.iota.org/official-iota-foundation-response-to-the-digital-currency-initiative-at-the-mit-media-lab-part-1-72434583a2
IOTA protocol is open source. The coordinator is closed source open source.
https://imgur.com/a/xWQUp

Foundation moved user's funds?

https://blog.iota.org/official-iota-foundation-response-to-the-digital-currency-initiative-at-the-mit-media-lab-part-1-72434583a2
https://blog.iota.org/claims-and-reclaims-finalization-e692844c505a
https://www.reddit.com/Iota/comments/7mmimu/claims_and_reclaims_is_processing/drv63d5/

My IOTA donation address:

9PZFQNPLVDUNGAOYYMMXFWMGNPMNAJWZKTYOOMCYQTZQA9RPVVN9SE9KGOL9HWZFJBXKQGEOY9JJYDXB9TY9FLQPXB
submitted by mufinz2 to Iota [link] [comments]

IOTA and Tangle discussion/info, scam or not?

In the past weeks I heard a lot pros and cons about IOTA, many of them I believe were not true (I'll explain better). I would like to start a serious discussion about IOTA and help people to get into it. Before that I'll contribute with what I know, most things that I will say will have a source link providing some base content.
 
The pros and cons that I heard a lot is listed below, I'll discuss the items marked with *.
Pros
Cons
 

Scalability

Many users claim that the network infinitely scales, that with more transactions on the network the faster it gets. This is not entirely true, that's why we are seeing the network getting congested (pending transactions) at the moment (12/2017).
The network is composed by full-nodes (stores all transactions), each full-node is capable of sending transactions direct to the tangle. An arbitrary user can set a light-node (do not store all transactions, therefore a reduced size), but as it does not stores all transactions and can't decide if there are conflicting transactions (and other stuff) it needs to connect to a full-node (bitifinex node for example) and then request for the full-node to send a transaction to the tangle. The full-node acts like a bridge for a light-node user, the quantity of transactions at the same time that a full-node can push to the tangle is limited by its brandwidth.
What happens at the moment is that there are few full-nodes, but more important than that is: the majority of users are connected to the same full-node basically. The full-node which is being used can't handle all the requested transactions by the light-nodes because of its brandwidth. If you are a light-node user and is experiencing slow transactions you need to manually select other node to get a better performance. Also, you need to verify that the minimum weight magnitude (difficulty of the Hashcash Proof of Work) is set to 14 at least.
The network seems to be fine and it scales, but the steps an user has to make/know are not friendly-user at all. It's necessary to understand that the technology envolved is relative new and still in early development. Do not buy iota if you haven't read about the technology, there is a high chance of you losing your tokens because of various reasons and it will be your own fault. You can learn more about how IOTA works here.
There are some upcoming solutions that will bring the user-experience to a new level, The UCL Wallet (expected to be released at this month, will talk about that soon and how it will help the network) and the Nelson CarrIOTA (this week) besides the official implementations to come in december.
 

Centralization

We all know that currently (2017) IOTA depends on the coordinator because the network is still in its infancy and because of that it is considered centralized by the majority of users.
The coordinator are several full-nodes scattered across the world run by the IOTA foundation. It creates periodic Milestones (zero value transactions which reference valid transactions) which are validated by the entire network. The coordinator sets the general direction for the tangle growth. Every node verifies that the coordinator is not breaking consensus rules by creating iotas out of thin air or approving double-spendings, nodes only tells other nodes about transactions that are valid, if the Coordinator starts issuing bad Milestones, nodes will reject them.
The coordinator is optional since summer 2017, you can choose not implement it in your full-node, any talented programmer could replace Coo logic in IRI with Random Walk Monte Carlo logic and go without its milestones right now. A new kind of distributed coordinator is about to come and then, for the last, its completely removal. You can read more about the coordinator here and here.

Mining-Blockchain-based Cryptocurrencies

These are blockchain-based cryptocurrencies (Bitcoin) that has miners to guarantee its security. Satoshi Nakamoto states several times in the Bitcoin whitepaper that "The system is secure as long as honest nodes collectively control more CPU power than any cooperating group of attacker nodes". We can see in Blockchain.info that nowadays half of the total hashpower in Bitcoin is controlled by 3 companies (maybe only 1 in the future?). Users must trust that these companies will behave honestly and will not use its 50%> hashpower to attack the network eventually. With all that said it's reasonable to consider the IOTA network more decentralized (even with the coordinator) than any mining-blockchain-based cryptocurrency
You can see a comparison between DAG cryptocurrencies here
 

IOTA partnerships

Some partnerships of IOTA foundation with big companies were well known even when they were not officialy published. Some few examples of confirmed partnerships are listed below, others cofirmed partnerships can be seem in the link Partnerships with big companies at the pros section.
So what's up with all alarming in social media about IOTA Foundation faking partnerships with big companies like Microsoft and Cisco?
At Nov. 28th IOTA Foundation announced the Data Marketplace with 30+ companies participating. Basically it's a place for any entity sell data (huge applications, therefore many companies interested), at time of writing (11/12/2017) there is no API for common users, only companies in touch with IOTA Foundation can test it.
A quote from Omkar Naik (Microsoft worker) depicted on the Data Marketplace blog post gave an idea that Microsoft was in a direct partnership with IOTA. Several news websites started writing headlines "Microsoft and IOTA launches" (The same news site claimed latter that IOTA lied about partnership with Microsoft) when instead Microsoft was just one of the many participants of the Data Marketplace. Even though it's not a direct partnership, IOTA and Microsoft are in close touch as seen in IOTA Microsoft and Bosch meetup december 12th, Microsoft IOTA meetup in Paris 14th and Microsoft Azure adds 5 new Blockchain partners (may 2016). If you join the IOTA Slack channel you'll find out that there are many others big companies in close touch with IOTA like BMW, Tesla and other companies. This means that right now there are devs of IOTA working directly with scientists of these companies to help them integrate IOTA on their developments even though there is no direct partnership published, I'll talk more about the use cases soon.
We are excited to partner with IOTA foundation and proud to be associated with its new data marketplace initiative... - Omkar Naik
 

IOTA's use cases

Every cryptocurrency is capable of being a way to exchange goods, you pay for something using the coin token and receive the product. Some of them are more popular or have faster transactions or anonymity while others offers better scalablity or user-friendness. But none of them (except IOTA) are capable of transactioning information with no costs (fee-less transactions), in an securely form (MAM) and being sure that the network will not be harmed when it gets more adopted (scales). These characteristics open the gates for several real world applications, you probably might have heard of Big Data and how data is so important nowadays.
Data sets grow rapidly - in part because they are increasingly gathered by cheap and numerous information-sensing Internet of things devices such as mobile devices, aerial (remote sensing), software logs, cameras, microphones, radio-frequency identification (RFID) readers and wireless sensor networks.
 
It’s just the beginning of the data period. Data is going to be so important for human life in the future. So we are now just starting. We are a big data company, but compared to tomorrow, we are nothing. - Jack Ma (Alibaba)
There are enormous quantities of wasted data, often over 99% is lost to the void, that could potentially contain extremely valuable information if allowed to flow freely in data streams that create an open and decentralized data lake that is accessible to any compensating party. Some of the biggest corporations of the world are purely digital like Google, Facebook and Amazon. Data/information market will be huge in the future and that's why there so many companies interested in what IOTA can offer.
There are several real world use cases being developed at the moment, many of them if successful will revolutionize the world. You can check below a list of some of them.
Extra
These are just few examples, there are a lot more ongoing and to explore.
 

IOTA Wallet (v2.5.4 below)

For those who have read a lot about IOTA and know how it works the wallet is fine, but that's not the case for most users. Issues an user might face if decide to use the current wallet:
Problems that could be easily avoided with a better understand of the network/wallet or with a better wallet that could handle these issues. As I explained before, some problems during the "congestion" of the network could be simply resolved if stuff were more user-friendly, this causes many users storing their iotas on exchanges which is not safe either.
The upcoming (dec 2017) UCL Wallet will solve most of these problems. It will switch between nodes automatically and auto-reattach transactions for example (besides other things). You can have full a overview of it here and here. Also, the upcoming Nelson CarrIOTA will help on automatic peer discovery for users setup their nodes more easily.
 

IOTA Vulnerability issue

On sept 7th 2017 a team from MIT reported a cryptographic issue on the hash function Curl. You can see the full response of IOTA members below.
Funds were never in danger as such scenarios depicted on the Neha's blogpost were not pratically possible and the arguments used on the blogpost had'nt fundamentals, all the history you can check by yourself on the responses. Later it was discovered that the whole Neha Narula's team were envolved in other concurrent cryptocurrency projects
Currently IOTA uses the relatively hardware intensive NIST standard SHA-3/Keccak for crucial operations for maximal security. Curl is continuously being audited by more cryptographers and security experts. Recenlty IOTA Foundation hired Cybercrypt, the world leading lightweight cryptography and security company from Denmark to take the Curl cryptography to its next maturation phase.
 
It took me a couple of days to gather the informations presented, I wanted it to make easier for people who want to get into it. It might probably have some mistakes so please correct me if I said something wrong. Here are some useful links for the community.
This is my IOTA donation address, in case someone wants to donate I will be very thankful. I truly believe in this project's potential.
I9YGQVMWDYZBLHGKMTLBTAFBIQHGLYGSAGLJEZIV9OKWZSHIYRDSDPQQLTIEQEUSYZWUGGFHGQJLVYKOBWAYPTTGCX
 
This is a donation address, if you want to do the same you might pay attention to some important details:
  • Create a seed for only donation purposes.
  • Generate a address and publish it for everyone.
  • If you spend any iota you must attach a new address to the tangle and refresh your donation address published before to everyone.
  • If someone sends iota to your previous donation address after you have spent from it you will probably lose the funds that were sent to that specific address.
  • You can visualize how addresses work in IOTA here and here.
This happens because IOTA uses Winternitz one-time signature to become quantum resistent. Every time you spend iota from a address, part of the private key of that specific address is revealed. This makes easier for attackers to steal that address balance. Attackers can search if an address has been reused on the tangle explorer and try to brute force the private key since they already know part of it.
submitted by mvictordbz to CryptoCurrency [link] [comments]

Maxcoin Reboot

The Legend has returned....

What is Maxcoin?
Maxcoin has made a come back into the world we know as Cryptocurrency. Originally born February 2014. Named in honour of Max Keiser. With a current supply of 61,445,805 / 100,000,000 MAX.
It's purpose is to be a usable digital currency through merchants and ATMs around the world. Some have said it to be dubbed as the #LTCkiller being Maxcoin's main rival. Completely community driven project much the same as Bitcoin with a quality developer team who will stop at nothing but success for Maxcoin and there community of Maxcoiners. Maxcoin pro-actively aligns itself to the core principles of interdependence and decentralisation. Whilst combining the strengths of individuals through positive teamwork, they are creating a true eco-system of human interaction and collaboration. Maxcoin is here for all.
Features
One of the biggest (if not the biggest) crypto influential people known as Max Keiser & Stacey Herbert is also proudly supporting Maxcoin who they called Silver $5, Gold $400, Bitcoin $3.
The future of Maxcoin could not be any brighter, so if you missed the train with many crypto's (Bitcoin, Litecoin, Ethereum) then there is no better time to capitalise and make a difference in the world we live in on this opportunity and join one of the best quality telegram communities that is available. (Also where you don't see "When Lambo" every 5 seconds!).
Updates
Creators of the Atomminer
Statsfolio (beta work in progress)
Android/iOS wallets
More updates to follow

Sources
https://steemit.com/bitcoin/@seanpfahey/charlie-bit-me
maxcoinproject.org
t.me/maxcoinproject
https://www.atomminer.com/
submitted by Luca_360 to CryptoMoonShots [link] [comments]

Surae's (me) end-of-November (2017!) update.

You can check it out on the forums here. Here's a copypasta:
Surae's End of November (2017!) Update
Hello, everyone! Sarang posted his update a few days ago to give the community time to review his work before the end of the month. I was hoping to finish multisig off before the end of this month... so I held off on writing this update until then... but it looks like I'm somewhere between 2 days and a week behind on that estimate.
MRL Announcements
Meetings. We are holding weekly meetings on Mondays at 17:00 UTC. Logs are to be posted on my github soon(tm). Usually we alternate between "office hours" and "research meetings." At office hours, we want members of the community to come in and be able to ask questions, so we are considering opening up a relay to the freenode channel during office hours times, unless things get out of hand.
POW-Difficulty Replacement Contest. Some time in December, I am going to formalize an FFS "idea" to open up a multiple-round contest for possible replacements for our proof of work game. The first round would have a 3- or 6-month deadline. Personally, I would love it if this FFS could have an unbounded reward amount. If the community is extremely generous, we could easily whip up a large enough reward to spur lots and lots of interest across the world.
The Bitcoin POW game uses SHA256 to find nonces that produce hashes with sufficiently small digests according to the Bitcoin difficulty metric. Our current POW game uses CryptoNight to find nonces that produce hashes with sufficiently small digests according to the CryptoNote difficulty metric. The winner need not be proof of work. My current thoughts are roughly this:
All submissions will be public. Submissions that minimize incentives for centralized mining (or maximize disincentives) will be preferred over submissions that do not. Submissions that are elegant will be preferred over submissions that are not. Submissions that have provable claims about desirable properties will be preferred over submissions that do not (e.g. for either the Bitcoin or the Monero POW games, the necessary and sufficient network conditions for these games to produce blocks in a Poisson process have not been identified, to my understanding). Submissions that have a smaller environmental impact will be preferred over submissions that have a larger impact. And so on. I would like as many ideas as possible about a judging rubric for the first round. Especially if a large amount of money will be put up as a prize.
The details of the next round would be announced along with the winners of the first round. The reward funds should be released when a set of judges agree on a winner. MRL and Monero Core should each have representation on the panel of judges, and there ought to be at least one independent judge not directly associated with the Monero Project, like Peter Todd, Tim Ruffing, or someone along those lines. But, again, this is just an idea. If the community doesn't like it, we can drop it.
Here is a rundown for November
Multisig. Almost done. I know, I know, it's been forever. We, as a community, have recently come to see how important it is to carefully and formally ensure the correctness of our schemes before proceeding. Multisig is a delicate thing because a naively implemented multisig can reveal information about the participants.
I'm finishing vetting key creation today, finishing signatures tomorrow and the next day. Then I'm passing the result off to moneromooo and luigi to ensure that my description of their code is accurate up to their understanding. Then onto Sarang for final reviews before submission, hopefully by the end of the month. I have my life until Sunday evening blocked off to finish this. A copy of the document will be made available to the community ASAP (an older version is on my github), after more checking and writing is completed.
This whitepaper on multisig will be broken into two papers: one will be intended for peer review describing multi-ring signatures, and one will be a Monero Standard. More about that later...
RTRS RingCT column-linkability and amortization. You may say "what? I thought we were putting RTRS RingCT on the back burner?" Well, I'm still think ing about amortization of signatures. I'm thinking it will be possible (although perhaps not feasible) for miners to include amortized signatures upon finding new blocks. This would allow users to cite an amortized signature for fast verification, but has some possible drawbacks. But more exciting, I'm also chatting with Tim Ruffing, one of the authors on the RTRS RingCT papers: he thinks he has a solution to our "linkability by columns" problem with MLSAG and RingCT. Currently we try to avoid using more than one ring signature per recipient. This avoids linking distinct outputs based on bundling of these ring signatures. Ruffing believes RTRS RingCT can be tweaked to prove several commitments in a vector of commitments; this would allow a single RTRS RingCT to be computed and checked for each output being spent.
Once all the details are checked, I'll write up a document and make a copy of it available to the community. If it works, of course.
Consequences of bulletproofs. In my last end-of-month update I hinted at issues with an exponential space-time trade-off in RTRS RingCT. Due to the speed and space savings with bulletproofs, it may now be feasible to implement RTRS RingCT. With improved verification time savings with bulletproofs we can relax our requirements for verification times for signatures. This will allow the slightly longer verification times of RTRS RingCT to be counter-acted. Solving the problem "what ring sizes can we really get away with?" involves some modeling and solving some linear programming problems (linear programming, or linear optimization, is an anachronistically named area of applied mathematics involved with optimizing logistic problems... see here for more information).
Hence, we will be inserting bulletproofs into Monero with low friction, and then we will look into the logistics of moving to RTRS RingCT.
Monero Standards. Right now, we don't have a comprehensive list of how Monero works, all the various primitives and how they all fit together. Sarang and I have begun working on some Monero Standards that are similar to the original Cryptonote Standards (see here for more information). For each standard, from our hash function on upward, we will describe the standard, provide a justification for Monero's choices in those standards (complete with references), as well as a list of possible replacement standards. For example, our Monero RingCT Standard should describe the RingCT scheme described by shen, which is essentially a ring signature with linear combinations of signing keys + amount commitments. Under the "possible replacements" section, we would describe both the RTRS RingCT scheme and the doubly efficient zk-snark technology as two separate options.
These standards may take awhile to complete, and will be living documents as we change the protocol over the years. In the meantime, it will make it dramatically easier for future researchers to step into MRL and pick up where previous researchers have left off.
Hierarchical view keys. Exploiting the algebra we currently use for computing one-time keys, the sub-address scheme plays with view keys in a certain way, allowing a user to have one single view key for many wallets. Similarly, we may split a view key into several shares, where each subset of shares can be used to grant partial view access to the wallet. A receiver can request that a sender use a particular basepoint in their transaction key where different subsets of shares of the view key grant access to transactions with different basepoints in their transaction keys. None of these are protocol-level observations, they are wallet-level observations. Moreover, these require only that a receiver optionally specify a basepoint.
In other words: hierarchical view keys are a latent feature of our one-time address scheme that has not seen specific development yet. It's a rather low priority compared to the other projects under development; it grants users fine-grained control over their legal compliance, but Monero Standards will have great long-term impact on development and research at Monero.
Criticisms. Monero has suffered some recent criticisms about our hash function. I want to briefly address them.
First, I believe part of the criticism came from a confusion between Keccak3, SHA-3, and Keccak: we have never claimed to use SHA-3 as our hash function, we have only used the Keccak3 hash function, which is a legacy choice inherited from the original CryptoNote reference code. Many developers confuse the two, but Keccak3 was the hash function on which SHA-3 is based. In particular, the Keccak sponge construction can be used to fashion lots and lots of primitives, all of which could fairly be called "Keccak:" both Keccak3 and SHA-3 are Keccak constructions. This may be a subtle nomenclature issue, but it's important because a good portion of our criticisms say "Hey, they aren't using SHA-3!"
Second, I believe part of the criticism also comes from our choice of library, which in my opinion isn't a big deal as long as the library does what it says on the tin. In this case, our hash function is a valid implementation of Keccak3 according to the Keccak3 documentation. The most important criticism, from my point of view, is our choice of pre-SHA-3 Keccak3 as our hash function. Keccak3 underwent lots of analysis during the SHA contest, and Keccak3 is a well-vetted hash funtion. However, it has not been chosen as an international standard. There is a sentiment in the cryptocurrency community to distrust standards, which is probably a healthy sentiment. In this case, however, it means that our choice of hash function is not likely to be supported in common, well-vetted libraries in the future. Moreover, since SHA-3 is an international standard, it shall be undergoing heavy stress testing over the coming decades, a benefit Keccak3 shall not enjoy.
Last month, after some discussions, we made changes to our choice of PRNG in Monero to match the PRNG for Bitcoin. There has since been some discussions instantiated by anonimal about this choice of PRNG. We at MRL are doing our best to assist the core team in weighing the relative costs and benefits of switching to a library like crypto++, and so we believe these criticisms fall into the same category. We intend to address these issues and make formal recommendations in the aforementioned Monero Standards. Sorry for using the word aforementioned.
Things that didn't move much include a) educational outreach, b) SPECTRE, c) anti-ASIC roadmap, d) refund transactions. Most of which was on hold to complete multisig.
As far as educational outreach, I contacted a few members of a few math/cs depts at universities around me, but I haven't gotten anything hopeful yet. I wanted to go local (with respect to me) to make it easier to organize, but that's looking less likely. No matter how enthusiastic of a department we find, garnering participation from faculty members, beginning an application process for new students, squirelling up funding, working out logistics of getting teachers or lecturers/speakers from point A to point B, where to stash students, etc would be a challenge to finish before, say, July. And some schools start their fall semesters in mid-August. So I'm thinking that Summer 2019 is reasonable as the first Monero Summer School... and would be a real fun way to finish off a two-year post-doc!
December plan. I am going to finish multisig, and then finish the zk-lit review with Jeffrey Quesnelle, since these are both slam dunks. Any other time in December I have will be devoted to a) looking into the logistics of using the bulletproofs + RTRS RingCT set-up, b) reading the new zk-stark paper and assessing its importance for Monero, c) beginning work on Monero Standards, which includes addressing our hash function criticisms, our PRNG, etc.
Thank you again! This is an incredible opportunity, and this community is filled with some smart cookies. Every day is a challenge, and I couldn't ask for a more fun thing to be doing with my life right now. I'm hoping that my work ends up making Monero better for you.
submitted by snoether to Monero [link] [comments]

I decided to post this here as I saw some questions on the QRL discord.

Is elliptic curve cryptography quantum resistant?
No. Using a quantum computer, Shor's algorithm can be used to break Elliptic Curve Digital Signature Algorithm (ECDSA). Meaning: they can derive the private key from the public key. So if they got your public key, they got your private key, and they can empty your funds. https://en.wikipedia.org/wiki/Elliptic-curve_cryptography#Quantum_computing_attacks https://eprint.iacr.org/2017/598.pdf
Why do people say that BTC is quantum resistant, while they use elliptic curve cryptography? (Here comes the idea from that never reusing a private key from elliptic curve cryptography (and public key since they form a pair) would be quantum resistant.)
Ok, just gonna start with the basics here. Your address, where you have your coins stalled, is locked by your public- private key pair. See it as your e-mail address (public key) and your password (Private key). Many people got your email address, but only you have your password. If you got your address and your password, then you can access your mail and send emails (Transactions). Now if there would be a quantum computer, people could use that to calculate your password/ private key, if they have your email address/ public key.
What is the case with BTC: they don't show your public key anywhere, untill you make a transaction. So your public key is private untill you make a transaction. How do they do that while your funds must be registered on the ledger? Wel, they only show the Hash of your public key (A hash is an outcome of an equation. Usually one-way hash functions are used, where you can not derive the original input from the output. But everytime you use the same hash function on the same original input (For example IFUHE8392ISHF), you will always get the same output (For example G). That way you can have your coins on public key IFUHE8392ISHF, while on the chain, they are on G.) So your funds are registered on the blockchain on the "Hash" of the public key. The Hash of the public key is also your "email address" in this case. So you give "G" as your address to send BTC to.
By the way, in the early days you could use your actual public key as your address. And miners would receive coins on their public key, not on the hashed public key. That is why all the Satoshi funds are vulnerable to quantum attacks even though these addresses have never been used to make transactions from. These public keys are already public instead of hashed. Also certain hard forks have exposed the public keys of unused addresses. So it's really a false sense of security that most people hang on to in the first place.
But it's actually a false sense of security over all.
Since it is impossible to derive a public key from the Hash of a public key, your coins are safe for quantum computers as long as you don't make any transaction. Now here follows the biggest misconseption: Pretty much everyone will think, great, so BTC is quantum secure! It's not that simple. Here it is important to understand two things:
1 How is a transaction sent? The owner has the private key and the public key and uses that to log into the secured environment, the wallet. This can be online or offline. Once he is in his wallet, he states how much he wants to send and to what address.
When he sends the transaction, it will be broadcasted to the blockchain network. But before the actual transaction that will be sent, it is formed into a package, created by the wallet. This happens out of sight of the sender.
That package ends up carrying roughly the following info: The public key to point to the address where the funds will be coming from, the amount that will be transferred, the public key of the address the funds will be transferred to.
Then this package caries the most important thing: a signature, created by the wallet, derived from the private- public key combination. This signature proves to the miners that you are the rightfull owner and you can send funds from that public key.
So this package is then sent out of the secure wallet environment to multiple nodes. The nodes don’t need to trust the sender or establish the sender’s "identity." And because the transaction is signed and contains no confidential information, private keys, or credentials, it can be publicly broadcast using any underlying network transport that is convenient. As long as the transaction can reach a node that will propagate it into the network, it doesn’t matter how it is transported to the first node.
2 How is a transaction confirmed/ fullfilled and registered on the blockchain?
After the transaction is sent to the network, it is ready to be processed. The nodes have a bundle of transactions to verify and register on the next block. This is done during a period called the block time. In the case of BTC that is 10 minutes.
If you comprehend the information written above, you can see that there are two moments where you can actually see the public key, while the transaction is not fullfilled and registered on the blockchain yet.
1: during the time the transaction is sent from the sender to the nodes
2: during the time the nodes verify the transaction.
This paper describes how you could hijack a transaction and make a new transaction of your own, using someone elses address to send his coins to an address you own during moment 2: the time the nodes verify the transaction:
https://arxiv.org/pdf/1710.10377.pdf
"(Unprocessed transactions) After a transaction has been broadcast to the network, but before it is placed on the blockchain it is at risk from a quantum attack. If the secret key can be derived from the broadcast public key before the transaction is placed on the blockchain, then an attacker could use this secret key to broadcast a new transaction from the same address to his own address. If the attacker then ensures that this new transaction is placed on the blockchain first, then he can effectively steal all the bitcoin behind the original address."
So this means that practically, you can't call BTC a quantum secure blockchain. Because as soon as you will touch your coins and use them for payment, or send them to another address, you will have to make a transaction and you risk a quantum attack.
Why would Nexus be any differtent?
If you ask the wrong person they will tell you "Nexus uses a combination of the Skein and Keccak algorithms which are the 2 recognized quantum resistant algorithms (keccal is used by the NSA) so instead of sha-256, Nexus has SK-1024 making it much harder to break." Which would be the same as saying BTC is quantum resistant because they use a Hashing function to hash the private key as long as no transaction is made.
No, this is their sollid try to be quantum resistant: Nexus states it's different because they have instant transactions (So there wouldn't be a period during which time the nodes verify the transaction. This period would be instant.) Also they use a particular order in which the miners verify transactions: First-In-First-Out (FIFO) (So even if instant is not instant after all, and you would be able to catch a public key and derive the private key, you would n't be able to have your transaction signed before the original one. The original one is first in line, and will therefore be confirmed first. Also for some reason Nexus has standardized fees which are burned after a transaction. So if FIFO wouldn't do the trick you would not be able to use a higher fee to get prioritized and get an earlyer confirmation.
So, during during the time the nodes verify the transaction, you would not be able to hijack a transaction. GREAT, you say? Yes, great-ish. Because there is still moment # 1: during the time the transaction is sent from the sender to the nodes. This is where network based attacks could do the trick:
There are network based attacks that can be used to delay or prevent transactions to reach nodes. In the mean time the transactions can be hijacked before they reach the nodes. And thus one could hijack the non quantum secure public keys (they are openly included in sent signed transactions) who then can be used to derive privatekeys before the original transaction is made. So this means that even if Nexus has instant transactions in FIFO order, it is totally useless, because the public key would be obtained by the attacker before they reach the nodes. Conclusion: Nexus is Nnot quantum resistant. You simply can't be without using a post quantum signature scheme.
Performing a DDoS attack or BGP routing attacks or NSA Quantum Insert attacks on a peer to peer newtork would be hard. But when provided with an opportunitiy to steal billions, hackers would find a way. For example:
https://bitcoinmagazine.com/articles/researchers-explore-eclipse-attacks-ethereum-blockchain/
For BTC:
https://eprint.iacr.org/2015/263.pdf
"An eclipse attack is a network-level attack on a blockchain, where an attacker essentially takes control of the peer-to-peer network, obscuring a node’s view of the blockchain."
That is exactly the receipe for what you would need to create extra time to find public keys and derive private keys from them. Then you could sign transactions of your own and confirm them before the originals do.
By the way, yes this seems to be fixed now, but it most definately shows it's possible. And there are other creative options. Either you stop tranasctions from the base to get out, while the sender thinks they're sent, or you blind the network and catch transactions there. There are always options, and they will be exploited when billions are at stake. The keys can also be hijacked when a transaction is sent from the users device to the blockchain network using a MITM attack. The result is the same as for network based attacks, only now you don't mess with the network itself. These attacks make it possible to 1) retrieve the original public key that is included in the transaction message. 2) Stop or delay the transaction message to arrive at the blockchain network. So, using a quantum computer, you could hijack transactions and create forged transactions, which you then send to the nodes to be confirmed before the nodes even receive the original transaction. There is nothing you could change to the Nexus network to prevent this. The only thing they can do is implement a quantum resistant signature scheme. They plan to do this in the future, like any other serious blockchain project. Yet Nexus is the only of these future quantum resistant projects to prematurely claim to be quantum resistant. There is only one way to get quantum resistancy: POST QUANTUM SIGNATURE SCHEMES. All the rest is just a shitty shortcut that won't work in the end.
(If you use this info on BTC, you will find that the 10 minutes blocktime that is used to estimate when BTC will be vulnerable for quantum attacks, can actually be more then 10 minutes if you catch the public key before the nodes receive them. This makes BTC vulnerable sooner thatn the 10 min blocktime would make you think.)
By the way, Nexus using FIFO and standadrized fees which are burned after the transaction comes with some huge downsides:
Why are WOTS+ signatures (and by extension XMSS) more quantum resistant?
First of all, this is where the top notch mathematicians work their magic. Cryptography is mostly maths. As Jackalyst puts it talking about post quantum signature schemes: "Having papers written and cryptographers review and discuss it to nauseating levels might not be important for butler, but it's really important with signature schemes and other cryptocraphic methods, as they're highly technical in nature."
If you don't believe in math, think about Einstein using math predicting things most coudldn't even emagine, let alone measure back then.
Then there is implementing it the right way into your blockchain without leaving any backdoors open.
So why is WOTS+ and by extension XMSS quantum resistant? Because math papers say so. With WOTS it would even take a quantum computer too much time to derive a private key from a public key. https://en.wikipedia.org/wiki/Hash-based_cryptography https://eprint.iacr.org/2011/484.pdf
What is WOTS+?
It's basiclally an optimized version of Lamport-signatures. WOTS+ (Winternitz one-time signature) is a hash-based, post-quantum signature scheme. So it's a post quantum signature scheme meant to be used once.
What are the risks of WOTS+?
Because each WOTS publishes some part of the private key, they rapidly become less secure as more signatures created by the same public/private key are published. The first signature won't have enough info to work with, but after two or three signatures you will be in trouble.
IOTA uses WOTS. Here's what the people over at the cryptography subreddit have to say about that:
https://www.reddit.com/crypto/comments/84c4ni/iota_signatures_private_keys_and_address_reuse/?utm_content=comments&utm_medium=user&utm_source=reddit&utm_name=u_QRCollector
With the article:
http://blog.lekkertech.net/blog/2018/03/07/iota-signatures/
Mochimo uses WOTS+. They kinda solved the problem: A transaction consists of a "Source Address", a "Destination Address" and a "Change Address". When you transact to a Destination Address, any remaining funds in your Source Address will move to the Change Address. To transact again, your Change Address then becomes your Source Address.
But what if someone already has your first address and is unaware of the fact you already send funds from that address? He might just send funds there. (I mean in a business environment this would make Mochimo highly impractical.) They need to solve that. Who knows, it's still a young project. But then again, for some reason they also use FIFO and fixed fees, so there I have the same objections as for Nexus.
How is XMSS different?
XMSS uses WOTS in a way that you can actually reuse your address. WOTS creates a quantum resistant one time signature and XMSS creates a tree of those signatures attached to one address so that the address can be reused for sending an asset.
submitted by QRCollector to QRL [link] [comments]

El algoritmo PoW (Prueba de trabajo)X25X: Llevando a una mejor evolucion la cadena de bloques

El algoritmo PoW (Prueba de trabajo)X25X: Llevando a una mejor evolucion la cadena de bloques


Gráfico de comparación de algoritmo
Puntos a tratar:
1) El problema
2) La propuesta original del algoritmo X22i
3) La solución - X25X: la evolución de la minería de prueba de trabajo
3.1 FPGA y resistencia mineros ASIC
3.2 GPU Desarrollo de software de minería
3.3 Resistencia cuántica
3.4 Cadena de algoritmos



Gráfico de comparación de algoritmo
Explicación del cuadro:
  • no de algoritmos de cadena
  • Ram usada por cada nombramiento
  • FPGA/ASIC Compatibilidad
  • Compatibilidad de Resistencia cuántica
  • Desarrollo en curso

1) El problema

La centralización sigue siendo una gran preocupación para muchos dentro de la comunidad de criptomonedas, así como para un número creciente de público en general. Bitcoin se fundó con la intención de crear libertad financiera para todos, lejos de los factores de control inherentes a la cultura de los bancos e instituciones financieras a nivel mundial. Como resultado, el concepto de descentralización se ha convertido en un tema preocupante que continúa creciendo en importancia, por muchas que son las razones que se discutirán en este artículo.
Específicamente, si consideramos el tema de la centralización en relación con la minería de criptomonedas, evitar la creación de dispositivos ASIC y FPGA es de suma importancia para promover la equidad y mantener un enfoque igualitario a largo plazo . En teoría, esto es posible a través de equipos de minería de CPU y GPU modestos y fáciles de obtener.
Sin embargo, muchos desarrolladores de criptomonedas hasta el momento no han tenido éxito en la implementación de medidas de igualdad sostenibles dentro de sus respectivos proyectos. Predominantemente, las monedas con grandes volúmenes de operaciones son explotadas por dispositivos de eficiencia mejorada, con GPU y CPU mineros que solo pueden obtener ganancias durante unos pocos meses o incluso semanas.
Los FPGA y los ASIC requieren máquinas caras y no pueden utilizarse para tareas adicionales, a diferencia de las GPU y las CPU. Además, la programación de FPGA es extremadamente compleja y requiere muchos recursos. Como resultado, estos mecanismos tecnológicos dan como resultado directamente la centralización de la minería, lo que reduce significativamente las recompensas que antes gozaban muchos. SINOVATE (SIN) ha renovado y continúa fortaleciendo la minería de Prueba de Trabajo (PoW) , reforzando y mejorando la visión original de Bitcoin de “Un CPU Un Voto”.

2) La propuesta original de X22i

El propósito del X22i Whitepaper original fue diseñar un algoritmo PoW (Prueba de trabajo) altamente eficiente , que proporcione una multitud de ventajas que aprovechen para los mineros de GPU sobre las granjas mineras comerciales:
  1. Hacer que la opcion de ASIC y FPGA sea mucho más difícil y costoso
  2. Permitir que los mineros optimizados de GPU se desarrollen rápidamente
  3. Permitir a los mineros de GPU puedan obtener la máxima eficiencia.
  4. Añadir resistencia cuántica
  5. Usar componentes comprobados, estándares de la industria , como sha-2 y sha-3 para permitir una seguridad óptima

3) La solución — X25X: la evolución de la minería de prueba de trabajo

X22i tuvo éxito en la implementación de todo lo anterior, pero para que los mineros siguieran recibiendo recompensas a largo plazo, era necesario evolucionar y adaptarse a las crecientes demandas de potencia de computación y eficiencia requeridas por los sistemas de hardware modernos. Esto se ha llevado a cabo a través del nuevo algoritmo X25X personalizado de SINOVATE .
Además, se requirió un cambio algorítmico para hacer que la producción de chips ASIC y el diseño FPGA sean mucho menos rentables, debido al corto período de tiempo permitido para el uso del producto. Además, X25X permite un menor consumo de energía para las GPU, ya que esta mejora depende del acceso aleatorio a la RAM que integra los ciclos de espera en el proceso de minería.

3.1 FPGA y resistencia de mineros ASIC

X25X persigue el objetivo de la resistencia de mineros ASIC y FPGA, mediante la implementación de múltiples funciones adicionales sobre cadenas de algoritmo PoW estándar como X11. Las características incluyen aumentar los requisitos de memoria en 24 veces , con X22i en 4 veces . Esto no es un problema para las CPU y las GPU, pero es mucho más difícil de mantener para los dispositivos FPGA y ASIC. La razón de esto es que requieren un uso de memoria RAM básica , que no ofrece ventajas sobre las CPU y las GPU , o que estos dispositivos deben aplicar más RAM interna, lo que aumenta el espacio de chip necesario.
Además, X25X tiene una nueva etapa de reproducción aleatoria , que trabaja en el búfer de 1536 bytes (para cada uno), con acceso aleatorio. Esto es para evitar que las optimizaciones múltiples anulen el propósito del búfer más grande, y también para evitar las actividades maliciosas de los mineros privados que buscan obtener ventajas injustas sobre los trabajadores honestos (por ejemplo, combinar múltiples algoritmos en uno solo, ya que la salida de cada etapa es necesaria para llegar al resultado final). Además, esto promueve indirectamente la escritura de código limpio para algoritmos, de modo que el código de fuente abierta sea más valioso tanto en términos de calidad como de tasa de hash. Esto es importante para la continuidad y viabilidad a largo plazo de la minería de prueba de trabajo (PoW).
Otra ventaja sobre los algoritmos PoW tradicionales es una cadena de algoritmos mucho más larga: 25 algoritmos requieren un espacio de chip mucho mayor para implementar toda la cadena, lo que es extremadamente costoso para los dispositivos FPGA y ASIC.
El plan más amplio para X25X es aumentar el tamaño de la cadena con más etapas de hashing, que se lanzarán periódicamente. Este enfoque obliga a los diseñadores de chips a revisar constantemente sus diseños, lo que aumenta aún más los costos y reduce el tiempo requerido para utilizar los chips con fines mineros. Además, hacer que la cadena sea cada vez más larga aborda las preocupaciones que rodean los futuros chips FPGA con mayor capacidad. Cualquier ganancia de eficiencia, así como la capacidad de estos dispositivos de encajar toda la cadena X25X en un solo chip se anularán .

3.2 GPU Desarrollo de software de minería

Como X25X es una cadena de funciones hash conocidas, codificar un minero GPU para este algoritmo implica principalmente codificar código fuente. Como se mencionó anteriormente, X22i vino equipado con muchas implementaciones, tanto privadas como de código abierto, con las etapas faltantes para llegar a la cadena X25X completa, todo disponible como código abierto. La nueva etapa de shuffle, que también se puede implementar en el código de GPU, se abrirá en breve.
Muchas fuentes excesivamente optimizadas no funcionarán o necesitarán ser fuertemente modificadas , ya que no proporcionan una salida completa para todos los algoritmos dentro de la cadena. Esto ayuda a aumentar el mecanismo de consenso descentralizado proporcionado por la cadena de bloques SINOVATE, ya que claramente la tasa de hash entre los mineros privados y de código abierto disminuirá.

3.3 Resistencia cuántica

Una preocupación creciente dentro del mundo de las criptomonedas también relacionada con la centralización, que potencialmente presenta una amenaza aún mayor que los dispositivos ASIC y FPGA, es la posibilidad de “romper” los algoritmos de hashing, que se utilizan dentro de las monedas de criptomoneda existentes a través de una computadora cuántica. El acceso a este hardware podría permitir enormes ventajas de eficiencia sobre la mayoría minera, manifestando la posibilidad de que se realice un ataque extremo del 51% en la red. Esto daría como resultado que una parte significativa de la cadena se revirtiera y aumentaría la posibilidad de doble gasto, con una sola entidad bien posicionada para asumir el control total de la Cadena de Bloques .
Para abordar este problema, X22i introdujo un elemento post-cuántico en la cadena llamado SWIFFTX, con criptografía basada en celosía. Este componente también se ha implementado en X25X:
“Sus principales características atractivas, entre otras (que no incluyen un ataque cuántico conocido en el momento de escribir este documento) son probablemente análisis de seguridad asintóticos rigurosos y eficiencia asintótica” ( https://eprint.iacr.org/2012/343.pdf )

3.4 Cadena de algoritmos

A continuación se muestra la lista completa de algoritmos de hash estándar integrados por la Cadena X25X, que incluyen la etapa de reproducción aleatoria única, los tamaños de entrada y salida correspondientes, así como el eventual relleno cero. SWIFFTX implementa un tamaño de entrada mucho mayor, que se extiende a través de las salidas de los 4 algoritmos anteriores. La fase aleatoria acepta todas las salidas de algoritmos anteriores como entrada:
  1. Blake (in: 80b, out: 64b)
  2. BMW (in: 64b, out: 64b)
  3. Groestl (in: 64b, out: 64b)
  4. Skein (in: 64b, out: 64b)
  5. JH (in: 64b, out: 64b)
  6. Keccak (in: 64b, out: 64b)
  7. Luffa (in: 64b, out: 64b)
  8. Cubehash (in: 64b, out: 64b)
  9. Shavite (in: 64b, out: 64b)
  10. SIMD (in: 64b, out: 64b)
  11. Echo (in: 64b, out: 64b)
  12. Hamsi (in: 64b, out: 64b)
  13. Fugue (in: 64b, out: 64b)
  14. Shabal (in: 64b, out: 64b)
  15. Whirlpool (in: 64b, out: 64b)
  16. SHA512 (in: 64b, out: 64b)
  17. SWIFFTX (in: 256b, out: 64b)
  18. Haval (in: 64b, out: 32b + 32b relleno cero)
  19. Tiger (in: 64b, out: 32b, + 32b Relleno cero solo para la etapa aleatoria)
  20. Lyra2 (in: 32b, out: 32b + 32b relleno cero)
  21. Streebog (in: 64b, out: 64b)
  22. SHA256 (in: 64b, out: 32b + 32b relleno cero)
  23. Panama (in: 64b, out: 32b + 32b relleno cero)
  24. Lane (in: 64b, out: 64b)
  25. X25X Shuffle (in: 1536b, out: 1536b)
  26. Blake2s (in: 1536b, out: 32b)


Los bloques de salida se barajan a través de X25X simple pero el código original. El resultado (también 1536 bytes de ancho) se pasa a Blake2s. Podemos ver la secuencia de manera grafica de lo antes explicado.

X25X PRUEBA DE TRABAJO CADENA DE ALGORITMO

Únase a nosotros y permanezca atento a las próximas actualizaciones a través de nuestro sitio web y las plataformas de redes sociales:
Website Discord . Telegram . Bitcointalk . Twitter . Facebook .Linkedin.Team.YouTube. Reddit.
Telegram Rus — Telegram Chinese — Telegram AfricaTelegram Espanol — Telegram French — Telegram Indonesia — Telegram Italian — Telegram Turkish — Telegram Vietnamese
Author: Pallas Amit Kaushal
Traducido: Embajador comunidad hispana Musicayfarandula
submitted by sinovatehispano to u/sinovatehispano [link] [comments]

DD on Crypto. Just kidding Allin AMD

Alright, I keep seeing you fucks talk about how "Bitcoin is going to make Nvidia/AMD go to the moon". I'm going to walk all you fucks through bitcoin, crypto currencies, and how they effect the GPU market.
What is Bitcoin?
Bitcoin is a decentralized ledger. That's pretty much it. A set number of bitcoin is generated per block, and each block is solved when a resulting hash is found for the corresponding proof of work. The difficulty is adjusted periodically based on a formula, meaning that as hash rate rises and falls, the number of bitcoins produced per day is roughly the same.
What does Bitcoin have to do with AMD and Nvidia?
Fucking nothing. Bitcoin is mined on proprietary hardware called Application-specific Integrated Circuits (ASICs). Neither AMD or Nvidia produce these.
Why does everyone keep talking about Bitcoin and AMD then?
Because they're fucking retarded and you're listening to retards. Bitcoin runs on the SHA-256 Hashing Function which people have custom hardware for. The Crypto driving GPU sales is ETHEREUM, NOT BITCOIN
What the fuck is Ethereum then?
Don't worry about it. It's for smug assholes who are too edgy for Bitcoin. All you need to know is it runs on a different Hashing function than Bitcoin, so if you weren't a retard you'd probably realize that the proprietary hardware I talked about earlier won't work with it. Currently Ethereum is being mined the same way Bitcoin was when it first started; on GPUs.
When are you going to tell me what to buy
Shut the fuck up, learn something or kill your self.
How many GPUs are being used to mine currently?
Currently the Ethereum Hash Rate is 73,000 GH/s. For upcoming earnings, we should instead look at the period from April to June. April 1st shows a network hash rate of 16,500 GH/s, and June 31st shows 59,200 GH/s, meaning the network hash rate increased by 42,700 GH/s for this upcoming earnings report quarter.
I've linked a decent benchmark for GPU hashrate . You should notice that all of these are quoted in MH/s, versus the Network reporting in GH/s; there are ALOT of fucking GPUs running on the network. A top of the line 1080 puts out about 20-25 MH/s, a good Radeon card does about 30. As a rough estimate, lets assume that the average card mining Ethereum currently produces about 25 MH/s. 42,700GH/s / 25MH/s means that there are 1.7 MILLION more GPUs currently mining ethereum than there were at the beginning of Q1. Based on my personal observations being involved in this, AMD is actually taking a majority market share of the sold cards just due to their superior performance compared to Nvidia's 1080s, and I'd estimate that About 50-60% of the cards currently mining Ethereum are AMD Radeons.
What does this all mean?
AMD are selling their highest margin video cards faster than they can produce them, and at ~250$ a pop with 50%-60% market capture AMD will have sold roughly 200-300 million dollars more in video cards than they did last quarter. AMD quarterly revenue last reported was just under 1 Billion. This is a 20-30% increase in revenue from last quarter, where Ethereum Hash Rate only increased by about 10,000GH/s. Even assuming a modest 30% margin for their video cards, AMD will still have almost 60 million in unexpected earnings this quarter due to crypto mining, which translates to about .06-.1 per share in earnings.
tl;dr
Ethereum will make AMD beat revenue by 20-30%. BUY AMD YOU CUCKS.
submitted by Askmeaboutmyautism to wallstreetbets [link] [comments]

EtherFlyer On Quantum Risk

EtherFlyer On Quantum Risk

https://preview.redd.it/kcue5nbw87o21.png?width=1125&format=png&auto=webp&s=416794e0b481a686d9ae23f8e5c687c63725382e
"Quantum computing and blockchain are somewhat competing with each other because a lot of crypto encoding algorithms could be broken by quantum."
Shoucheng Zhang (1963-2018),
Chinese-American physicist, Stanford University

It is being said that, within a decade from now, quantum computers will be able to break the cryptographic codes of most blockchains ?this could include users' precious private keys of their blockchain wallet addresses. When this will happen, most blockchain technology and all cryptocurrencies could instantly become obsolete.

Rumor has it that this is one critical reason why Bitcoin, Ethereum, and most other cryptocurrency's prices are not quite recovering despite of several positive forecasts and predictions regarding their future. It is also believed that some large crypto traders who are aware of the existence and public release of commercial quantum computers are not getting the answers and assurance that they need. The concern of quantum computers breaking the cryptographic codes of a blockchain is being said to be being neglected by major crypto influencers and personalities or they are simply just dumb on the topic.

The following are some of the basic information EtherFlyer gathered so far about quantum computers and it's part on blockchain technology.

On the 8th of January, 2019, IBM unveiled its first commercial quantum computer ?the Q System One. Luckily, it is not that powerful enough to break the traditional blockchain's cryptographic codes. However, the reality that quantum computers now exist and are commercially available can not be neglected anymore. Moreso, the competition from different computer companies to build more powerful quantum computers is on. The time that a powerful variant of quantum computers capable of breaking cryptographic codes is imminent.

Bitcoin and Ethereum is relatively safe ?for now. Even the current Google's Britestone 72-qubit quantum computer cannot break the Bitcoin's SHA-256 algorithm yet. However, as quantum computers develop rapidly with the support of both private and public sectors, it is just a matter of time that SHA-256 algorithm can be broken. Even updating a current blockchain's algorith from SHA-256 to SHA-512 (or any other hashing algorithm) will just be nothing but "band-aid" solutions. No details about the vulnerability of Keccak-256 and Keccak-512 (which are Ethereum's cryptographic algoriths) against powerful quantum attacks are available online yet.

There are no official press or article releases from both major cryptocurrencies on how will they deal with the threat of quantum computers to their blockchain. No articles or research online conclusively states that Bitcoin, Ethereum, as well as most other cryptocurrencies with their own independent blockchains are 100% quantum resistant already. Most are nothing but speculative proposals without actual conclusive implementations. With this, crypto traders who are aware of quantum computers could remain doubtful. They could be less willing to take risks in initiating a bullish run for any cryptocurrencies simply because they don't have security assurance yet.

Eventhough there is a lack of official public statements regarding the issue, the crypto community 's demand for solutions are continuously being raised. Furthermore, as aforesaid, the blockchain development community still have time to come up with something that could ease everyone's worries ?a decade more or less. EtherFlyer truly believes it is just a matter of time that an assuring working solution will be released by blockchain developers. The blockchain is an ever evolving technology and comes along with this evolution will be enhancements and developments. We guarantee to all of our users that, as a decentralized exchange with its core utilizing the Ethereum blockchain technology, EtherFlyer will evolve along with the blockchain. We had, have been, and will always be putting our trust in the Ethereum blockchain ?we are encouraging everyone to have peace of mind and dedicate the same level of trust to the technology that we all love and admire.

"Generative adversarial networks...they (quantum computing and blockchain) can actually reach two progress by competing with each other."
Shoucheng Zhang (1963-2018),
Chinese-American physicist, Stanford University
submitted by EtherFlyerExchange to u/EtherFlyerExchange [link] [comments]

Blowing the lid off the CryptoNote/Bytecoin scam (with the exception of Monero) - Reformatted for Reddit

Original post by rethink-your-strategy on Bitcointalk.org here
This post has been reformatted to share on Reddit. What once was common knowledge, is now gone. You want a quality history lesson? Share this like wildfire.
August 15, 2014, 08:15:37 AM

Preamble

I'd like to start off by stating categorically that the cryptography presented by CryptoNote is completely, entirely solid. It has been vetted and looked over by fucking clever cryptographers/developers/wizards such as gmaxwell. Monero have had a group of independent mathematicians and cryptographers peer-reviewing the whitepaper (their annotations are here, and one of their reviews is here), and this same group of mathematicians and cryptographers is now reviewing the implementation of the cryptography in the Monero codebase. Many well known Bitcoin developers have already had a cursory look through the code to establish its validity. It is safe to say that, barring more exotic attacks that have to be mitigated over time as they are invented/discovered, and barring a CryptoNote implementation making rash decisions to implement something that reduces the anonymity set, the CryptoNote currencies are all cryptographically unlinkable and untraceable.
Two other things I should mention. I curse a lot when I'm angry (and scams like this make me angry). Second, where used my short date format is day/month/year (smallest to biggest).
If you find this information useful, a little donation would go a long way. Bitcoin address is 1rysLufu4qdVBRDyrf8ZjXy1nM19smTWd.

The Alleged CryptoNote/Bytecoin Story

CryptoNote is a new cryptocurrency protocol. It builds on some of the Bitcoin founding principles, but it adds to them. There are aspects of it that are truly well thought through and, in a sense, quite revolutionary. CryptoNote claim to have started working on their project years ago after Bitcoin's release, and I do not doubt the validity of this claim...clearly there's a lot of work and effort that went into this. The story as Bytecoin and CryptoNote claim it to be is as follows:
They developed the code for the principles expressed in their whitepaper, and in April, 2012, they released Bytecoin. All of the copyright messages in Bytecoin's code are "copyright the CryptoNote Developers", so clearly they are one and the same as the Bytecoin developers. In December 2012, they released their CryptoNote v1 whitepaper. In September 2013, they released their CryptoNote v2 whitepaper. In November 2013, the first piece of the Bytecoin code was first pushed to Github by "amjuarez", with a "Copyright (c) 2013 amjuarez" copyright notice. This was changed to "Copyright (c) 2013 Antonio Juarez" on March 3rd, 2014. By this juncture only the crypto libraries had been pushed up to github. Then, on March 4th, 2014, "amjuarez" pushed the rest of the code up to github, with the README strangely referring to "cybernote", even though the code referred to "Cryptonote". The copyrights all pointed to "the Cryptonote developers", and the "Antonio Juarez" copyright and license file was removed. Within a few days, "DStrange" stumbled across the bytecoin.org website when trying to mine on the bte.minefor.co.in pool (a pool for the-other-Bytecoin, BTE, not the-new-Bytecoin, BCN), and the rest is history as we know it. By this time Bytecoin had had a little over 80% of its total emission mined.

Immediate Red Flags

The first thing that is a red flag in all of this is that nobody, and I mean no-fucking-body, is a known entity. "Antonio Juarez" is not a known entity, "DStrange" is not a known entity, none of the made up names on the Bytecoin website exist (they've since removed their "team" page, see below), none of the made up names on the CryptoNote website exist (Johannes Meier, Maurice Planck, Max Jameson, Brandon Hawking, Catherine Erwin, Albert Werner, Marec Plíškov). If they're pseudonyms, then say so. If they're real names, then who the fuck are they??? Cryptographers, mathematicians, and computer scientists are well known - they have published papers or at least have commented on articles of interest. Many of them have their own github repos and Twitter feeds, and are a presence in the cryptocurrency community.
The other immediate red flag is that nobody, and I mean no-fucking-body, had heard of Bytecoin. Those that had heard of it thought it was the crummy SHA-256 Bitcoin clone that was a flop in the market. Bytecoin's claim that it had existed "on the deep web" for 2 years was not well received, because not a single vendor, user, miner, drug addict, drug seller, porn broker, fake ID card manufacturer, student who bought a fake ID card to get into bars, libertarian, libertard, cryptographer, Tor developer, Freenet developer, i2p developer, pedophile, or anyone else that is a known person - even just known on the Internet - had ever encountered "Bytecoin" on Tor. Ever. Nobody.

Indisputable Facts

Before I start with some conjecture and educated guesswork, I'd like to focus on an indisputable fact that obliterates any trust in both Bytecoin's and CryptoNote's bullshit story. Note, again, that I do not doubt the efficacy of the mathematics and cryptography behind CryptoNote, nor do I think there are backdoors in the code. What I do know for a fact is that the people behind CryptoNote and Bytecoin have actively deceived the Bitcoin and cryptocurrency community, and that makes them untrustworthy now and in the future. If you believe in the fundamentals in CryptoNote, then you need simply use a CryptoNote-derived cryptocurrency that is demonstrably independent of CryptoNote and Bytecoin's influence. Don't worry, I go into this a little later.
So as discussed, there were these two whitepapers that I linked to earlier. Just in case they try remove them, here is the v1 whitepaper and the v2 whitepaper mirrored on Archive.org. This v1/v2 whitepaper thing has been discussed at length on the Bytecoin forum thread, and the PGP signature on the files has been confirmed as being valid. When you open the respective PDFs you'll notice the valid signatures in them:
signature in the v1 whitepaper
signature in the v2 whitepaper
These are valid Adobe signatures, signed on 15/12/2012 and 17/10/2013 respectively. Here's where it gets interesting. When we inspect this file in Adobe Acrobat we get a little more information on the signature
.
Notice the bit that says "Signing time is from the clock on the signer's computer"? Now normally you would use a Timestamp Authority (TSA) to validate your system time. There are enough public, free, RFC 3161 compatible TSAs that this is not a difficult thing. CryptoNote chose not do this. But we have no reason to doubt the time on the signature, right guys? crickets
.
See these references from the v1 whitepaper footnotes? Those two also appear in the v2 whitepaperth. Neither of those two footnotes refer to anything in the main body of the v1 whitepaper's text, they're non-existent (in the v2 whitepaper they are used in text). The problem, though, is that the Bitcointalk post linked in the footnote is not from early 2012 (proof screenshot is authentic: https://bitcointalk.org/index.php?topic=196259.0)
.
May 5, 2013. The footnote is referencing a post that did not exist until then. And yet we are to believe that the whitepaper was signed on 12/12/2012! What sort of fucking fools do they take us for?
A little bit of extra digging validates this further. The document properties for both the v1 whitepaper as well as the v2 whitepaper confirms they were made in TeX Live 2013, which did not exist on 12/12/2012. The XMP properties are also quite revealing
XMP properties for the v1 whitepaper
XMP properties for the v2 whitepaper
According to that, the v1 whitepaper PDF was created on 10/04/2014, and the v2 whitepaper was created on 13/03/2014. And yet both of these documents were then modified in the past (when they were signed). Clearly the CryptoNote/Bytecoin developers are so advanced they also have a time machine, right?
Final confirmation that these creation dates are correct are revealed those XMP properties. The properties on both documents confirm that the PDF itself was generated from the LaTeX source using pdfTeX-1.40.14 (the pdf:Producer property). Now pdfTeX is a very old piece of software that isn't updated very often, so the minor version (the .14 part) is important.
.
pdfTeX 1.40.14 pushed to source repo on Feb 14, 2014
.
This version of pdfTeX was only pushed to the pdfTeX source repository on February 14, 2014, although it was included in a very early version of TeX Live 2013 (version 2013.20130523-1) that was released on May 23, 2013. The earliest mentions on the Internet of this version of pdfTeX are in two Stack Exchange comments that confirm its general availability at the end of May 2013 (here and here).
The conclusion we draw from this is that the CryptoNote developers, as clever as they were, intentionally deceived everyone into believing that the CryptoNote whitepapers were signed in 2012 and 2013, when the reality is that the v2 whitepaper was created in March, 2014, and the v1 whitepaper haphazardly created a month later by stripping bits out of the v2 whitepaper (accidentally leaving dead footnotes in).
Why would they create this fake v2 whitepaper in the first place? Why not just create a v1 whitepaper, or not even version it at all? The answer is simple: they wanted to lend credence and validity to the Bytecoin "2 years on the darkweb" claim so that everyone involved in CryptoNote and Bytecoin could profit from the 2 year fake mine of 82% of Bytecoin. What they didn't expect is the market to say "no thank you" to their premine scam.

And Now for Some Conjecture

As I mentioned earlier, the Bytecoin "team" page disappeared. I know it exists, because "AtomicDoge" referred to it as saying that one of the Bytecoin developers is a professor at Princeton. I called them out on it, and within a week the page had disappeared. Fucking cowards.
That was the event that triggered my desire to dig deeper and uncover the fuckery. As I discovered more and more oddities, fake accounts, trolling, and outright falsehoods, I wondered how deep the rabbit hole went. My starting point was DStrange. This is the account on Bitcointalk that "discovered" Bytecoin accidentally a mere 6 days after the first working iteration of the code was pushed to Github, purely by chance when mining a nearly dead currency on a tiny and virtually unheard of mining pool. He has subsequently appointed himself the representative of Bytecoin, or something similar. The whole thing is so badly scripted it's worse than a Spanish soap opera...I can't tell who Mr. Gonzales, the chief surgeon, is going to fuck next.
At the same time as DStrange made his "fuck me accidental discovery", another Bitcointalk account flared up to also "accidentally discover this weird thing that has randomly been discovered": Rias. What's interesting about both the "Rias" and "DStrange" accounts are their late 2013 creation date (October 31, 2013, and December 23, 2013, respectively), and yet they lay dormant until suddenly, out of the blue, on January 20th/21st they started posting. If you look at their early posts side by side you can even see the clustering: Rias, DStrange.
At any rate, the DStrange account "discovering" Bytecoin is beyond hilarious, especially with the Rias account chiming in to make the discovery seem natural. Knowing what we unmistakably do about the fake CryptoNote PDF dates lets us see this in a whole new light.
Of course, as has been pointed out before, the Bytecoin website did not exist in its "discovered" form until sometime between November 13, 2013 (when it was last captured as this random picture of a college girl) and February 25, 2014 (when it suddenly had the website on it as "discovered"). This can be confirmed by looking at the captures on Wayback Machine: https://web.archive.org/web/*/http://bytecoin.org
The CryptoNote website, too, did not exist in its current form until after October 20, 2013, at which time it was still the home of an encrypted message project by Alain Meier, a founding member of the Stanford Bitcoin Group and co-founder of BlockScore. This, too, can be confirmed on Wayback Machine: https://web.archive.org/web/*/http://cryptonote.org
~It's hard to ascertain whether Alain had anything to do with CryptoNote or Bytecoin. It's certainly conceivable that the whitepaper was put together by him and other members of the Stanford Bitcoin Group, and the timeline fits, given that the group only formed around March 2013. More info on the people in the group can be found on their site, and determining if they played a role is something you can do in your own time.~
Update: Alain Meier posted in this thread, and followed it up with a Tweet, confirming that he has nothing to do with CryptoNote and all the related...stuff.

Batshit Insane

The Bytecoin guys revel in creating and using sockpuppet accounts. Remember that conversation where "Rias" asked who would put v1 on a whitepaper with no v2 out, and AlexGR said "a forward looking individual"? The conversation took place on May 30, and was repeated verbatim by shill accounts on Reddit on August 4 (also, screenshot in case they take it down).
Those two obvious sockpuppet/shill accounts also take delight in bashing Monero in the Monero sub-reddit (here are snippets from WhiteDynomite and cheri0). Literally the only thing these sockpuppets do, day in and day out, is make the Bytecoin sub-reddit look like it's trafficked, and spew angry bullshit all over the Monero sub-reddit. Fucking batshit insane - who the fuck has time for that? Clearly they're pissy that nobody has fallen for their scam. Oh, and did I mention that all of these sockpuppets have a late January/early February creation date? Because that's not fucking obvious at all.
And let's not forget that most recently the sockpuppets claimed that multi-sig is "a new revolutionary technology, it was discovered a short time ago and Bytecoin already implemented it". What the actual fuck. If you think that's bad, you're missing out on the best part of all: the Bytecoin shills claim that Bytecoin is actually Satoshi Nakamoto's work. I'm not fucking kidding you. For your viewing pleasure...I present to you...the Bytecoin Batshit Insane Circus:
.
https://bitcointalk.org/index.php?topic=512747.msg8354977#msg8354977
.
Seriously. Not only is this insulting as fuck to Satoshi Nakamoto, but it's insulting as fuck to our intelligence. And yet the fun doesn't stop there, folks! I present to you...the centerpiece of this Bytecoin Batshit Insane Circus exhibit...
.
Of course! How could we have missed it! The clues were there all along! The CryptoNote/Bytecoin developers are actually aliens! Fuck me on a pogostick, this is the sort of stuff that results in people getting committed to the loony bin.
One last thing: without doing too much language analysis (which is mostly supposition and bullshit), it's easy to see common grammar and spelling fuck ups. My personal favorite is the "Is it true?" question. You can see it in the Bytecoin thread asking if it's Satoshi's second project, in the Monero thread asking if the Monero devs use a botnet to fake demand, and in the Dashcoin thread confirming the donation address (for a coin whose only claim is that they copy Bytecoin perfectly, what the fuck do they need donations for??).

Layer After Layer

One of the things that happened soon after the Bytecoin "big reveal" was a string of forks popping up. The first was Bitmonero on April 18. Fantomcoin was launched May 6. Quazarcoin was launched May 8. HoneyPenny was announced on April 21, although only launched as Boolberry on May 17. duckNote was launched on May 30. MonetaVerde as launched June 17.
Now for some reason unbeknownst to anyone with who isn't a retarded fuckface, the Bytecoin code was pushed up to SourceForge on 08/04/2014 (the "Registered" date is at the bottom of the page). I have no idea why they did this, maybe it's to try and lend credence to their bullshit story (oh hey, look how old Bytecoin is, it's even on Sourceforge!)
Coincidentally, and completely unrelated (hurr durr), Quazarcoin, Fantomcoin, and Monetaverde are all also on Sourceforge. This gives us a frame of reference and a common link between them - it's quite clear that at least these three are run by the same team as CryptoNote. There is further anecdotal evidence that can be gathered by looking at the shill posts in the threads (especially the way the Moneteverda shills praise merge mining, in a way that is nearly fucking indistinguishable from the Bytecoin praise for multi-sig technology).
QuazarCoin is a special case and deserves a little attention. Let's start with OracionSeis, who launched it. He's well known on Bitcointalk for selling in-game currencies. In that same thread you'll notice this gem right at the end from Fullbuster: "Hey,OracionSeis is no longer under my use so please https://bitcointa.lk/threads/selling-most-of-the-game-currencies.301540/#post-5996983 come into this thread! thank you !" Click through to his new link and Fullbuster clarifies: "Hello, I may look new around here but i've sold my first account and created new one and i have an intention to keep the same services running as my first account did." So now that we know that OracionSeis is a fucking bought account, we can look at his actions a little more critically.
On May 7, just when Monero was being taken back by the community (see below), OracionSeis out of the blue decided to take it overelaunch it himself. This included a now-defunct website at monero.co.in, and a since-abandoned Github. The community pushed back hard, true to form, with hard-hitting statements such as "To reiterate, this is not the original devs, and thus not a relaunch. OP, fuck you for trying this. This should warrant a ban." A man after my own heart. OracionSeis caved and decided to rename it to...QuazarCoin, which launched on May 8. To recap: bought account, launched by trying to "relaunch" Monero, got fucked up, renamed it to QuazarCoin. Clearly and undeniably goes in our pile of fuckface coins.
The other three are a little more interesting. Let's start with ~fuckNote~duckNote. It's hard to say if duckNote is a CryptoNote/Bytecoin project. The addition of the HTML based wallet is a one-trick pony, a common thread among most of the CryptoNote/Bytecoin controlled coins, but that could also be the result of a not-entirely-retarded developer. Given the shill posts in the duckNote thread I'm going to flag it as possibly-controlled-by-the-fuckface-brigade.
And now we come to ~HoneyPenny~ ~MoneyPenny~ ~HoneyBerry~ ~Boolean~ Boolberry. This is an interesting one. This was "pre-announced" on April 21, although it was only released with the genesis block on May 17. This puts it fourth in line, after Fantomcoin and Quazarcoin, although fucktarded proponents of the shittily-named currency insist that it was launched on April 21 because of a pre-announcement. Fucking rejects from the Pool of Stupidity, some of them. At any rate, "cryptozoidberg" is the prolific coder that churned out a Keccak-derived PoW (Wild Keccak) in a month, and then proceeded to add completely fucking retarded features like address aliasing that requires you to mine a block to get an address (lulz) and will never cause any issues when "google" or "obama" or "zuckerberg" want their alias back. Namecoin gets around this by forcing you to renew every ~200 - 250 days, and besides, nobody is making payments to microsoft.bit. This aliasing system is another atypical one-trick-pony that the CryptoNote developers push out and claim is monumental and historical and amazing.
There's also the matter of cryptozoidberg's nickname. In the Bytecoin code there's the BYTECOIN_NETWORK identifiert, which according to the comment is "Bender's nightmare" (hurr durr, such funny, 11100111110001011011001210110110 has a 2 in it). Now this may be a little bit of conjecture, yo, but the same comment appears twice in the "epee" contributed library, once in the levin signature, and again in the portable storage signature. The contexts are so disconnected and different that it would be a fucking stretch to imagine that the same person did not write both of these. We can also rule out this being a Bytecoin-specific change, as the "Bender's nightmare" comments exist in the original epee library on githubw (which is completely unused anywhere on the planet except in Bytecoin, most unusual for a library that has any usefulness, and was first committed to github on February 9, 2014).
We know from the copyright that Andrey N. Sabelnikov is the epee author, and we can say with reasonable certainty that he was involved in Bytecoin's creation and is the dev behind Boolberry. Sabelnikov is quite famous - he wrote the Kelihos botnet code and worked at two Russian security firms, Microsoft took him to court for his involvement (accusing him of operating the botnet as well), and then settled with him out of court on the basis of him not running the botnet but just having written the code. Kelihos is a botnet that pumped out online pharmacy spam (you know the fucking annoying "Y-ou Ne3D Vi-4Gra!?" emails? those.) so it's good to see he transitioned from that to a cryptocurrency scam. Regardless of BBR's claim to have "fixed" CryptoNote's privacy (and the fake fight on Bitcointalk between the "Bytecoin devs" and cryptozoidberg), it's clear that the link between them is not transparent. BBR is either the brainchild of a spam botnet author that worked on Bytecoin, or it's the CryptoNote developers trying to have one currency distanced from the rest so that they have a claim for legitimacy. I think it's the second one, and don't want to enter into a fucking debate about it. Make up your own mind.
Which brings us to the oddest story of the bunch: Bitmonero. It's pretty clear, given its early launch date and how unfamiliar anyone was with creating a genesis block or working in completely undocumented code, that thankful_for_today is/was part of the CryptoNote developers. He made a fatal error, though: he thought (just like all the other cryptocurrencies) that being "the dev" made him infallible. Ya know what happened? He tried to force his ideas, the community politely said "fuck you", and Bitmonero was forked into Monero, which is leading the pack of CryptoNote-based coins today. Let me be perfectly fucking clear: it doesn't matter that the Bytecoin/CryptoNote developers know their code and can push stuff out, and it doesn't matter that Sabelnikov can shovel bullshit features into his poorly named cryptocurrency, and it doesn't matter that Monetaverde is "green" and has "merged mining". Nobody working behind these cryptocurrencies is known in the cryptocurrency community, and that alone should be a big fucking red flag. Monero is streets ahead, partly because of the way they're developing the currency, but mostly because the "core devs" or whatever they're called are made up of reasonably well-known people. That there are a bunch of them (6 or 7?) plus a bunch of other people contributing code means that they're sanity checking each other.
And, as we saw, this has fucking infuriated the Bytecoin/CryptoNote developers. They're so angry they waste hours and hours with their Reddit accounts trawling the Monero sub-reddit, for what? Nobody has fallen for their scam, and after my revelation today nobody fucking will. Transparency wins, everything else is bullshit.
As pointed out by canonsburg, when the Bytecoin/CryptoNote people realised they'd lost the fucking game, they took a "scorched earth" approach. If they couldn't have the leading CryptoNote coin...they'd fucking destroy the rest by creating a shit-storm of CryptoNote coins. Not only did they setup a thread with "A complete forking guide to create your own CryptoNote currency", but they even have a dedicated website with a fuckton of JavaScript. Unfortunately this plan hasn't worked for them, because they forgot that nobody gives a fuck, and everyone is going to carry on forking Bitcoin-based coins because of the massive infrastructure and code etc. that works with Bitcoin-based coins.
There are a bunch of other useless CryptoNote coins, by the way: Aeon, Dashcoin, Infinium-8, OneEvilCoin. We saw earlier that Dashcoin is probably another CryptoNote developer driven coin. However, this entire group is not really important enough, nor do they have enough potential, for me to give a single fuck, so make up your own mind. New CryptoNote coins that pop up should be regarded with the utmost caution, given the bullshit capabilities that we've already seen.

All Tied Up in a Bow

I want to cement the relationship between the major CryptoNote shitcoins. I know that my previous section had a lot of conjecture in it, and there's been some insinuation that I'm throwing everyone under the bus because I'm raging against the machine. That's not my style. I'm more of a Katy Perry fan..."you're going to hear me roar". There were some extra links I uncovered during my research, and I lacked the time to add it to this post. Thankfully a little bit of sleep and a can of Monster later have given me the a chance to add this. Let's start with an analysis of the DNS records of the CN coins.
If we look at the whois and DNS records for bytecoin.org, quazarcoin.org, fantomcoin.org, monetaverde.org, cryptonote.org, bytecoiner.org, cryptonotefoundation.org, cryptonotestarter.org, and boolberry.com, we find three common traits, from not-entirely-damming to oh-shiiiiiiit:
  1. There's a lot of commonality with the registrar (NameCheap for almost all of them), the DNS service (HurricaneElectric's Free DNS or NameCheap's DNS), and with the webhost (LibertyVPS, QHosteSecureFastServer.com, etc.)
  2. All of the CN domains use WhoisGuard or similar private registration services.
  3. Every single domain, without exception, uses Zoho for email. The only outlier is bitmonero.org that uses Namecheap's free email forwarding, but it's safe to disregard this as the emails probably just forward to the CryptoNote developers' email.
The instinct may be to disregard this as a fucking convenient coincidence. But it isn't: Zoho used to be a distant second go Google Apps, but has since fallen hopelessly behind. Everyone uses Google Apps or they just use mail forwarding or whatever. With the rest of the points as well, as far-fetched as the link may seem, it's the combination that is unusual and a dead giveaway of the common thread. Just to demonstrate that I'm not "blowing shit out of proportion" I went and checked the records for a handful of coins launched over the past few months to see what they use.
darkcoin.io: mail: Namecheap email forwarding, hosting: Amazon AWS, open registration through NameCheap monero.cc: mail: mail.monero.cc, hosting: behind CloudFlare, open registration through Gandi xc-official.com: mail: Google Apps, hosting: MODX Cloud, hidden registration (DomainsByProxy) through GoDaddy blackcoin.io: mail: Namecheap email forwarding, hosting: behind BlackLotus, open registration through NameCheap bitcoindark.org: mail: no MX records, hosting: Google User Content, open registration through Wix viacoin.org: mail: mx.viacoin.org, hosting: behind CloudFlare, closed registration (ContactPrivacy) through Hostnuke.com neutrinocoin.org: mail: HostGator, hosting: HostGator, open registration through HostGator
There's no common thread between them. Everyone uses different service providers and different platforms. And none of them use Zoho.
My next check was to inspect the web page source code for these sites to find a further link. If you take a look at the main CSS file linked in the source code for monetaverde.org, fantomcoin.org, quazarcoin.org, cryptonotefoundation.org, cryptonote-coin.org, cryptonote.org, bitmonero.org, and bytecoiner.org, we find a CSS reset snippet at the top. It has a comment at the top that says "/* CSS Reset /", and then where it resets/sets the height it has the comment "/ always display scrollbars */". Now, near as I can find, this is a CSS snipped first published by Jake Rocheleau in an article on WebDesignLedger on October 24, 2012 (although confusingly Google seems to think it appeared on plumi.de cnippetz first, but checking archive.org shows that it was only added to that site at the beginning of 2013). It isn't a very popular CSS reset snippet, it got dumped in a couple of gists on Github, and translated and re-published in an article on a Russian website in November, 2012 (let's not go full-blown conspiritard and assume this links "cryptozoidberg" back to this, he's culpable enough on his own).
It's unusual to the point of being fucking impossible for one site to be using this, let alone a whole string of supposedly unrelated sites. Over the past few years the most popular CSS reset scripts have been Eric Meyer's "Reset CSS", HTML5 Doctor CSS Reset, Yahoo! (YUI 3) Reset CSS, Universal Selector ‘’ Reset, and Normalize.css, none of which contain the "/ CSS Reset /" or "/ always display scrollbars */" comments.
You've got to ask yourself a simple question: at what point does the combination of all of these fucking coincidental, completely unusual elements stop being coincidence and start becoming evidence of a real, tenable link? Is it possible that bytecoin.org, quazarcoin.org, fantomcoin.org, monetaverde.org, cryptonote.org, bytecoiner.org, cryptonotefoundation.org, cryptonotestarter.org, and boolberry.com just happen to use similar registrars/DNS providers/web hosts and exactly the fucking same wildly unpopular email provider? And is it also possible that monetaverde.org, fantomcoin.org, quazarcoin.org, cryptonotefoundation.org, cryptonote-coin.org, cryptonote.org, and bytecoin.org just happen to use the same completely unknown, incredibly obscure CSS reset snippet? It's not a conspiracy, it's not a coincidence, it's just another piece of evidence that all of these were spewed out by the same fucking people.

The Conclusion of the Matter

Don't take the last section as any sort of push for Monero. I think it's got potential (certainly much more than the other retarded "anonymous" coins that "developers" are popping out like street children from a cheap ho), and I hold a bit of XMR for shits and giggles, so take that tacit endorsement with a pinch of fucking salt.
The point is this: Bytecoin's 82% premine was definitely the result of a faked blockchain. CryptoNote's whitepaper dates were purposely falsified to back up this bullshit claim. Both Bytecoin and CryptoNote have perpetuated this scam by making up fake website data and all sorts. They further perpetuate it using shill accounts, most notably "DStrange" and "Rias" among others.
They launched a series of cryptocurrencies that should be avoided at all cost: Fantomcoin, Quazarcoin, and Monetaverde. They are likely behind duckNote and Boolberry, but fuck it, it's on your head if you want to deal with scam artists and botnet creators.
They developed amazing technology, and had a pretty decent implementation. They fucked themselves over by being fucking greedy, being utterly retarded, being batshit insane, and trying to create legitimacy where there was none. They lost the minute the community took Monero away from them, and no amount of damage control will save them from their own stupidity.
I expect there to be a fuck-ton of shills posting in this thread (and possibly a few genuine supporters who don't know any better). If you want to discuss or clarify something, cool, let's do that. If you want to have a protracted debate about my conjecture, then fuck off, it's called conjecture for a reason you ignoramus. I don't really give a flying fuck if I got it right or wrong, you're old and ugly enough to make up your own mind.
tl;dr - CryptoNote developers faked dates in whitepapers. Bytecoin faked dates in fake blockchain to facilitate an 82% premine, and CryptoNote backed them up. Bytecoin, Fantomcoin, Quazarcoin, Monetaverde, Dashcoin are all from the same people and should be avoided like the fucking black plague. duckNote and Boolberry are probably from them as well, or are at least just fucking dodgy, and who the fuck cares anyway. Monero would have been fucking dodgy, but the community saved it. Make your own mind up about shit and demand that known people are involved and that there is fucking transparency. End transmission.
Just a reminder that if you found this information useful, a little donation would go a long way. Bitcoin address is 1rysLufu4qdVBRDyrf8ZjXy1nM19smTWd.
submitted by OsrsNeedsF2P to CryptoCurrency [link] [comments]

Intro To 0xBitcoin Mining Theory & Pools

Hey guys, a friend of mine was wondering what this 0xBitcoin thing was all about and how it worked and I accidentally wrote a book, I thought it would make a good intro to anyone here who wonders how the mining and pool system work. It is strikingly similar to normal Crypto mining with a few extra challenges due to the nature of ERC20 tokens. Here goes:
The code for the token itself lives here, as a smart contract on Ethereum like any other ERC20 Token (Think EOS, OMG etc in their current form)
https://etherscan.io/address/0xb6ed7644c69416d67b522e20bc294a9a9b405b31
So that code controls how the token works. If you understand code on a basic level I'm sure you'll get the gist of it. The most important function in there is the "mint" function. The contract generates a hashed string (Using SHA-3, / Keccak algorithm),
When a miner solves that problem and finds the solution it will send a transaction to the smart contract with the solution data and call the mint() function, if it's right, the miner is rewarded with the tokens. (Currently with a reward of 50 0xBTC)
Note, 0xBTC has the same reward / difficulty / maximum supply data as Bitcoin itself.
Pools:
So pool software sits in the middle. It fetches the challenge data (The hashed string + The target difficulty) from the 0xBitcoin Smart contract. Miners connect their mining software to the pool server, and the pool software distributes the challenge around them at lower difficulty than the set difficulty that the token contract has set.
Onto a bit of mining theory, think of difficulty as accurracy, and the true solution for the mint() function is a bullseye. You can mine at the exact difficulty as the smart contract (Highest effective difficulty / accuracy), and when your miner finds something it thinks is the valid solution, it is 100% going to be the right one. However, This takes a LONG time to complete. If you mine at 1% of the target difficulty, every time your miner finds a solution it is less accurrate (Less certain to be the true solution) but you'll generate more potential valid solutions in a given amount of time.
Pools work on the theory that if you have lots of people working together for the same reward, they will find the solution faster by sharing the total difficulty among eachother. They generate lots of solutions that will hit within a certain radius of the actual bullseye, on the assumption that one of them will hit the actual target.
When one of them does get the target, the pool has its own Eth wallet and sends off for the mint() function.
It's been tracking the shares from each connected miner, and rewards miners based on the difficulty (remember, Accurracy) of their submitted solutions.
If you have a higher Difficulty (Maybe you have a lot of GPUs) and you send more accurrate solutions to the pool, you get rewarded more "shares" in the pool.
When the reward is hit, and the 0xBTC get sent to the pools wallet, the pool calculates the miners payouts based on:
MinerReward = MinerShares / TotalSharesForBlock
This means that those with more hash power get rewarded fairly for their investment of hash power into the pool because you generate more shares with higher accurracy.
When the block reward (50) is distributed, the smart contract generates a new challenge, the pools will reset everyone's shares and everyone starts working on the next problem.
The 0xBTC Pool Problem
The pools, at the moment then have to send off lots of tiny little transactions (Which cost Ethereum in gas) to distribute the rewarded tokens. This is expensive for the owner and means pools need to run with quite high fees. Also, pools at the moment have quite high payout thresholds in order to mitigate these gas costs.
My current development (0xPool, coming soon!) means that these tokens all get sent in bulk from the pool to a smart contract which accepts tokens and share data from the pool, and allows the miners to withdraw their tokens whenever they please. It also moves the bulk of the gas payment to the miner to withdraw, which is better for everyone involved as pools can lower fees, and miners have the choice of when to cash out their tokens. Tokens are also held in a contract with the share data, so there is no requirement of the miners to trust the pool owner with their tokens for more than ~2 minutes, which is basically how you make mining a little bit more DECENTRALISED, and TRUSTLESS, which is what this whole cryptocurrency thing was meant to be in the first place! Magic!
I hope this little write up helps someone understand the fundamentals of mining, pools, and 0xBTC a little better. Happy mining :)
Check out 0xBitcoin at http://0xbitcoin.org ~ /0xbitcoin Be sure to join the discord if you have any questions or want help setting up miners or trading!
submitted by goyface to CryptoCurrency [link] [comments]

Keccak Lecture 21 (update): SHA-3 Hash Function by Christof Paar ... Security Snippets: SHA-3 Xored Keccak States for Steps in Rounds of SHA-3 Vorlesung 22: Keccak und der SHA-3 von Christof Paar

Bitcoin uses double iterated SHA-256, or SHA-256(SHA-256()), also known as sha256d in most algorithm listings. Most often, it is simply known as sha256d mining as it’s based off generic Hashcash-style work. Ethereum uses Keccak-256 in a consensus ... SHA-3 (Secure Hash Algorithm Version 3), also called Keccak, is a unidirectional function for generating digital prints of the selected length (the standard accepts 224, 256, 384 or 512 bits) from input data of any size, developed by a group of authors led by Yoan Dimen in 2008 and adopted in 2015 as the new FIPS standard.The algorithm works by means of the mixing function with compression to ... Keccak is a family of cryptographic sponge functions and is designed as an alternative to SHA-256 – An algorithm used by Bitcoin and various other crypto currencies. Compared to SHA-256, Keccak (SHA-3) is much faster and is more secure. If you are looking for Keccak Whitepaper then head to this link. If you are looking for specifications and more in-depth information on Keccak encryption ... SHA-3 (Secure Hash Algorithm Version 3), auch Keccak genannt, ist eine unidirektionale Funktion zum Erzeugen digitaler Ausdrucke der ausgewählten Länge (der Standard akzeptiert 224, 256, 384 oder 512 Bit) aus Eingabedaten beliebiger Größe, die von a entwickelt werden Gruppe von Autoren, die 2008 von Yoan Dimen geleitet und 2015 als neuer FIPS-Standard angenommen wurde. Take a look at the Keccak result in this paper. The ASIC space, atleast ASICs with the specific purpose of hashing, have evolved a lot the past 6 years and the numbers are probably not up to date. These graphs (and the corresponding tables) have revealed that Keccak is the only candidate that consistently outperforms SHA-2 for all considered FPGA families and two hash function variants (with ...

[index] [46355] [47576] [49194] [30450] [26832] [37311] [14627] [16035] [7553] [22913]

Keccak

Trace how SHA-3 message digests are made in 24 rounds with five Keccak functions. Set "inbits" to 0 to check if the final step returns the expected digest of the empty message. The left column ... SHA-3 SHA-3 (Secure Hash Algorithm 3), a subset of the cryptographic primitive family Keccak (/ˈkætʃæk/, or /kɛtʃɑːk/), is a cryptographic hash function designed by Guido Bertoni, Joan ... Trabalho da Disciplina de Segurança de Sistemas Computacionais - Pós Graduação em Gestão Estratégica de TI - Horus Faculdades. Algoritmo Keccak - SHA-3. Let's Talk ETC! provides timely news about ETC and related technologies including: Ethereum, Bitcoin, blockchains and more. Feel free to leave requests, questions and comments below. ETC website ... MaxCoin Crypto Currency Algorithm: Keccak (SHA-3) Total coins: 100,000,000 Block time: 30 seconds Block reward: 48 MaxCoin per block, halving every ~12 month...

#