Proposed anonimity feature : The Dark Blockchain
-
Sorry, I’m late . I agree the dark blockchain , willing to join the work.
-
I’ve added some of the comments and ideas to the functional requirement / white paper on Github.
https://github.com/wrapperband/PrivateBlockchainAddress
Any comments, particularly on how to use Github to update the project. Github is so dense and powerful to learn, especially as this is just documentation at the moment…
-
I happened to scoop up DarkBlockchain.com. If thats of any use here
-
I’ve added some of the comments and ideas to the functional requirement / white paper on Github.
It would be a breakthrough, because Nakamoto in his paper states that the transactions must be publicly announced in such way that all nodes are aware of the true nature of all the transactions. To me, it seems like trying to invent perpetuum mobile, but on the other hand, perpetuum mobile inventors did contribute to the technological progress, so I don’t want to completely discourage this. Let’s just not get involved in it too much, or it might reflect bad on us.
-
I am a Physicist with a PhD and if I thought that there was any slight chance of PBAs not being feasible, I would not be bothering to ask for comments let alone document it. (although I am learning Github).
i.e. the whole reason I think it will work is that it is doing nothing new to achieve it, it is just an extra layer of encryption which hides which address is linked to which, when a transaction is made…
I have even explained more in the paper how encrypted address could look exactly like a normal address, so all other parts of the software would work the same. The more I look it it the less work might be involved, if it is done cleverly and carefully.
As far as Nakamoto is concerned the transactions are publicly announced. With PBAs, it isn’t public which address they came from. If you don’t encrypt the coin amount then there is absolutely no conflict.
What Nakamoto states in his paper is more about trusting the system and the need to validate the system. We now accept the system is validated, so only need to know the software has proceed a valid transaction. We don’t manually inspect every transaction (any more) and as I have pointed out, the sender and receiver can still validate the (private) transaction.
Also, it is only the action of the software during mining that validates and address or transaction and other miners who validate it, we have no other way of knowing. That is the public nodes Nakamoto was referring to. Particularly as he initially envisaged CPU mining and each (mining) wallet to be a node.
And, even with unencrypted addresses, it is still only the sender and receiver who can fully validate that the correct transaction has occurred.
-
But is it not true that any node with a full block chain (mining or not) would not pass on a transaction it thought was invalid? Would it not check that the inputs actually exist?
-
What Nakamoto states in his paper is more about trusting the system and the need to validate the system. We now accept the system is validated, so only need to know the software has proceed a valid transaction. We don’t manually inspect every transaction (any more) and as I have pointed out, the sender and receiver can still validate the (private) transaction.
Also, it is only the action of the software during mining that validates and address or transaction and other miners who validate it, we have no other way of knowing. That is the public nodes Nakamoto was referring to. Particularly as he initially envisaged CPU mining and each (mining) wallet to be a node.
That’s centralization. Nakamoto calls it a mint. ACP is a mint, but white, under public scrutiny. You are proposing a dark mint.
-
That’s centralization. Nakamoto calls it a mint. ACP is a mint, but white, under public scrutiny. You are proposing a dark mint.
I have proposed a system which can be implemented as “dark addresses” but a “light Mint”. It is only proposed as a possible enhancement that coin amounts or the mining payout amounts would be encrypted.
Partly to assuage your concerns, I am personally happy that the software now performs correctly (within its specification) and don’t feel necessary to inspect every block for correct action, except (to some extent depending on the software changes) during testing.
That is not to say there are not external influences i.e. opening up new areas for exploit by hackers. However, this “investigation” is to fix the possible exploitation of privacy leakage, which already opens you up to hackers. I suggested the “Dark Blockchain” idea as a discussion focus.
If it is possible to link your IP to an blockchain address, then it is possible to link your transactions and inventory. That starts to become worth exploiting. The final hack might end up being in meatspace (steal you PC or USB sticks), especially as more wealth gets stored in coins.
Also, my understanding of ACP is that it is to prevent double spending. Unfortunately, it does not validate the address. ACP did not help with timewarp attacks and had to be turned down to avoid a increased vulnerability.
The way the mining works it is possible for large exchanges to compile transactions blocks. But that can be used (sometimes inadvertently) by large actors in the network to invalidate the “correct fork” of the blockchain.
So, ACP is not a Mint, more an extra check on your bank balance before fund transfer.
-
An open protocol to allow **secure authorization ** in a simple and standard method from web, mobile and desktop applications.
OAuth is an open standard for authorization. OAuth provides client applications a ‘secure delegated access’ to server resources on behalf of a resource owner. It specifies a process for resource owners to authorize third-party access to their server resources without sharing their credentials. Designed specifically to work with Hypertext Transfer Protocol (HTTP), OAuth essentially allows access tokens to be issued to third-party clients by an authorization server, with the approval of the resource owner, or end-user. The client then uses the access token to access the protected resources hosted by the resource server.[1] OAuth is commonly used as a way for web surfers to log into third party web sites using their Google, Facebook or Twitter accounts, without worrying about their access credentials being compromised.[2]
-
Could that be usefull?
