IRS Agent Who Took Down ‘Silk Road’ Turns His Attention To ...

The Privacy Coin Guide Part 1

As interest picks up in crypto again, I want to share this post I made on privacy coins again to just give the basics of their evolution. This is only part 1, and parts 2 and 3 are not available in this format, but this part is informative and basic.
If you’re looking for a quick and easy way to assess what the best privacy coin in the current space is, which has the best features, or which is most likely to give high returns, then this is not that guide. My goal is to give you the power to make your own decisions, to clearly state my biases, and educate. I really wanted to understand this niche of the crypto-space due to my background and current loyalties[1], and grasp the nuances of the features, origins and timelines of technologies used in privacy coins, while not being anything close to a developer myself. This is going to be a 3-part series, starting with an overview and basic review of the technology, then looking at its implications, and ending with why I like a specific project. It might be mildly interesting or delightfully educational. Cryptocurrencies are young and existing privacy coins are deploying technology that is a work in progress. This series assumes a basic understanding of how blockchains work, specifically as used in cryptocurrencies. If you don’t have that understanding, might I suggest that you get it? [2],[3],[4] Because cryptocurrencies have a long way to go before reaching their end-game: when the world relies on the technology without understanding it. So, shall we do a deep dive into the privacy coin space?

FIRST THERE WAS BITCOIN

Cryptocurrencies allow you to tokenize value and track its exchange between hands over time, with transaction information verified by a distributed network of users. The most famous version of a cryptocurrency in use is Bitcoin, defined as peer-to-peer electronic cash. [5] Posted anonymously in 2008, the whitepaper seemed to be in direct response to the global financial meltdown and public distrust of the conventional banking and financing systems. Although cryptographic techniques are used in Bitcoin to ensure that (i) only the owner of a specific wallet has the authority to spend funds from that wallet, (ii) the public address is linked but cannot be traced by a third party to the private address (iii) the information is stored via cryptographic hashing in a merkle tree structure to ensure data integrity, the actual transaction information is publicly visible on the blockchain and can be traced back to the individual through chain analysis.[6] This has raised fears of possible financial censorship or the metaphorical tainting of money due to its origination point, as demonstrated in the Silk Road marketplace disaster.[7] This can happen because fiat money is usually exchanged for cryptocurrency at some point, as crypto-enthusiasts are born in the real world and inevitably cash out. There are already chain analysis firms and software that are increasingly efficient at tracking transactions on the Bitcoin blockchain.[8] This lack of privacy is one of the limitations of Bitcoin that has resulted in the creation of altcoins that experiment with the different features a cryptocurrency can have. Privacy coins are figuring out how to introduce privacy in addition to the payment network. The goal is to make the cryptocurrency fungible, each unit able to be exchanged for equal value without knowledge of its transaction history – like cash, while being publicly verifiable on a decentralized network. In other words, anyone can add the math up without being able to see the full details. Some privacy solutions and protocols have popped up as a result:

CRYPTONOTE – RING SIGNATURES AND STEALTH ADDRESSES

Used in: Monero and Particl as its successor RING-CT, Bytecoin
In December 2012, CryptoNote introduced the use of ring signatures and stealth addresses (along with other notable features such as its own codebase) to improve cryptocurrency privacy.[9] An updated CryptoNote version 2 came in October 2013 [10](though there is some dispute over this timeline [11]), also authored under the name Nicolas van Saberhagen. Ring signatures hide sender information by having the sender sign a transaction using a signature that could belong to multiple users. This makes a transaction untraceable. Stealth addresses allow a receiver to give a single address which generates a different public address for funds to be received at each time funds are sent to it. That makes a transaction unlinkable. In terms of privacy, CryptoNote gave us a protocol for untraceable and unlinkable transactions. The first implementation of CryptoNote technology was Bytecoin in March 2014 (timeline disputed [12]), which spawned many children (forks) in subsequent years, a notable example being Monero, based on CryptoNote v2 in April 2014.
RING SIGNATURES and STEALTH ADDRESSES

PROS

– Provides sender and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume
-Does not hide transaction information if not combined with another protocol.

COINJOIN

Used in: Dash
Bitcoin developer Gregory Maxwell proposed a set of solutions to bring privacy to Bitcoin and cryptocurrencies, the first being CoinJoin (January 28 – Aug 22, 2013).[13],[14] CoinJoin (sometimes called CoinSwap) allows multiple users to combine their transactions into a single transaction, by receiving inputs from multiple users, and then sending their outputs to the multiple users, irrespective of who in the group the inputs came from. So, the receiver will get whatever output amount they were supposed to, but it cannot be directly traced to its origination input. Similar proposals include Coinshuffle in 2014 and Tumblebit in 2016, building on CoinJoin but not terribly popular [15],[16]. They fixed the need for a trusted third party to ‘mix’ the transactions. There are CoinJoin implementations that are being actively worked on but are not the most popular privacy solutions of today. A notable coin that uses CoinJoin technology is Dash, launched in January 2014, with masternodes in place of a trusted party.
COINJOIN

PROS

– Provides sender and receiver privacy
– Easy to implement on any cryptocurrency
– Lightweight
– Greater scalability with bulletproofs
– Mature technology

CONS

– Least anonymous privacy solution. Transaction amounts can be calculated
– Even without third-party mixer, depends on wealth centralization of masternodes

ZEROCOIN

Used in: Zcoin, PIVX
In May 2013, the Zerocoin protocol was introduced by John Hopkins University professor Matthew D. Green and his graduate students Ian Miers and Christina Garman.[17] In response to the need for use of a third party to do CoinJoin, the Zerocoin proposal allowed for a coin to be destroyed and remade in order to erase its history whenever it is spent. Zero-knowledge cryptography and zero-knowledge proofs are used to prove that the new coins for spending are being appropriately made. A zero-knowledge proof allows one party to prove to another that they know specific information, without revealing any information about it, other than the fact that they know it. Zerocoin was not accepted by the Bitcoin community as an implementation to be added to Bitcoin, so a new cryptocurrency had to be formed. Zcoin was the first cryptocurrency to implement the Zerocoin protocol in 2016. [18]
ZEROCOIN

PROS

– Provides sender and receiver privacy
– Supply can be audited
– Relatively mature technology
– Does not require a third-party

CONS

– Requires trusted setup (May not be required with Sigma protocol)
– Large proof sizes (not lightweight)
– Does not provide full privacy for transaction amounts

ZEROCASH

Used in: Zcash, Horizen, Komodo, Zclassic, Bitcoin Private
In May 2014, the current successor to the Zerocoin protocol, Zerocash, was created, also by Matthew Green and others (Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza).[19] It improved upon the Zerocoin concept by taking advantage of zero-knowledge proofs called zk-snarks (zero knowledge succinct non-interactive arguments of knowledge). Unlike Zerocoin, which hid coin origins and payment history, Zerocash was faster, with smaller transaction sizes, and hides transaction information on the sender, receiver and amount. Zcash is the first cryptocurrency to implement the Zerocash protocol in 2016. [20]
ZEROCASH

PROS

– Provides full anonymity. Sender, receiver and amount hidden.
– Privacy can be default?
– Fast due to small proof sizes.
– Payment amount can be optionally disclosed for auditing
– Does not require any third-party

CONS

– Requires trusted setup. (May be improved with zt-starks technology)
– Supply cannot be audited. And coins can potentially be forged without proper implementation.
– Private transactions computationally intensive (improved with Sapling upgrade)

CONFIDENTIAL TRANSACTIONS

Used in: Monero and Particl with Ring Signatures as RING-CT
The next proposal from Maxwell was that of confidential transactions, proposed in June 2015 as part of the Sidechain Elements project from Blockstream, where Maxwell was Chief Technical Officer.[21],[22] It proposed to hide the transaction amount and asset type (e.g. deposits, currencies, shares), so that only the sender and receiver are aware of the amount, unless they choose to make the amount public. It uses homomorphic encryption[23] to encrypt the inputs and outputs by using blinding factors and a kind of ring signature in a commitment scheme, so the amount can be ‘committed’ to, without the amount actually being known. I’m terribly sorry if you now have the urge to go and research exactly what that means. The takeaway is that the transaction amount can be hidden from outsiders while being verifiable.
CONFIDENTIAL TRANSACTIONS

PROS

– Hides transaction amounts
– Privacy can be default
– Mature technology
– Does not require any third-party

CONS

– Only provides transaction amount privacy when used alone

RING-CT

Used in: Monero, Particl
Then came Ring Confidential transactions, proposed by Shen-Noether of Monero Research Labs in October 2015.[24] RingCT combines the use of ring signatures for hiding sender information, with the use of confidential transactions (which also uses ring signatures) for hiding amounts. The proposal described a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature which “allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation”.[25] RingCT was implemented in Monero in January 2017 and made mandatory after September 2017.
RING -CONFIDENTIAL TRANSACTIONS

PROS

– Provides full anonymity. Hides transaction amounts and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume

MIMBLEWIMBLE

Used in: Grin
Mimblewimble was proposed in July 2016 by pseudonymous contributor Tom Elvis Jedusorand further developed in October 2016 by Andrew Poelstra.[26],[27] Mimblewimble is a “privacy and fungibility focused cryptocoin transaction structure proposal”.[28] The key words are transaction structure proposal, so the way the blockchain is built is different, in order to accommodate privacy and fungibility features. Mimblewimble uses the concept of Confidential transactions to keep amounts hidden, looks at private keys and transaction information to prove ownership of funds rather than using addresses, and bundles transactions together instead of listing them separately on the blockchain. It also introduces a novel method of pruning the blockchain. Grin is a cryptocurrency in development that is applying Mimblewimble. Mimblewimble is early in development and you can understand it more here [29].
MIMBLEWIMBLE

PROS

– Hides transaction amounts and receiver privacy
– Privacy is on by default
– Lightweight
– No public addresses?

CONS

– Privacy not very effective without high volume
– Sender and receiver must both be online
– Relatively new technology

ZEXE

Fresh off the minds of brilliant cryptographers (Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu), in October 2018 Zexe proposed a new cryptographic primitive called ‘decentralized private computation.[30] It allows users of a decentralized ledger to “execute offline computations that result in transactions”[31], but also keeps transaction amounts hidden and allows transaction validation to happen at any time regardless of computations being done online. This can have far reaching implications for privacy coins in the future. Consider cases where transactions need to be automatic and private, without both parties being present.

NETWORK PRIVACY

Privacy technologies that look at network privacy as nodes communicate with each other on the network are important considerations, rather than just looking at privacy on the blockchain itself. Anonymous layers encrypt and/or reroute data as it moves among peers, so it is not obvious who they originate from on the network. They are used to protect against surveillance or censorship from ISPs and governments. The Invisible Internet Project (I2P) is an anonymous network layer that uses end to end encryption for peers on a network to communicate with each other.[32] Its history dates back to 2003. Kovri is a Monero created implementation of I2P.[33] The Onion Router (Tor) is another anonymity layer [34]) that Verge is a privacy cryptocurrency that uses. But its historical link to the US government may be is concerning to some[35]. Dandelion transaction relay is also an upcoming Bitcoin improvement proposal (BIP) that scrambles IP data that will provide network privacy for Bitcoin as transaction and other information is transmitted.[36],[37],[38]

UPCOMING

Monero completed bulletproofs protocol updates that reduce RINGCT transaction sizes and thus transaction fee costs. (Bulletproofs are a replacement for range proofs used in confidential transactions that aid in encrypting inputs and outputs by making sure they add to zero).
Sigma Protocol – being actively researched by Zcoin team as of 2018 to replace Zerocoin protocol so that a trusted setup is not required.[39] There is a possible replacement for zk-snarks, called zk-starks, another form of zero-knowledge proof technology, that may make a trusted set-up unnecessary for zero-knowledege proof coins.[40]

PART 1 CONCLUSION OF THE PRIVACY COIN GUIDE ON THE TECHNOLOGY BEHIND PRIVACY COINS

Although Bitcoin is still a groundbreaking technology that gives us a trust-less transaction system, it has failed to live up to its expectations of privacy. Over time, new privacy technologies have arrived and are arriving with innovative and exciting solutions for Bitcoin’s lack of fungibility. It is important to note that these technologies are built on prior research and application, but we are considering their use in cryptocurrencies. Protocols are proposed based on cryptographic concepts that show how they would work, and then developers actually implement them. Please note that I did not include the possibility of improper implementation as a disadvantage, and the advantages assume that the technical development is well done. A very important point is that coins can also adapt new privacy technologies as their merits become obvious, even as they start with a specific privacy protocol. Furthermore, I am, unfortunately, positive that this is not an exhaustive overview and I am only covering publicized solutions. Next, we’ll talk more about the pros and cons and give an idea of how the coins can be compared.

There's a video version that can be watched, and you can find out how to get the second two parts if you want on my website (video link on the page): https://cryptoramble.com/guide-on-privacy-coins/
submitted by CryptoRamble to ethereum [link] [comments]

The Privacy Coin Guide Part 1

As interest picks up in crypto again, I want to share this post I made on privacy coins again to just give the basics of their evolution. This is only part 1, and parts 2 and 3 are not available in this format, but this part is informative and basic.
If you’re looking for a quick and easy way to assess what the best privacy coin in the current space is, which has the best features, or which is most likely to give high returns, then this is not that guide. My goal is to give you the power to make your own decisions, to clearly state my biases, and educate. I really wanted to understand this niche of the crypto-space due to my background and current loyalties[1], and grasp the nuances of the features, origins and timelines of technologies used in privacy coins, while not being anything close to a developer myself. This is going to be a 3-part series, starting with an overview and basic review of the technology, then looking at its implications, and ending with why I like a specific project. It might be mildly interesting or delightfully educational. Cryptocurrencies are young and existing privacy coins are deploying technology that is a work in progress. This series assumes a basic understanding of how blockchains work, specifically as used in cryptocurrencies. If you don’t have that understanding, might I suggest that you get it? [2],[3],[4] Because cryptocurrencies have a long way to go before reaching their end-game: when the world relies on the technology without understanding it. So, shall we do a deep dive into the privacy coin space?

FIRST THERE WAS BITCOIN

Cryptocurrencies allow you to tokenize value and track its exchange between hands over time, with transaction information verified by a distributed network of users. The most famous version of a cryptocurrency in use is Bitcoin, defined as peer-to-peer electronic cash. [5] Posted anonymously in 2008, the whitepaper seemed to be in direct response to the global financial meltdown and public distrust of the conventional banking and financing systems. Although cryptographic techniques are used in Bitcoin to ensure that (i) only the owner of a specific wallet has the authority to spend funds from that wallet, (ii) the public address is linked but cannot be traced by a third party to the private address (iii) the information is stored via cryptographic hashing in a merkle tree structure to ensure data integrity, the actual transaction information is publicly visible on the blockchain and can be traced back to the individual through chain analysis.[6] This has raised fears of possible financial censorship or the metaphorical tainting of money due to its origination point, as demonstrated in the Silk Road marketplace disaster.[7] This can happen because fiat money is usually exchanged for cryptocurrency at some point, as crypto-enthusiasts are born in the real world and inevitably cash out. There are already chain analysis firms and software that are increasingly efficient at tracking transactions on the Bitcoin blockchain.[8] This lack of privacy is one of the limitations of Bitcoin that has resulted in the creation of altcoins that experiment with the different features a cryptocurrency can have. Privacy coins are figuring out how to introduce privacy in addition to the payment network. The goal is to make the cryptocurrency fungible, each unit able to be exchanged for equal value without knowledge of its transaction history – like cash, while being publicly verifiable on a decentralized network. In other words, anyone can add the math up without being able to see the full details. Some privacy solutions and protocols have popped up as a result:

CRYPTONOTE – RING SIGNATURES AND STEALTH ADDRESSES

Used in: Monero and Particl as its successor RING-CT, Bytecoin
In December 2012, CryptoNote introduced the use of ring signatures and stealth addresses (along with other notable features such as its own codebase) to improve cryptocurrency privacy.[9] An updated CryptoNote version 2 came in October 2013 [10](though there is some dispute over this timeline [11]), also authored under the name Nicolas van Saberhagen. Ring signatures hide sender information by having the sender sign a transaction using a signature that could belong to multiple users. This makes a transaction untraceable. Stealth addresses allow a receiver to give a single address which generates a different public address for funds to be received at each time funds are sent to it. That makes a transaction unlinkable. In terms of privacy, CryptoNote gave us a protocol for untraceable and unlinkable transactions. The first implementation of CryptoNote technology was Bytecoin in March 2014 (timeline disputed [12]), which spawned many children (forks) in subsequent years, a notable example being Monero, based on CryptoNote v2 in April 2014.
RING SIGNATURES and STEALTH ADDRESSES

PROS

– Provides sender and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume
-Does not hide transaction information if not combined with another protocol.

COINJOIN

Used in: Dash
Bitcoin developer Gregory Maxwell proposed a set of solutions to bring privacy to Bitcoin and cryptocurrencies, the first being CoinJoin (January 28 – Aug 22, 2013).[13],[14] CoinJoin (sometimes called CoinSwap) allows multiple users to combine their transactions into a single transaction, by receiving inputs from multiple users, and then sending their outputs to the multiple users, irrespective of who in the group the inputs came from. So, the receiver will get whatever output amount they were supposed to, but it cannot be directly traced to its origination input. Similar proposals include Coinshuffle in 2014 and Tumblebit in 2016, building on CoinJoin but not terribly popular [15],[16]. They fixed the need for a trusted third party to ‘mix’ the transactions. There are CoinJoin implementations that are being actively worked on but are not the most popular privacy solutions of today. A notable coin that uses CoinJoin technology is Dash, launched in January 2014, with masternodes in place of a trusted party.
COINJOIN

PROS

– Provides sender and receiver privacy
– Easy to implement on any cryptocurrency
– Lightweight
– Greater scalability with bulletproofs
– Mature technology

CONS

– Least anonymous privacy solution. Transaction amounts can be calculated
– Even without third-party mixer, depends on wealth centralization of masternodes

ZEROCOIN

Used in: Zcoin, PIVX
In May 2013, the Zerocoin protocol was introduced by John Hopkins University professor Matthew D. Green and his graduate students Ian Miers and Christina Garman.[17] In response to the need for use of a third party to do CoinJoin, the Zerocoin proposal allowed for a coin to be destroyed and remade in order to erase its history whenever it is spent. Zero-knowledge cryptography and zero-knowledge proofs are used to prove that the new coins for spending are being appropriately made. A zero-knowledge proof allows one party to prove to another that they know specific information, without revealing any information about it, other than the fact that they know it. Zerocoin was not accepted by the Bitcoin community as an implementation to be added to Bitcoin, so a new cryptocurrency had to be formed. Zcoin was the first cryptocurrency to implement the Zerocoin protocol in 2016. [18]
ZEROCOIN

PROS

– Provides sender and receiver privacy
– Supply can be audited
– Relatively mature technology
– Does not require a third-party

CONS

– Requires trusted setup (May not be required with Sigma protocol)
– Large proof sizes (not lightweight)
– Does not provide full privacy for transaction amounts

ZEROCASH

Used in: Zcash, Horizen, Komodo, Zclassic, Bitcoin Private
In May 2014, the current successor to the Zerocoin protocol, Zerocash, was created, also by Matthew Green and others (Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza).[19] It improved upon the Zerocoin concept by taking advantage of zero-knowledge proofs called zk-snarks (zero knowledge succinct non-interactive arguments of knowledge). Unlike Zerocoin, which hid coin origins and payment history, Zerocash was faster, with smaller transaction sizes, and hides transaction information on the sender, receiver and amount. Zcash is the first cryptocurrency to implement the Zerocash protocol in 2016. [20]
ZEROCASH

PROS

– Provides full anonymity. Sender, receiver and amount hidden.
– Privacy can be default?
– Fast due to small proof sizes.
– Payment amount can be optionally disclosed for auditing
– Does not require any third-party

CONS

– Requires trusted setup. (May be improved with zt-starks technology)
– Supply cannot be audited. And coins can potentially be forged without proper implementation.
– Private transactions computationally intensive (improved with Sapling upgrade)

CONFIDENTIAL TRANSACTIONS

Used in: Monero and Particl with Ring Signatures as RING-CT
The next proposal from Maxwell was that of confidential transactions, proposed in June 2015 as part of the Sidechain Elements project from Blockstream, where Maxwell was Chief Technical Officer.[21],[22] It proposed to hide the transaction amount and asset type (e.g. deposits, currencies, shares), so that only the sender and receiver are aware of the amount, unless they choose to make the amount public. It uses homomorphic encryption[23] to encrypt the inputs and outputs by using blinding factors and a kind of ring signature in a commitment scheme, so the amount can be ‘committed’ to, without the amount actually being known. I’m terribly sorry if you now have the urge to go and research exactly what that means. The takeaway is that the transaction amount can be hidden from outsiders while being verifiable.
CONFIDENTIAL TRANSACTIONS

PROS

– Hides transaction amounts
– Privacy can be default
– Mature technology
– Does not require any third-party

CONS

– Only provides transaction amount privacy when used alone

RING-CT

Used in: Monero, Particl
Then came Ring Confidential transactions, proposed by Shen-Noether of Monero Research Labs in October 2015.[24] RingCT combines the use of ring signatures for hiding sender information, with the use of confidential transactions (which also uses ring signatures) for hiding amounts. The proposal described a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature which “allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation”.[25] RingCT was implemented in Monero in January 2017 and made mandatory after September 2017.
RING -CONFIDENTIAL TRANSACTIONS

PROS

– Provides full anonymity. Hides transaction amounts and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume

MIMBLEWIMBLE

Used in: Grin
Mimblewimble was proposed in July 2016 by pseudonymous contributor Tom Elvis Jedusorand further developed in October 2016 by Andrew Poelstra.[26],[27] Mimblewimble is a “privacy and fungibility focused cryptocoin transaction structure proposal”.[28] The key words are transaction structure proposal, so the way the blockchain is built is different, in order to accommodate privacy and fungibility features. Mimblewimble uses the concept of Confidential transactions to keep amounts hidden, looks at private keys and transaction information to prove ownership of funds rather than using addresses, and bundles transactions together instead of listing them separately on the blockchain. It also introduces a novel method of pruning the blockchain. Grin is a cryptocurrency in development that is applying Mimblewimble. Mimblewimble is early in development and you can understand it more here [29].
MIMBLEWIMBLE

PROS

– Hides transaction amounts and receiver privacy
– Privacy is on by default
– Lightweight
– No public addresses?

CONS

– Privacy not very effective without high volume
– Sender and receiver must both be online
– Relatively new technology

ZEXE

Fresh off the minds of brilliant cryptographers (Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu), in October 2018 Zexe proposed a new cryptographic primitive called ‘decentralized private computation.[30] It allows users of a decentralized ledger to “execute offline computations that result in transactions”[31], but also keeps transaction amounts hidden and allows transaction validation to happen at any time regardless of computations being done online. This can have far reaching implications for privacy coins in the future. Consider cases where transactions need to be automatic and private, without both parties being present.

NETWORK PRIVACY

Privacy technologies that look at network privacy as nodes communicate with each other on the network are important considerations, rather than just looking at privacy on the blockchain itself. Anonymous layers encrypt and/or reroute data as it moves among peers, so it is not obvious who they originate from on the network. They are used to protect against surveillance or censorship from ISPs and governments. The Invisible Internet Project (I2P) is an anonymous network layer that uses end to end encryption for peers on a network to communicate with each other.[32] Its history dates back to 2003. Kovri is a Monero created implementation of I2P.[33] The Onion Router (Tor) is another anonymity layer [34]) that Verge is a privacy cryptocurrency that uses. But its historical link to the US government may be is concerning to some[35]. Dandelion transaction relay is also an upcoming Bitcoin improvement proposal (BIP) that scrambles IP data that will provide network privacy for Bitcoin as transaction and other information is transmitted.[36],[37],[38]

UPCOMING

Monero completed bulletproofs protocol updates that reduce RINGCT transaction sizes and thus transaction fee costs. (Bulletproofs are a replacement for range proofs used in confidential transactions that aid in encrypting inputs and outputs by making sure they add to zero).
Sigma Protocol – being actively researched by Zcoin team as of 2018 to replace Zerocoin protocol so that a trusted setup is not required.[39] There is a possible replacement for zk-snarks, called zk-starks, another form of zero-knowledge proof technology, that may make a trusted set-up unnecessary for zero-knowledege proof coins.[40]

PART 1 CONCLUSION OF THE PRIVACY COIN GUIDE ON THE TECHNOLOGY BEHIND PRIVACY COINS

Although Bitcoin is still a groundbreaking technology that gives us a trust-less transaction system, it has failed to live up to its expectations of privacy. Over time, new privacy technologies have arrived and are arriving with innovative and exciting solutions for Bitcoin’s lack of fungibility. It is important to note that these technologies are built on prior research and application, but we are considering their use in cryptocurrencies. Protocols are proposed based on cryptographic concepts that show how they would work, and then developers actually implement them. Please note that I did not include the possibility of improper implementation as a disadvantage, and the advantages assume that the technical development is well done. A very important point is that coins can also adapt new privacy technologies as their merits become obvious, even as they start with a specific privacy protocol. Furthermore, I am, unfortunately, positive that this is not an exhaustive overview and I am only covering publicized solutions. Next, we’ll talk more about the pros and cons and give an idea of how the coins can be compared.

There's a video version that can be watched, and you can find out how to get the second two parts if you want on my website (video link on the page): https://cryptoramble.com/guide-on-privacy-coins/
submitted by CryptoRamble to privacycoins [link] [comments]

The Privacy Coin Guide Part 1

As interest picks up in crypto again, I want to share this post I made on privacy coins again to just give the basics of their evolution. This is only part 1, and parts 2 and 3 are not available in this format, but this part is informative and basic.
If you’re looking for a quick and easy way to assess what the best privacy coin in the current space is, which has the best features, or which is most likely to give high returns, then this is not that guide. My goal is to give you the power to make your own decisions, to clearly state my biases, and educate. I really wanted to understand this niche of the crypto-space due to my background and current loyalties[1], and grasp the nuances of the features, origins and timelines of technologies used in privacy coins, while not being anything close to a developer myself. This is going to be a 3-part series, starting with an overview and basic review of the technology, then looking at its implications, and ending with why I like a specific project. It might be mildly interesting or delightfully educational. Cryptocurrencies are young and existing privacy coins are deploying technology that is a work in progress. This series assumes a basic understanding of how blockchains work, specifically as used in cryptocurrencies. If you don’t have that understanding, might I suggest that you get it? [2],[3],[4] Because cryptocurrencies have a long way to go before reaching their end-game: when the world relies on the technology without understanding it. So, shall we do a deep dive into the privacy coin space?

FIRST THERE WAS BITCOIN

Cryptocurrencies allow you to tokenize value and track its exchange between hands over time, with transaction information verified by a distributed network of users. The most famous version of a cryptocurrency in use is Bitcoin, defined as peer-to-peer electronic cash. [5] Posted anonymously in 2008, the whitepaper seemed to be in direct response to the global financial meltdown and public distrust of the conventional banking and financing systems. Although cryptographic techniques are used in Bitcoin to ensure that (i) only the owner of a specific wallet has the authority to spend funds from that wallet, (ii) the public address is linked but cannot be traced by a third party to the private address (iii) the information is stored via cryptographic hashing in a merkle tree structure to ensure data integrity, the actual transaction information is publicly visible on the blockchain and can be traced back to the individual through chain analysis.[6] This has raised fears of possible financial censorship or the metaphorical tainting of money due to its origination point, as demonstrated in the Silk Road marketplace disaster.[7] This can happen because fiat money is usually exchanged for cryptocurrency at some point, as crypto-enthusiasts are born in the real world and inevitably cash out. There are already chain analysis firms and software that are increasingly efficient at tracking transactions on the Bitcoin blockchain.[8] This lack of privacy is one of the limitations of Bitcoin that has resulted in the creation of altcoins that experiment with the different features a cryptocurrency can have. Privacy coins are figuring out how to introduce privacy in addition to the payment network. The goal is to make the cryptocurrency fungible, each unit able to be exchanged for equal value without knowledge of its transaction history – like cash, while being publicly verifiable on a decentralized network. In other words, anyone can add the math up without being able to see the full details. Some privacy solutions and protocols have popped up as a result:

CRYPTONOTE – RING SIGNATURES AND STEALTH ADDRESSES

Used in: Monero and Particl as its successor RING-CT, Bytecoin
In December 2012, CryptoNote introduced the use of ring signatures and stealth addresses (along with other notable features such as its own codebase) to improve cryptocurrency privacy.[9] An updated CryptoNote version 2 came in October 2013 [10](though there is some dispute over this timeline [11]), also authored under the name Nicolas van Saberhagen. Ring signatures hide sender information by having the sender sign a transaction using a signature that could belong to multiple users. This makes a transaction untraceable. Stealth addresses allow a receiver to give a single address which generates a different public address for funds to be received at each time funds are sent to it. That makes a transaction unlinkable. In terms of privacy, CryptoNote gave us a protocol for untraceable and unlinkable transactions. The first implementation of CryptoNote technology was Bytecoin in March 2014 (timeline disputed [12]), which spawned many children (forks) in subsequent years, a notable example being Monero, based on CryptoNote v2 in April 2014.
RING SIGNATURES and STEALTH ADDRESSES

PROS

– Provides sender and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume
-Does not hide transaction information if not combined with another protocol.

COINJOIN

Used in: Dash
Bitcoin developer Gregory Maxwell proposed a set of solutions to bring privacy to Bitcoin and cryptocurrencies, the first being CoinJoin (January 28 – Aug 22, 2013).[13],[14] CoinJoin (sometimes called CoinSwap) allows multiple users to combine their transactions into a single transaction, by receiving inputs from multiple users, and then sending their outputs to the multiple users, irrespective of who in the group the inputs came from. So, the receiver will get whatever output amount they were supposed to, but it cannot be directly traced to its origination input. Similar proposals include Coinshuffle in 2014 and Tumblebit in 2016, building on CoinJoin but not terribly popular [15],[16]. They fixed the need for a trusted third party to ‘mix’ the transactions. There are CoinJoin implementations that are being actively worked on but are not the most popular privacy solutions of today. A notable coin that uses CoinJoin technology is Dash, launched in January 2014, with masternodes in place of a trusted party.
COINJOIN

PROS

– Provides sender and receiver privacy
– Easy to implement on any cryptocurrency
– Lightweight
– Greater scalability with bulletproofs
– Mature technology

CONS

– Least anonymous privacy solution. Transaction amounts can be calculated
– Even without third-party mixer, depends on wealth centralization of masternodes

ZEROCOIN

Used in: Zcoin, PIVX
In May 2013, the Zerocoin protocol was introduced by John Hopkins University professor Matthew D. Green and his graduate students Ian Miers and Christina Garman.[17] In response to the need for use of a third party to do CoinJoin, the Zerocoin proposal allowed for a coin to be destroyed and remade in order to erase its history whenever it is spent. Zero-knowledge cryptography and zero-knowledge proofs are used to prove that the new coins for spending are being appropriately made. A zero-knowledge proof allows one party to prove to another that they know specific information, without revealing any information about it, other than the fact that they know it. Zerocoin was not accepted by the Bitcoin community as an implementation to be added to Bitcoin, so a new cryptocurrency had to be formed. Zcoin was the first cryptocurrency to implement the Zerocoin protocol in 2016. [18]
ZEROCOIN

PROS

– Provides sender and receiver privacy
– Supply can be audited
– Relatively mature technology
– Does not require a third-party

CONS

– Requires trusted setup (May not be required with Sigma protocol)
– Large proof sizes (not lightweight)
– Does not provide full privacy for transaction amounts

ZEROCASH

Used in: Zcash, Horizen, Komodo, Zclassic, Bitcoin Private
In May 2014, the current successor to the Zerocoin protocol, Zerocash, was created, also by Matthew Green and others (Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza).[19] It improved upon the Zerocoin concept by taking advantage of zero-knowledge proofs called zk-snarks (zero knowledge succinct non-interactive arguments of knowledge). Unlike Zerocoin, which hid coin origins and payment history, Zerocash was faster, with smaller transaction sizes, and hides transaction information on the sender, receiver and amount. Zcash is the first cryptocurrency to implement the Zerocash protocol in 2016. [20]
ZEROCASH

PROS

– Provides full anonymity. Sender, receiver and amount hidden.
– Privacy can be default?
– Fast due to small proof sizes.
– Payment amount can be optionally disclosed for auditing
– Does not require any third-party

CONS

– Requires trusted setup. (May be improved with zt-starks technology)
– Supply cannot be audited. And coins can potentially be forged without proper implementation.
– Private transactions computationally intensive (improved with Sapling upgrade)

CONFIDENTIAL TRANSACTIONS

Used in: Monero and Particl with Ring Signatures as RING-CT
The next proposal from Maxwell was that of confidential transactions, proposed in June 2015 as part of the Sidechain Elements project from Blockstream, where Maxwell was Chief Technical Officer.[21],[22] It proposed to hide the transaction amount and asset type (e.g. deposits, currencies, shares), so that only the sender and receiver are aware of the amount, unless they choose to make the amount public. It uses homomorphic encryption[23] to encrypt the inputs and outputs by using blinding factors and a kind of ring signature in a commitment scheme, so the amount can be ‘committed’ to, without the amount actually being known. I’m terribly sorry if you now have the urge to go and research exactly what that means. The takeaway is that the transaction amount can be hidden from outsiders while being verifiable.
CONFIDENTIAL TRANSACTIONS

PROS

– Hides transaction amounts
– Privacy can be default
– Mature technology
– Does not require any third-party

CONS

– Only provides transaction amount privacy when used alone

RING-CT

Used in: Monero, Particl
Then came Ring Confidential transactions, proposed by Shen-Noether of Monero Research Labs in October 2015.[24] RingCT combines the use of ring signatures for hiding sender information, with the use of confidential transactions (which also uses ring signatures) for hiding amounts. The proposal described a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature which “allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation”.[25] RingCT was implemented in Monero in January 2017 and made mandatory after September 2017.
RING -CONFIDENTIAL TRANSACTIONS

PROS

– Provides full anonymity. Hides transaction amounts and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume

MIMBLEWIMBLE

Used in: Grin
Mimblewimble was proposed in July 2016 by pseudonymous contributor Tom Elvis Jedusorand further developed in October 2016 by Andrew Poelstra.[26],[27] Mimblewimble is a “privacy and fungibility focused cryptocoin transaction structure proposal”.[28] The key words are transaction structure proposal, so the way the blockchain is built is different, in order to accommodate privacy and fungibility features. Mimblewimble uses the concept of Confidential transactions to keep amounts hidden, looks at private keys and transaction information to prove ownership of funds rather than using addresses, and bundles transactions together instead of listing them separately on the blockchain. It also introduces a novel method of pruning the blockchain. Grin is a cryptocurrency in development that is applying Mimblewimble. Mimblewimble is early in development and you can understand it more here [29].
MIMBLEWIMBLE

PROS

– Hides transaction amounts and receiver privacy
– Privacy is on by default
– Lightweight
– No public addresses?

CONS

– Privacy not very effective without high volume
– Sender and receiver must both be online
– Relatively new technology

ZEXE

Fresh off the minds of brilliant cryptographers (Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu), in October 2018 Zexe proposed a new cryptographic primitive called ‘decentralized private computation.[30] It allows users of a decentralized ledger to “execute offline computations that result in transactions”[31], but also keeps transaction amounts hidden and allows transaction validation to happen at any time regardless of computations being done online. This can have far reaching implications for privacy coins in the future. Consider cases where transactions need to be automatic and private, without both parties being present.

NETWORK PRIVACY

Privacy technologies that look at network privacy as nodes communicate with each other on the network are important considerations, rather than just looking at privacy on the blockchain itself. Anonymous layers encrypt and/or reroute data as it moves among peers, so it is not obvious who they originate from on the network. They are used to protect against surveillance or censorship from ISPs and governments. The Invisible Internet Project (I2P) is an anonymous network layer that uses end to end encryption for peers on a network to communicate with each other.[32] Its history dates back to 2003. Kovri is a Monero created implementation of I2P.[33] The Onion Router (Tor) is another anonymity layer [34]) that Verge is a privacy cryptocurrency that uses. But its historical link to the US government may be is concerning to some[35]. Dandelion transaction relay is also an upcoming Bitcoin improvement proposal (BIP) that scrambles IP data that will provide network privacy for Bitcoin as transaction and other information is transmitted.[36],[37],[38]

UPCOMING

Monero completed bulletproofs protocol updates that reduce RINGCT transaction sizes and thus transaction fee costs. (Bulletproofs are a replacement for range proofs used in confidential transactions that aid in encrypting inputs and outputs by making sure they add to zero).
Sigma Protocol – being actively researched by Zcoin team as of 2018 to replace Zerocoin protocol so that a trusted setup is not required.[39] There is a possible replacement for zk-snarks, called zk-starks, another form of zero-knowledge proof technology, that may make a trusted set-up unnecessary for zero-knowledege proof coins.[40]

PART 1 CONCLUSION OF THE PRIVACY COIN GUIDE ON THE TECHNOLOGY BEHIND PRIVACY COINS

Although Bitcoin is still a groundbreaking technology that gives us a trust-less transaction system, it has failed to live up to its expectations of privacy. Over time, new privacy technologies have arrived and are arriving with innovative and exciting solutions for Bitcoin’s lack of fungibility. It is important to note that these technologies are built on prior research and application, but we are considering their use in cryptocurrencies. Protocols are proposed based on cryptographic concepts that show how they would work, and then developers actually implement them. Please note that I did not include the possibility of improper implementation as a disadvantage, and the advantages assume that the technical development is well done. A very important point is that coins can also adapt new privacy technologies as their merits become obvious, even as they start with a specific privacy protocol. Furthermore, I am, unfortunately, positive that this is not an exhaustive overview and I am only covering publicized solutions. Next, we’ll talk more about the pros and cons and give an idea of how the coins can be compared.

There's a video version that can be watched, and you can find out how to get the second two parts if you want on my website (video link on the page): https://cryptoramble.com/guide-on-privacy-coins/
submitted by CryptoRamble to ethtrader [link] [comments]

The Privacy Coin Guide Part 1

As interest picks up in crypto again, I want to share this post I made on privacy coins again to just give the basics of their evolution. This is only part 1, and parts 2 and 3 are not available in this format, but this part is informative and basic.
If you’re looking for a quick and easy way to assess what the best privacy coin in the current space is, which has the best features, or which is most likely to give high returns, then this is not that guide. My goal is to give you the power to make your own decisions, to clearly state my biases, and educate. I really wanted to understand this niche of the crypto-space due to my background and current loyalties[1], and grasp the nuances of the features, origins and timelines of technologies used in privacy coins, while not being anything close to a developer myself. This is going to be a 3-part series, starting with an overview and basic review of the technology, then looking at its implications, and ending with why I like a specific project. It might be mildly interesting or delightfully educational. Cryptocurrencies are young and existing privacy coins are deploying technology that is a work in progress. This series assumes a basic understanding of how blockchains work, specifically as used in cryptocurrencies. If you don’t have that understanding, might I suggest that you get it? [2],[3],[4] Because cryptocurrencies have a long way to go before reaching their end-game: when the world relies on the technology without understanding it. So, shall we do a deep dive into the privacy coin space?

FIRST THERE WAS BITCOIN

Cryptocurrencies allow you to tokenize value and track its exchange between hands over time, with transaction information verified by a distributed network of users. The most famous version of a cryptocurrency in use is Bitcoin, defined as peer-to-peer electronic cash. [5] Posted anonymously in 2008, the whitepaper seemed to be in direct response to the global financial meltdown and public distrust of the conventional banking and financing systems. Although cryptographic techniques are used in Bitcoin to ensure that (i) only the owner of a specific wallet has the authority to spend funds from that wallet, (ii) the public address is linked but cannot be traced by a third party to the private address (iii) the information is stored via cryptographic hashing in a merkle tree structure to ensure data integrity, the actual transaction information is publicly visible on the blockchain and can be traced back to the individual through chain analysis.[6] This has raised fears of possible financial censorship or the metaphorical tainting of money due to its origination point, as demonstrated in the Silk Road marketplace disaster.[7] This can happen because fiat money is usually exchanged for cryptocurrency at some point, as crypto-enthusiasts are born in the real world and inevitably cash out. There are already chain analysis firms and software that are increasingly efficient at tracking transactions on the Bitcoin blockchain.[8] This lack of privacy is one of the limitations of Bitcoin that has resulted in the creation of altcoins that experiment with the different features a cryptocurrency can have. Privacy coins are figuring out how to introduce privacy in addition to the payment network. The goal is to make the cryptocurrency fungible, each unit able to be exchanged for equal value without knowledge of its transaction history – like cash, while being publicly verifiable on a decentralized network. In other words, anyone can add the math up without being able to see the full details. Some privacy solutions and protocols have popped up as a result:

CRYPTONOTE – RING SIGNATURES AND STEALTH ADDRESSES

Used in: Monero and Particl as its successor RING-CT, Bytecoin
In December 2012, CryptoNote introduced the use of ring signatures and stealth addresses (along with other notable features such as its own codebase) to improve cryptocurrency privacy.[9] An updated CryptoNote version 2 came in October 2013 [10](though there is some dispute over this timeline [11]), also authored under the name Nicolas van Saberhagen. Ring signatures hide sender information by having the sender sign a transaction using a signature that could belong to multiple users. This makes a transaction untraceable. Stealth addresses allow a receiver to give a single address which generates a different public address for funds to be received at each time funds are sent to it. That makes a transaction unlinkable. In terms of privacy, CryptoNote gave us a protocol for untraceable and unlinkable transactions. The first implementation of CryptoNote technology was Bytecoin in March 2014 (timeline disputed [12]), which spawned many children (forks) in subsequent years, a notable example being Monero, based on CryptoNote v2 in April 2014.
RING SIGNATURES and STEALTH ADDRESSES

PROS

– Provides sender and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume
-Does not hide transaction information if not combined with another protocol.

COINJOIN

Used in: Dash
Bitcoin developer Gregory Maxwell proposed a set of solutions to bring privacy to Bitcoin and cryptocurrencies, the first being CoinJoin (January 28 – Aug 22, 2013).[13],[14] CoinJoin (sometimes called CoinSwap) allows multiple users to combine their transactions into a single transaction, by receiving inputs from multiple users, and then sending their outputs to the multiple users, irrespective of who in the group the inputs came from. So, the receiver will get whatever output amount they were supposed to, but it cannot be directly traced to its origination input. Similar proposals include Coinshuffle in 2014 and Tumblebit in 2016, building on CoinJoin but not terribly popular [15],[16]. They fixed the need for a trusted third party to ‘mix’ the transactions. There are CoinJoin implementations that are being actively worked on but are not the most popular privacy solutions of today. A notable coin that uses CoinJoin technology is Dash, launched in January 2014, with masternodes in place of a trusted party.
COINJOIN

PROS

– Provides sender and receiver privacy
– Easy to implement on any cryptocurrency
– Lightweight
– Greater scalability with bulletproofs
– Mature technology

CONS

– Least anonymous privacy solution. Transaction amounts can be calculated
– Even without third-party mixer, depends on wealth centralization of masternodes

ZEROCOIN

Used in: Zcoin, PIVX
In May 2013, the Zerocoin protocol was introduced by John Hopkins University professor Matthew D. Green and his graduate students Ian Miers and Christina Garman.[17] In response to the need for use of a third party to do CoinJoin, the Zerocoin proposal allowed for a coin to be destroyed and remade in order to erase its history whenever it is spent. Zero-knowledge cryptography and zero-knowledge proofs are used to prove that the new coins for spending are being appropriately made. A zero-knowledge proof allows one party to prove to another that they know specific information, without revealing any information about it, other than the fact that they know it. Zerocoin was not accepted by the Bitcoin community as an implementation to be added to Bitcoin, so a new cryptocurrency had to be formed. Zcoin was the first cryptocurrency to implement the Zerocoin protocol in 2016. [18]
ZEROCOIN

PROS

– Provides sender and receiver privacy
– Supply can be audited
– Relatively mature technology
– Does not require a third-party

CONS

– Requires trusted setup (May not be required with Sigma protocol)
– Large proof sizes (not lightweight)
– Does not provide full privacy for transaction amounts

ZEROCASH

Used in: Zcash, Horizen, Komodo, Zclassic, Bitcoin Private
In May 2014, the current successor to the Zerocoin protocol, Zerocash, was created, also by Matthew Green and others (Eli Ben-Sasson, Alessandro Chiesa, Christina Garman, Matthew Green, Ian Miers, Eran Tromer, Madars Virza).[19] It improved upon the Zerocoin concept by taking advantage of zero-knowledge proofs called zk-snarks (zero knowledge succinct non-interactive arguments of knowledge). Unlike Zerocoin, which hid coin origins and payment history, Zerocash was faster, with smaller transaction sizes, and hides transaction information on the sender, receiver and amount. Zcash is the first cryptocurrency to implement the Zerocash protocol in 2016. [20]
ZEROCASH

PROS

– Provides full anonymity. Sender, receiver and amount hidden.
– Privacy can be default?
– Fast due to small proof sizes.
– Payment amount can be optionally disclosed for auditing
– Does not require any third-party

CONS

– Requires trusted setup. (May be improved with zt-starks technology)
– Supply cannot be audited. And coins can potentially be forged without proper implementation.
– Private transactions computationally intensive (improved with Sapling upgrade)

CONFIDENTIAL TRANSACTIONS

Used in: Monero and Particl with Ring Signatures as RING-CT
The next proposal from Maxwell was that of confidential transactions, proposed in June 2015 as part of the Sidechain Elements project from Blockstream, where Maxwell was Chief Technical Officer.[21],[22] It proposed to hide the transaction amount and asset type (e.g. deposits, currencies, shares), so that only the sender and receiver are aware of the amount, unless they choose to make the amount public. It uses homomorphic encryption[23] to encrypt the inputs and outputs by using blinding factors and a kind of ring signature in a commitment scheme, so the amount can be ‘committed’ to, without the amount actually being known. I’m terribly sorry if you now have the urge to go and research exactly what that means. The takeaway is that the transaction amount can be hidden from outsiders while being verifiable.
CONFIDENTIAL TRANSACTIONS

PROS

– Hides transaction amounts
– Privacy can be default
– Mature technology
– Does not require any third-party

CONS

– Only provides transaction amount privacy when used alone

RING-CT

Used in: Monero, Particl
Then came Ring Confidential transactions, proposed by Shen-Noether of Monero Research Labs in October 2015.[24] RingCT combines the use of ring signatures for hiding sender information, with the use of confidential transactions (which also uses ring signatures) for hiding amounts. The proposal described a new type of ring signature, A Multi-layered Linkable Spontaneous Anonymous Group signature which “allows for hidden amounts, origins and destinations of transactions with reasonable efficiency and verifiable, trustless coin generation”.[25] RingCT was implemented in Monero in January 2017 and made mandatory after September 2017.
RING -CONFIDENTIAL TRANSACTIONS

PROS

– Provides full anonymity. Hides transaction amounts and receiver privacy
– Privacy can be default
– Mature technology
– Greater scalability with bulletproofs
– Does not require any third-party

CONS

– Privacy not very effective without high volume

MIMBLEWIMBLE

Used in: Grin
Mimblewimble was proposed in July 2016 by pseudonymous contributor Tom Elvis Jedusorand further developed in October 2016 by Andrew Poelstra.[26],[27] Mimblewimble is a “privacy and fungibility focused cryptocoin transaction structure proposal”.[28] The key words are transaction structure proposal, so the way the blockchain is built is different, in order to accommodate privacy and fungibility features. Mimblewimble uses the concept of Confidential transactions to keep amounts hidden, looks at private keys and transaction information to prove ownership of funds rather than using addresses, and bundles transactions together instead of listing them separately on the blockchain. It also introduces a novel method of pruning the blockchain. Grin is a cryptocurrency in development that is applying Mimblewimble. Mimblewimble is early in development and you can understand it more here [29].
MIMBLEWIMBLE

PROS

– Hides transaction amounts and receiver privacy
– Privacy is on by default
– Lightweight
– No public addresses?

CONS

– Privacy not very effective without high volume
– Sender and receiver must both be online
– Relatively new technology

ZEXE

Fresh off the minds of brilliant cryptographers (Sean Bowe, Alessandro Chiesa, Matthew Green, Ian Miers, Pratyush Mishra, Howard Wu), in October 2018 Zexe proposed a new cryptographic primitive called ‘decentralized private computation.[30] It allows users of a decentralized ledger to “execute offline computations that result in transactions”[31], but also keeps transaction amounts hidden and allows transaction validation to happen at any time regardless of computations being done online. This can have far reaching implications for privacy coins in the future. Consider cases where transactions need to be automatic and private, without both parties being present.

NETWORK PRIVACY

Privacy technologies that look at network privacy as nodes communicate with each other on the network are important considerations, rather than just looking at privacy on the blockchain itself. Anonymous layers encrypt and/or reroute data as it moves among peers, so it is not obvious who they originate from on the network. They are used to protect against surveillance or censorship from ISPs and governments. The Invisible Internet Project (I2P) is an anonymous network layer that uses end to end encryption for peers on a network to communicate with each other.[32] Its history dates back to 2003. Kovri is a Monero created implementation of I2P.[33] The Onion Router (Tor) is another anonymity layer [34]) that Verge is a privacy cryptocurrency that uses. But its historical link to the US government may be is concerning to some[35]. Dandelion transaction relay is also an upcoming Bitcoin improvement proposal (BIP) that scrambles IP data that will provide network privacy for Bitcoin as transaction and other information is transmitted.[36],[37],[38]

UPCOMING

Monero completed bulletproofs protocol updates that reduce RINGCT transaction sizes and thus transaction fee costs. (Bulletproofs are a replacement for range proofs used in confidential transactions that aid in encrypting inputs and outputs by making sure they add to zero).
Sigma Protocol – being actively researched by Zcoin team as of 2018 to replace Zerocoin protocol so that a trusted setup is not required.[39] There is a possible replacement for zk-snarks, called zk-starks, another form of zero-knowledge proof technology, that may make a trusted set-up unnecessary for zero-knowledege proof coins.[40]

PART 1 CONCLUSION OF THE PRIVACY COIN GUIDE ON THE TECHNOLOGY BEHIND PRIVACY COINS

Although Bitcoin is still a groundbreaking technology that gives us a trust-less transaction system, it has failed to live up to its expectations of privacy. Over time, new privacy technologies have arrived and are arriving with innovative and exciting solutions for Bitcoin’s lack of fungibility. It is important to note that these technologies are built on prior research and application, but we are considering their use in cryptocurrencies. Protocols are proposed based on cryptographic concepts that show how they would work, and then developers actually implement them. Please note that I did not include the possibility of improper implementation as a disadvantage, and the advantages assume that the technical development is well done. A very important point is that coins can also adapt new privacy technologies as their merits become obvious, even as they start with a specific privacy protocol. Furthermore, I am, unfortunately, positive that this is not an exhaustive overview and I am only covering publicized solutions. Next, we’ll talk more about the pros and cons and give an idea of how the coins can be compared.

There's a video version that can be watched, and you can find out how to get the second two parts if you want on my website (video link on the page): https://cryptoramble.com/guide-on-privacy-coins/
submitted by CryptoRamble to CryptoCurrencies [link] [comments]

Front page, in-depth Guardian article on Bitcoin and Silkroad.

Front page, in-depth Guardian article on Bitcoin and Silkroad. submitted by SmugPolyamorist to Bitcoin [link] [comments]

The fundamentals of bitcoin as an asset exist and they are stupider than you can imagine

tldr; tldr; Hodling is deflationary and all those wild price swings from bitcoin are changes in the fundamental value of bitcoin. Really.
tldr; Imagine there is a market where $100 worth of goods are sold every day using 100 bitcoins which cycle around. Then each bitcoin would be worth $1. Now suppose that 50 of the bitcoins were being held in anticipation of growing in value so only 50 bitcoins were cycling each day. For all the goods in the market to be sold every day each bitcoin will now be worth $2.
Introduction There has been a lot of discussion about what the fundamental value of bitcoin is. The consensus view in this subreddit is that the fundamental value is zero. I argue in this post that the fundamental value of bitcoin is whatever the price is right now, or a something close to it. This is because the fundamentals of bitcoin are stupid. Unimaginably stupid.
Bitcoin as Currency Bitcoin is a terrible currency compared to normal statist filthy fiat. Bitcoins are often permanently lost due to hacking or easily made mistakes. Transactions take considerable time to be confirmed. The price is highly volatile. But this post isn’t going into those issues in depth.
There is little evidence for mainstream Bitcoin use. A report by Morgan Stanley on the acceptance of Bitcoin from online retailers found that only 3 out of the 500 online retailers tracked accepted Bitcoin payments, a decrease from 5 in the previous year. The report concluded: “Bitcoin acceptance is virtually zero and shrinking”.
The number of transaction on darknet markets is large. On darknet markets users buy illegal products using cryptocurrencies (not just Bitcoin). Due to their illegal nature, it is impossible to know the exact value of transactions that take place on them. Between February 2011 and July 2013 the darknet market Silk Road had 1,229,465 transactions comprising 9,519,644 bitcoins in revenue. Darknet markets, along with ransomware payments are the only uses where there is evidence of a substantial number of bitcoin transactions taking place.
To work at scale darknet markets require cryptocurrency to pay for goods on sale. The anonymous nature of cryptocurrency allows transactions to take place without the buyer or the seller knowing anything about each other (although if a buyer has drugs mailed to them the seller will know who they are). If darknet markets used another form of payment then law enforcement could buy something and then track both the money going to the seller and the commission paid to the darknet market. It isn’t true as many people have claimed that nothing backs bitcoin. Bitcoin is backed by darknet markets.
There are a few kinds of people who buy bitcoin and want to spend it. They include drug buyers, those who need to pay off ransomware, money launders, fraudsters, and a few others but for simplicity’s sake I will just call them drug buyers. Likewise, there are a few types of people who sell products for bitcoin but again for simplicity’s sake I will call them drug sellers.
Non-circularity Bitcoin is a currency with a property that I call non-circularity. With Actual Money, when I buy something in a shop, the money I paid with goes towards the wages of the staff, rent and the products themselves among other expenses. This money then flows on to others. When a drug seller receives bitcoin in exchange for their drugs they can’t use the bitcoin to pay for their groceries or to pay their rent. They must exchange the bitcoin for filthy fiat to buy food. The inability to use bitcoin for further purchases means it is a non-circular currency. Bitcoin is a medium of a medium of exchange.
A full bitcoin transaction thus consists of three parts:
  1. A drug buyer goes to a bitcoin exchange to get bitcoin in exchange for filthy fiat
  2. The drug buyer goes to the DNM to exchange bitcoin for drugs from the drug seller
  3. The drug seller goes to the bitcoin exchange to get filthy fiat in exchange for bitcoin
An exchange is any place which matches buyers and sellers of bitcoin. This includes online exchanges like Coinbase as well as LocalBitcoins which matches people for face to face transactions. As nobody receives bitcoin for payment except drug dealers, the only place for drug buyers to get bitcoin is an exchange. The extreme volatility of bitcoin means that drug buyers and sellers try to complete the process as quickly as possible and avoid holding onto bitcoin.
Perfect Price Unstickiness For normal currencies prices are sticky. That means that nominal prices do not respond quickly to changing economic conditions. In contrast bitcoin has what I call perfect price unstickiness so the price of goods in bitcoin changes almost perfectly to changes in the value of bitcoin.
This is because prices for items which can be bought with bitcoin are never actually set in bitcoin, probably due to the high volatility. Instead they are set in fiat. The amount in fiat can either be listed directly, so $US50 for these drugs, or the price can be listed in the converted amount of bitcoin, 0.005BTC if 1 BTC = $US10,000. Changes in the price of bitcoin on exchanges are instantly reflected in the prices of drugs in bitcoins on darknet markets.
Hodling Another feature of bitcoin that should be considered is that people hodl bitcoin. The word comes from a typo of ‘hold’. Bitcoin is often bought on exchanges not for use as a currency to buy drugs, but as an asset in expectation of a price rise. Hodlers are the third type of user of bitcoin along with drug buyers and drug sellers. Although they don’t use it.
What’s the difference between an asset that is held and one that is hodled? This is admittedly vague, but an asset is hodled if it is being held, it can be held for long periods at low costs, it can but isn’t generating any income and there are no plans to generate income from it soon.
Cash under the mattress is being hodled, cash in my wallet that I am going to buy stuff with soon is not. Money in my bank account is generating income and so is not hodled. Bitcoin held in anticipation of price rises is being hodled. Bitcoin bought to buy drugs but which has not been used yet is not. Gold stored in a vault is being hodled, gold used for electronics purposes is not (jewellery is a harder case). A vacant block of land with no plans to develop it or use it for anything is being hodled but one that is soon going to have an apartment block built on it is not.
Commodities can be held and do not generate income until sold but it is expensive to hold most commodities for long periods of time. This prevents most commodities from being hodled.
Velocity The velocity of money is the average number of times a unit of fiat changes hands in a period. You can skip the next three paragraphs as they are a little annoying and you can get by without them. Just know that I am defining the velocity of bitcoin as what the velocity of bitcoin would be if no bitcoin was being hodled.
Due to hodling, the velocity of bitcoin under the conventional definition can vary wildly. Consider two cases. Both have 100 bitcoins, 100 transactions a day and all non-hodled bitcoins are spent each day. The first has no hodled bitcoins, the second 50 hodled bitcoins. The first has a velocity of bitcoin of 1 transaction per day, the second is 0.5 per day.
I want a definition of velocity of bitcoin that is not impacted by changes in hodling. I did consider doing this analysis through changes in velocity but the final formula is easier to understand if we find a definition of velocity of bitcoin that is independent of the level of hodling.
The definition that achieves this is (Length of Time)/(Average length of time to complete transaction). When there is no hodling the two definitions agree but the new definition is unchanged by any rise or fall in the level of hodling, which is what we need. From this point on when I refer to the velocity of bitcoin I am referring to the second definition.
The actual time to complete a bitcoin transaction seems to be over a week. In an interview one vendor claimed that it took one week for the bitcoin to be released from escrow and longer to convert it to actual money.
Intuitive argument Assume that the amount of drugs sold on darknet markets changes little from week to week. If the price of bitcoin doubles over the week then the number of bitcoins flowing through the darknet markets will halve. So where have the bitcoins gone? Drug buyers and sellers don’t have them. The only option is hodlers. In fact, it was the hodlers buying the bitcoins that caused the price to change.
Formula The conventional formula for the relationship between velocity of money (V), nominal amount of money (M), price level (P) and real economic activity (Q) is
V*M = P*Q
I am going to change that equation slightly so it now concerns the velocity of bitcoin (V), the total number of bitcoins (M), the price level of bitcoin (P), the total value in fiat of all economic transactions (Q) and the proportion of bitcoins that are hodled (h). If h*M bitcoins are being hodled then there are (1-h)*M bitcoins being used in economic transactions. The new equation is
V*(1-h)*M = P*Q
Next we isolate P:
P = V*(1-h)*M/Q
If the price level changes from 1 to 1.1 that means that there has been 10% inflation over the period and that the value of bitcoin has fallen. To find the value of a single bitcoin we have to take the reciprocal of P and that gives a formula for the true value of bitcoin:
1/P = Q/[V*(1-h)*M]
In the rest of the post when I write the price of bitcoin I mean the price bitcoin sells for on exchanges. I establish in the next section that this price must be close to the true value of bitcoin.
Equilibrium This section uses the flow of bitcoin model established earlier. We assume no activity from hodlers and that economic users do not hodl bitcoin (not true but it simplifies and does not hurt the model). Furthermore, we assume that all activity on the bitcoin exchanges happens, then all activity on the darknet markets happens. Drug sellers sell their bitcoin to drug buyers, then drug buyers use the bitcoin to buy drugs on the darknet markets. Neither the exchanges or the darknet markets charge commissions. I use specific numbers but my reasoning is easily generalizable.
To establish why the equation is true we must consider what happens if the actual price is higher or lower than the price given by the formula. First let us suppose that the price is lower than the price predicted by the formula. Over the time period of a day suppose that Q = 100 (so $100 worth of transactions a day), V = 1 (transactions take a day), M = 100 (100 bitcoins) and h = 0.5 (50 bitcoins are hodled). This gives a predicted price of $2. Suppose the price is instead $1.
Every day there are $100 worth of drugs available to be sold and buyers willing to buy $100 worth of drugs. At a price of $1 and with only 50 bitcoins available for economic use each day that means that only $50 worth of drugs can be sold. This would drop Q to 50 and immediately correct the equation.
However, there are buyers and sellers who want more drug dealing than that. Some buyers are not going to be able to get their drugs given the current price. Some of them will be willing to pay higher prices for bitcoin to guarantee they can have their drugs. Suppose that the drug sellers have 50 bitcoins (hodlers also have 50). They want to sell their 50 bitcoins to drug buyers on an exchange. Some drug buyers then bid the price of bitcoin up to $1.10 (for example). This benefits other drug buyers as now $55 worth of drug transactions can take place each day. In this way, the price will be bid up to $2, the equilibrium price.
If the price is $1 and the drug buyers have the 50 bitcoins then they will spend the bitcoins to buy $50 worth of drugs and then we are in the situation above.
Now suppose the reverse happens and the actual price is higher than the predicted price. Let the actual price be $4, with all the same example values from the previous example, so the predicted price is $2. On the exchange drug sellers have 50 bitcoins worth $200 to sell. Drug buyers want to buy $100 worth of bitcoin. At this price only 25 bitcoins are sold. To ensure they sell more of their bitcoin, drug buyers bid down the price. If the price does not immediately reach $2 then the left-over bitcoins will be held by the drug sellers until the next day when the price will be bid down again.
The drug sellers holding bitcoin for a few extra days is not the same as hodling because they are actively trying to sell them on an exchange but they haven’t because the price isn’t in equilibrium. They could instead decide to sell only 25 bitcoins and hodl the other 25. This would raise h to 0.75 and the price would be in equilibrium again.
Now suppose that the drug buyers have 50 bitcoins and the price is $4. Then $100 worth of drugs are bought with 25 bitcoins. The drug sellers will not be able to sell their bitcoin as drug buyers already have enough bitcoin to buy the next round of drugs they want. The drug buyers spend their last 25 bitcoin and drug sellers now have 50 bitcoins and the situation is as above.
In conclusion, the price of Bitcoin is fundamentally determined by speculators and brought into equilibrium by criminals.
Inflows and Outflows of Hodling The previous section treated the level of hodling as constant, except when drug buyers or sellers decide to hodl extra bitcoins that are in their possession. Now we will treat the amount of hodled bitcoins as changing. The next topic to consider is the relationship between filthy fiat spent to hodl bitcoins and the bitcoin price.
To calculate how much it costs to raise the hodl ratio from 0 to h we assume that the bitcoins are bought continuously. We integrate the function Q/[M*V*(1-t/M)] between 0 and h*M. The result is (Q/V)ln[1/(1-h)].
To double the price of bitcoin by taking h from 0 to 0.5 will cost (Q/V)ln(2). In fact, it will always cost this amount to double the price of bitcoin as we can see by finding the difference between the total value of hodled bitcoin when we consider hodling levels of h and (h+1)/2.
This means that the price of bitcoin rises exponentially when a constant amount of new money buys bitcoin to hodl. I would illustrate this with a log-scale graph but I don’t know where to find one. It also means that the market capitalisation of a cryptocurrency gives very little idea about how much the cryptocurrency is worth. It is an impossibility for all hodlers to receive the Actual Money that they think their bitcoin is worth.
Volatility People hoping to get rich and their buying and selling bitcoin is what causes bitcoin’s extreme volatility. Theoretically this could be stopped if there was a bank where hodlers could deposit their bitcoins and earn interest. However, for this to work would require the existence of a bitcoin bank which is not a Ponzi which seems like an unlikely outcome.
Hodling Gold A quick digression into gold, but I suspect someone has already thought of what follows. We can consider gold like a conventional commodity with conventional supply and demand curves (the real world for all commodities is more complicated but this is going to be quick). But people also hodl gold. If hodlers decide to buy $100 million worth of gold produced in the year, then that will change the equilibrium price. The new price is such that the difference between the quantity demanded by non-hodlers and the quantity supplied at that price multiplied by the price is 100 million.
If the overall level of hodling declines then the reverse happens. The hodlers sell an amount of gold, that amount is the difference between the amount supplied and demanded. The hodlers earn that amount multiplied by the new lower price. (I assumed people bought a fiat amount of gold and sold a volume of gold to make things easier).
Without another hodler to take on the gold or an improvement in market conditions, the hodlers are guaranteed a loss. To make a profit hodling gold you need there to be hodlers to sell it on to (or an improvement in the underlying factors). It follows that all the gold hodled in the world today cannot be sold without causing the fundamentals of gold to collapse. With 40% of the gold produced in 2017 being hodled this will eventually become a significant issue.
Full Reserve Banking Another place where we can consider the impact of hodling is full reserve banking. It is a form of banking where banks are required to have cash on hand equal to the full amount in all demand deposit accounts. The bank does not lend this money. This contrasts with the present system where banks are only required to have a certain fraction of this amount on hand, called fractional reserve banking. Money in a fractional reserve bank account is not being hodled (or is, but to a more limited degree) as it is being lent on to other people and it is generating income for the depositor.
Deposits under full reserve banking are hodling. They are like cash stuffed under a mattress but have better security. In a recession people increase their saving rates. Much of this additional saving will be in liquid assets because of fears of economic trouble. This rise in deposits under full reserve is an increase in hodled cash which then causes deflation. This is a big problem in a recession. (Somebody else has probably already made this observation).
Velocity and Value Consider the equation of bitcoin’s value again. Notice that the value increases when V decreases. Which means that the length of time to complete a transaction has increased. Bitcoin is an asset and a currency and its value as an asset increases as the length of time it takes to complete a transaction increases. This is a minor bit of stupidity which surprised me but seems obvious in retrospect as if bitcoins take longer to be processed then they must be worth more so that all transactions can happen. (This is assuming that a decrease in V does not also cause a decrease in Q which might be caused by drug buyers and sellers switching to a different cryptocurrency).
Hodler Behavior With one exception which I might make in another post I make no assumptions about hodler behaviour. I think they are buying and selling with no rational basis. But there are two rational reasons why someone would expect the price of bitcoin to rise: increased economic activity using the cryptocurrency in the darknet markets or an increased level of hodling in the future. The DNM is an actual economic activity but due to its illegality knowing anything about the amounts involved is impossible for almost everyone as is predicting their trends. Future hodling levels are also impossible to predict, unless you run a pump and dump. We can’t expect any sort of rational behavior from hodlers.
Nakamoto Scheme Preston Byrne developed the concept of a Nakamoto Scheme to describe cryptocurrencies because of how they differed from Ponzis and pyramid schemes. While bitcoin has been frequently called a Ponzi or pyramid scheme it is clearly something different. There are no “dividends” paid or any sort of organised structure. There are similarities, notably early adopters make their money at the expense of later adopters. Like in pyramid schemes hodlers try to convince new people to join in.
It is best to consider bitcoin as a type of asset which is uniquely suited for a pump and dump. When hodlers buy bitcoin, and encourage others to do the same (the pump) the fundamental price of bitcoin really is raised by these actions which helps the pump.
To add to Byrne’s work, we should put the properties of cryptocurrency assets at the centre of the scheme. A Nakamoto scheme works like this: first create a cryptocurrency and keep most of it for yourself. Then release it and try to get as many other people hodling as possible and try to get the darknet markets to adopt it (I’m looking at you Monero). This increases the fundamental value of the asset. Then dump your hodlings. Pocket the actual money. This is probably legal right now. But I’m not a law-knowing person.
For the hodler the Nakamoto scheme is like going to a party. You arrive and leave later on. If there are more people at the party when you leave compared to when you arrived then you’ve made a profit. There is also drug dealing going on at the party. The change in the level of drug dealing also impacts your profits. You have to try and get more people to come to the party and be careful of everyone else at the party who have the exact same incentives as you. It is a weird new form of scam.
Lower bound on price While the price of bitcoin can theoretically be infinitely high there is a lower bound on the price when the hodling ratio is zero. For given levels of Q, V and M the value of bitcoin can never go below Q/[V*M] (the highest possible price for bitcoin is when 1 satoshi is equal to the value of a transaction).
Some bitcoins have been permanently lost due to people losing their wallet keys or bitcoins being sent to the wrong address. If we suppose that H is the proportion of coins that have been permanently lost then the actual lower bound is Q/[V*(1-H)*M]. Note that a hodler losing their coins does not change the present fundamental value of bitcoin.
What could cause bitcoin’s price to go lower? Besides a mass hodler sell-off the obvious reason is a permanent decline in Q. What could cause this? Law enforcement have successfully shut down many darknet markets but others have replaced them quickly. What could really hurt darknet markets is increased government scrutiny of exchanges. When governments realise that bitcoin has no use beyond criminal transactions and speculation they might decide to treat every bitcoin transaction as inherently suspicious and regulate exchanges heavily. This will make bitcoin much harder to use for criminal transactions and thus greatly decrease Q and the value of bitcoin.
Previous work This post is not entirely original. Satoshi himself said that if a bitcoin user wanted to give a donation to everyone else then they should delete the keys to their wallet and increase the value of everybody else’s bitcoins. I realised that someone who hodled a bitcoin would temporarily have the same effect.
More significantly Joseph C Wang came up with a formula very similar to mine. A significant difference is that he thought increased economic activity with bitcoin would not cause an increase in bitcoin’s value but an increase in its velocity. My model has nominal prices of drugs in bitcoin falling when Q increases. Wang has prices remaining the same and the velocity of bitcoin increasing to handle the extra transactions. I developed my formula before I became aware of Wang’s work.
Further Topics This post is over 4000 words so I have not gone into depth on a few subjects like the costs of block rewards (higher than you think), shocks like darknet market shutdowns, why bitcoin can’t fall to a liquidity trap, how to value a cryptocurrency that isn’t being used for economic transactions and why it makes sense that bitcoin and bcash had a higher combined value at the time of the fork compared to bitcoin alone. If there is demand I’ll put together a second post which will cover these issues.
submitted by GBerkeley1734 to Buttcoin [link] [comments]

I’ve been researching privacy coins deeply and feel I’ve reached a sufficient findings to merit sharing my stance re SUMO.

By Taylor Margot. Everyone should read this!
THE BASICS
SUMOkoin is a fork of MONERO (XMR). XMR is a fork of Bytecoin. In my opinion, XMR is hands down the most undervalued coin in the top 15. Its hurdle is that people do not know how to price in privacy to the price of a coin yet. Once people figure out how to accurately assess the value privacy into the value of a coin, XMR, along with other privacy coins like SUMOkoin, will go parabolic.
Let’s be clear about something. I am not here to argue SUMOkoin is superior to XMR. That’s not what this article is about and frankly is missing the point. I don’t find the SUMOkoin vs. XMR debate interesting. From where I stand, investing in SUMOkoin has nothing to do with SUMOkoin overtaking XMR or who has superior tech. If anything, I think the merits of XMR underline the value of SUMOkoin. What I do find interesting is return on investment (“ROI”).
Imagine SUMO was an upcoming ICO. But you knew ahead of time that they had a proven product-market fit and an awesome, blue chip code base. That’s basically what you have in SUMO. Most good ICOs raise over 20mil (meaning their starting market cap is $20 mil) but after that, it’s a crapshoot. Investing in SUMO is akin to getting ICO prices but with the amount of information associated with more established coins.
Let me make one more thing clear. Investing is all about information. Specifically it’s about the information imbalance between current value and the quality of your information. SUMO is highly imbalanced.
The fact of the matter is that if you are interested in getting the vision and product/market fit of a $6 billion market cap coin for $20 mil, you should keep reading.
If you are interested in arguing about XMR vs. SUMOkoin, I point you to this infographic
Background
I’m a corporate tech & IP lawyer in Silicon Valley. My practice focuses on venture capital (“VC)”) and mergers & acquisitions (“M&A”). Recently I have begun doing more IP strategy. Basically I spend all day every day reviewing cap tables, stock purchase agreements, merger agreements and patent portfolios. I’m also the CEO of a startup (Scry Chat) and have a team of three full-time engineers.
I started using BTC in 2014 in conjunction with Silk Road and TOR. I recently had a minor conniption when I discovered how much BTC I handled in 2014. My 2017 has been good with IOTA at sub $0.30, POWR at $0.12, ENJIN at $0.02, REQ at $0.05, ENIGMA at $0.50, ITC (IoT Chain) and SUMO.
My crypto investing philosophy is based on betting long odds. In the words of Warren Buffet, consolidate to get rich, diversify to stay rich. Or as I like to say, nobody ever got rich diversifying.
That being said I STRONGLY recommend you have an IRA and/or 401(k) in place prior to venturing into crypto. But when it comes to crypto, I’d rather strike out dozens of times to have a chance at hitting a 100x home run. This approach is probably born out of working with VCs in Silicon Valley who do the same only with companies, not coins. I view myself as an aggressive VC in the cryptosphere.
The Number 1 thing I’ve taken away from venture law is that it pays to get in EARLY.
Did you know that the typical founder buys their shares for $0.00001 per share? So if a founder owns 5 million shares, they bought those shares for $50 total. The typical IPO goes out the door at $10-20 per share. My iPhone calculator says ERROR when it tries to divide $10/0.00001 because it runs out of screen real estate.
At the time of this writing, SUMO has a Marketcap of $18 million. That is 3/10,000th or 1/3333th. Let that sink in for a minute. BCH is a fork of BTC and it has the fourth largest market cap of all cryptos. Given it’s market cap, I am positive SUMO is the best value proposition in the Privacy Coin arena at the time of this writing. *
ROI MERITS OF SUMOkoin
So what’s so good about SUMOkoin? Didn’t you say it was just a Monero knock-off?
1) Well, sort of. SUMO is based on CryptoNote and was conceived from a fork of Monero, with a little bit of extra privacy thrown in. It would not be wrong to think SUMO is to Litecoin as XMR is to Bitcoin.
2) Increased Privacy. Which brings us to point 2. SUMO is doing several things to increase privacy (see below). If Monero is the King of Privacy Coins, then SUMO is the Standard Bearer fighting on the front lines. Note: Monero does many of these too (though at the time of fork XMR could not). Don’t forget Monero is also 5.8 billion market cap to SUMO’s 18 million.
a) RingCT. All transactions since genesis are RingCT (ring confidential transactions) and the minimum “mixin” transactions is 13 (12 plus the original transaction). This passes the threshold to statistically resist blockchain attacks. No transactions made on the SUMO blockchain can ever be traced to the actual participants. Nifty huh? Monero (3+1 mixins) is considering a community-wide fork to increase their minimum transactions to 6, 9, or 12. Not a bad market signal if you’re SUMOkoin eh?
b) Sub-addresses. The wallet deploys disposable sub-addresses to conceal your real sumo wallet address even from senders (who typically would need to know your actual address to send currency). Monero also does this.
3) Fungibility aka “Digital Cash” aka Broad Use Case. “Fungibility” gets thrown about a bunch but basically it means ‘how close is this coin to cash in terms of usage?’ SUMO is one of a few cryptos that can boast true fungibility — it acts just like physical cash i.e. other people can never trace where the money came from or how many coins were transferred. MONERO will never be able to boast this because it did not start as fungible.
4) Mining Made Easy Mode. Seeing as SUMO was a fork, and not an ICO, they didn’t have to rewrite the wheel. Instead they focused on product by putting together solid fundamentals like a great wallet and a dedicated mining app. Basically anyone can mine with the most intuitive GUI mining app out there. Google “Sumo Easy Miner” – run and mine.
5) Intuitive and Secure Wallet. This shouldn’t come as a surprise, yet in this day and age, apparently it is not a prereq. They have a GUI wallet plus those unlimited sub-addresses I mentioned above. Here’s the github if you’d like to review: https://github.com/sumoprojects/SumoGUIWallet The wallet really is one of the best I have seen (ENJIN’s will be better). Clear, intuitive, idiot proof (as possible).
6) Decentralization. SUMO is botnet-proof, and therefore botnet mining resistant. When a botnet joins a mining pool, it adjusts the mining difficulty, thereby balancing the difficulty level of mining.
7) Coin Emission Scheme. SUMO’s block reward changes every 6-months as the following “Camel” distribution schema (inspired by real-world mining production like of crude oil, coal, etc. that is often slow at first, then accelerated in before decline and depletion). MONERO lacks this schema and it is significant. Camel ensures that Sumokoin won’t be a short-lived phenomena. Specifically, since Sumo is proof-of-work, not all SUMO can be mined. If it were all mined, miners would no longer be properly incentivized to contribute to the network (unless transaction fees were raised, which is how Bitcoin plans on handling when all 21 million coins have been mined, which will go poorly given that people already complain about fees). A good emission scheme is vital to viability. Compare Camel and Monero’s scheme if you must: https://github.com/sumoprojects/sumokoin/blob/mastescripts/sumokoin_camel_emission_cal.cpp vs. https://monero.stackexchange.com/questions/242/how-was-the-monero-emission-curve-chosen/247.
8) Dev Team // Locked Coins // Future Development Funds. There are lots of things that make this coin a ‘go.’ but perhaps the most overlooked in crypto is that the devs have delivered ahead of schedule. If you’re an engineer or have managed CS projects, you know how difficult hitting projected deadlines can be. These guys update github very frequently and there is a high degree of visibility. The devs have also time-locked their pre-mine in a publicly view-able wallet for years so they aren’t bailing out with a pump and dump. The dev team is based in Japan.
9) Broad Appeal. If marketed properly, SUMO has the ability to appeal to older individuals venturing into crypto due to the fungibility / similarities to cash. This is not different than XMR, and I expect it will be exploited in 2018 by all privacy coins. It could breed familiarity with new money, and new money is the future of crypto.
10) Absent from Major Exchanges. Thank god. ALL of my best investments have happened off Binance, Bittrex, Polo, GDAX, etc. Why? Because by the time a coin hits a major exchange you’re already too late. Your TOI is fucked. You’re no longer a savant. SUMO is on Cryptopia, the best jenky exchange.
11) Marketing. Which brings me to my final point – and it happens to be a weakness. SUMO has not focused on marketing. They’ve instead gathered together tech speaks for itself (or rather doesn’t). So what SUMO needs a community effort to distribute facts about SUMO’s value prop to the masses. A good example is Vert Coin. Their team is very good at disseminating information. I’m not talking about hyping a coin; I’m talking about how effectively can you spread facts about your product to the masses.
To get mainstream SUMO needs something like this VertCoin post: https://np.reddit.com/vertcoin/comments/7ixkbf/vertbase_a_vertcoin_to_usd_exchange/
MARKET CAP DISCUSSION
For a coin with using Monero’s tech, 20 million is minuscule. For any coin 20 mil is nothing. Some MC comparisons [as of Jan 2, 2017]:
Let’s talk about market cap (“MC”) for a minute.
It gets tossed around a lot but I don’t think people appreciate how important getting in as early as possible can be. Say you buy $1000 of SUMO at 20 mil MC. Things go well and 40 million new money gets poured into SUMO. Now the MC = 60 million. Your ROI is 200% (you invested $1,000 and now you have 3,000, netting 2,000).
Now let’s says say you bought at 40 million instead of 20 million. $20 mill gets poured in until the MC again reaches 60 mil. Your ROI is 50% (you put in $1,000, you now have 1,500, netting 500).
Remember: investing at 20 mil MC vs. 40 mil MC represents an EXTREMELY subtle shift in time of investment (“TOI”). But the difference in net profit is dramatic. the biggest factor is that your ROI multiplier is locked in at your TOI — look at the difference in the above example. 200% ROI vs. 50% ROI. That’s huge. But the difference was only 20 mil — that’s 12 hours in the crypto world.
I strongly believe SUMO can and will 25x in Q1 2018 (400m MC) and 50x by Q4 2018 reach. There is ample room for a tricked out Monero clone at 1 bil MC. That’s 50x.
Guess how many coins have 500 mil market caps? 58 as of this writing. 58! Have many of these coins with about ~500 mil MC have you heard of?
MaidSafeCoin?
Status?
Decred?
Veritaseum?
DRAGONCHAIN ARE YOU KIDDING ME
THE ROLE OF PRIVACY
I want to close with a brief discussion of privacy as it relates to fundamental rights and as to crypto. 2018 will be remembered as the Year of Privacy Coins. Privacy has always been at the core of crypto. This is no coincidence. “Privacy” is the word we have attached to the concept of possessing the freedom to do as you please within the law without explaining yourself to the government or financial institution.
Discussing privacy from a financial perspective is difficult because it has very deep political significance. But that is precisely why it is so valuable.
Privacy is the right of billions of people not to be surveilled. We live in a world where every single transaction you do through the majority financial system is recorded, analyzed and sold — and yet where the money goes is completely opaque. Our transactions are visible from the top, but we can’t see up. Privacy coins turn that upside down.
Privacy is a human right. It is the guarantor of American constitutional freedom. It is the cornerstone of freedoms of expression, association, political speech and all our other freedoms for that matter. And privacy coins are at the root of that freedom. What the internet did for freedom of information, privacy coins will do for freedom of financial transactions.
POST SCRIPT: AN ENGINEER’S PERSPECTIVE
Recently a well respected engineer reached out to me and had this to say about SUMO. I thought I’d share.
"I’m messaging you because I came at this from a different perspective. For reference, I started investing in Sumo back when it was around $0.5 per coin. My background is in CS and Computer Engineering. I currently research in CS.
When I was looking for a coin to invest in, I approached it in a completely different way from what you described in your post, I first made a list of coins with market caps < 20m, and then I removed all the coins that didn’t have active communities.
Next, because of my background, I read through the code for each of the remaining coins, and picked the coins which had both frequent commits to GitHub (proving dev activity), and while more subjective, code that was well written. Sumo had both active devs, and (very) well written code.
I could tell that the people behind this knew what they were doing, and so I invested.
I say all of this, because I find it interesting how we seem to have very different strategies for selecting ‘winners’ but yet we both ended up finding Sumo."

Legal Disclaimer:
THIS POST AND ANY SUBSEQUENT STATEMENTS BY THE AUTHOR DO NOT CONSTITUTE LEGAL OR FINANCIAL ADVICE AND IS NOT INTENDED TO BE LEGAL OR FINANCIAL ADVICE OR RELIED UPON. NO REFERENCES TO THIS POST SHALL BE CONSTRUED AS LEGAL OR FINANCIAL ADVICE. THIS POST REPRESENTS THE LONE OPINION OF A NON-SOPHISTICATED INVESTOR.
submitted by MaesterEmi to CryptoCurrency [link] [comments]

Best of Buttcoin: 2014

There's been some fantastic work done in this subreddit spreading disinformation researching, criticising, and debunking bitcoin and its sacred cows over the past year, which I would like to celebrate.
So here's some posts I saved on bitcoin-related topics. But I started saving things too late... So if you have and/or remember any great posts from the past year, dig them up and post them here.
Also, unironically, maybe someone should start a buttcoin wiki

First, three pieces of investigative journalism from Buttcoin's top minds. Here Charlie_Shrem examines the environmental impact of bitcoin mining. Key finding: For every Bitcoin transaction, 47 kilograms of CO2 is released into the atmosphere from the miners alone.
Current hash rate: 261,900,382 GH/s
Number of transactions per day: 71,331
If we assume rather conservatively that 1GH/s = 1 watt on average, then this would mean 261,900,382W is being used to power the network. We can simplify this to 261,900 kW.
Some miners can do better than 1W per 1GH/s, but many if not most do worse (i.e. 2W per 1GH/s to 10W per 1GH/s).
Going by the figure of 0.527kg CO2 / kWh found on this page,
0.527kg CO2 x 261,900 kW x 24 hours = 3,312,511.2 kg CO2 per day
Now,
3,312,511.2 kg CO2 / 71,331 transactions = 46.44 kg CO2 per transaction
For comparison, even going by this Coindesk Article, an ATM produces daily 3.162kg in CO2 emissions.
0.25kwH x 0.527kg CO2 x 24 hours = 3.162kg/day.
That means that the carbon emission for one Bitcoin transaction is equivalent to about 15 ATMs processing perhaps hundreds or thousands of transactions in a day combined.

Earlier this month Frankeh abruptly interrupted remittance-focused annular onanism by issuing a challenge: to find a single instance where bitcoin works out cheaper than a fiat alternative. In case you need to ask... Nope.
Right, there's a bunch of circlejerking happening in /Bitcoin right now so I think it's time to cut through the bullshit one way or another.
Country to send money to.
The biggest remittance markets are China, Indian and the Philippines.
I believe that since /Bitcoin often gives the Philippines as an example of successful Bitcoin remittance then it is the perfect country to use in our challenge.
Country to send money from.
According to this wikipedia article Malaysia and Canada have the biggest expat Filipino communities. 900,000 and 500,000.
So I think we should do the calculations based on both countries.
The methodology
Most people are not paid in Bitcoin. This is a fact. So for our calculation you must start with fiat, and end in fiat. We're not doing these calculations based on future utility of Bitcoin (No, neo. I'm saying...), we're doing them on the current utility.
We will also be doing a bank to bank remittance, because that is nice an constant. We don't need to take into account pick up locations Bitcoin remittance allows and pick up locations normal remittance allows. They'll vary too much.
Time will also not be taken into account, as time doesn't actually matter when it comes to remittance. Now, Bitcoiners might shout about this particular rule but let me explain my logic behind this.
A foreign worker gets paid every Friday. They start the remittance process on the Friday and regardless of if it takes 0, 3, or 5 days their family back in their home country just needs to base their life around money coming in on remitters pay day + 0, 3, or 5 days. Time taken is of no real value when it comes to remittance. All that matters is that it consistently arrives on day x.
As such, any remittance services that take over 5 working days are to be ignored for the sake of this challenge.
The amount
The amount is going to be 25% of the average wage in each of the countries. This isn't extremely scientific because it doesn't particularly need to be, and the figures are hard to come by.
So 1826.75 MYR for Malaysia and 1,398 CAD for Canada.
Don't bother complaining about these, they're just examples.
Few more ground rules
  • We're going to be going from bank/bank card to bank regardless, so we're not interested in banking fees on either side. They will be the same regardless of Bitcoin or WU (for example)
  • It must be from local fiat to foreign fiat.. You can't palm off the conversion fee to the receivers bank to keep fees down.
  • Any remittance service can be used, as long as Bitcoin is involved for people fighting the Bitcoin corner and Bitcoin isn't used for people fighting the WU (or similar) corner.
  • You must go through the process and document all the fees for each. Fees to look out for are currency spreads, transaction fees on exchanges, etc

Finally a recent thread, but commendable all the same. Hodldown presents some research leading to facts overturning years of knowledge in the bitcoin wiki. Even us shills have been laughing at bitcoin's pathetic capability of 7 transactions per second. It turns out, we were out by at least a factor of 2:
The average number of transactions per block right now is: 665 transactions
The average block size is 0.372731752748842mb.
That means the average transaction is 0.00056049887mb. Which means 1mb of transactions (the limit) is 1784 transactions
Assuming a 10 minute block (a whole other can of worms) that means there is 10*60 seconds.
1784/600 isn't 7. It's a 2.97.
Bitcoin at a technical level can not handle even 3 transactions per second.

In one of the frequent bitcoin user invasions, PayingWithActualMone outlines why the "solution in search of a problem" isn't that great of a solution to much either.
On the transaction side: the Bitcoin community seems convinced that banks are ripping them off (which imo they are not), and that it can be fixed by applying some magicsauce over a transaction that is facilitated by banks regardless. So far in practice I haven't seen any evidence of the 'fast' 'cheap' and 'easy' transactions, like most recently with Mollie. They usually compare the fees of BTC>BTC transactions to the fees of Chase Mastercard > a fucking nomad in the Sahara (with consumer protection) to prove their point. The community also seems convinced that the entire world banks the way America does, not realizing that in Europe banking has been dirt cheap for years.
And the security... oh boy the security. Half the population can't manage to go without a virus for one year (not an actual statistic), and now you expect them to secure their coins? People are dumb as shit, and software is always one step behind the exploits. We could of course create Bitcoin banks, but then there isn't much left of the original idea.
On the 'intrinsic value' side: what the hell is wrong with people. If the underlying product is no good in any aspect, why is it worth much? Right now (that's like 5 years after introduction mind you) BTC is used in 3 types of transactions: Silk Road, SatoshiDice & extremely questionable transactions. It does its job well in that aspect, and that's all it will ever be. The community just turned the technology into a giant ponzi, and they don't care as long as they get paid. The people actually doing business in Bitcoin probably don't care about the price that much.

Someone who deleted their account, on the argument that merchant adoption is a cause of the price drop:
That's just an excuse butters use for the price going down.
There's no real difference between selling bitcoin for fiat and exchanging bitcoin for goods and services. Both are a form of sale of bitcoin, an expression of preference for something other than bitcoin.
If on balance, there's more flow of bitcoin into fiat, goods or services than there is a corresponding opposing flow, then it is simply the market expressing the view that bitcoin is overvalued. Therefore, the reduction in the value of bitcoin (as valued in fiat) is a sincere expression of the market's view of what the correct price for bitcoin is.
Think of an example: A true believer has 20 BTC. He exchanges 10 BTC with Dell for a whizzy server. Dell (or another intermediary) sell the 10 BTC at an exchange in return for fiat. The market price of BTC goes down.
The price goes down, simply because a true believer cut his bitcoin holding, he got out. He thought having a server now was worth more to him than 10 tickets to the moon. Which is an expression of a negative view of the future value of bitcoin. A simple "aggressive" sale in trading parlance.

A late entry from jstolfi. A concise description of the Satoshi/Bitcoin origin story .
My understanding is that "Satoshi" had been trying to solve the technical problem of convincing a bunch of anonymous, volunteers to maintain and protect a distributed ledger, with no central authority.
He thought that he had a solution, in the form of a protocol that included PoW, miner rewards, longest chain, etc. The solution seemed to work on paper; but, as a good scientist, he started an experiment in order to check whether it would also work in practice.
For that experiment to be meaningful, it would have been enough if the coin was mined for several years only by a few hundred computer nerds, with the cooperation of some friendly pizza places and bars.
The US$ price of the coin was not important to the experiment, and it was never meant to be a weapon for libertarians, a way to buy drugs or evade taxes, a competitor to credit cards or Western Union, a sound investment or item for day-trading. All those "goals" were tacked onto it afterwards.

bob237 comments on the the absurdity of coinbase and it's touted 'rebuy' scheme,
It gets even better than that, actually. A lot of bitcoiners don't like 'losing' bitcoin, and so coinbase added a popular 'repurchase bitcoin' feature that automatically debits your bank account to replenish the BTC in your coinbase account after a purchase.
The ultimate result then is that you pay coinbase fiat, they take their cut, and then send that fiat on to the merchant. All 'bitcoins' used in the middle of the transaction are not really bitcoins, but just abstractions in coinbase's internal [off-chain] accounting system.
It's a crap version of paypal, no consumer protection and a ton of fees hidden in the spread when you buy your chuck-e-cheese tokens from them.

saigonsquare explains why ubiquitous tipping isn't the the killer app that it has been touted as, and why bitcoiners may fail to grasp this
Most people understand that there are different sorts of interaction. There are purely social interactions, there are quid-pro-quo interactions, and there are market interactions. Mixing those up causes embarrassment and insult. I wouldn't try to pay my mother-in-law ten bucks for cooking Christmas dinner, and I certainly wouldn't try to pay her ten cents. If a waiter suggests I try the raspberry tart, I won't get away with offering to bake him some cookies next week in compensation; if an office mate suggests I have a slice of her birthday cake, I'll be insulted if she brings me a bill for it. If I spend an hour helping my friend move apartments and he thanks me, I'm fine; we're friends helping each other out. If he pays me two bucks, I'm insulted; he's canceled the social nature of the interaction and instead simply bought my labor for a fraction of its going rate. I'm up two bucks but down a friend.
Ancapspergers, not particularly understanding any sort of interaction more complicated than buying a cheeseburger at Wendy's, assume that all interactions are a form of market transaction, and set pricing accordingly. Normal humans get offended by a penny shaving, because it cancels the social nature of the interaction and turns it into a market transaction--and then informs the recipient that his contribution to the transaction was of negligible value.
submitted by occasionallyrude to Buttcoin [link] [comments]

[uncensored-r/CryptoCurrency] I’ve been researching privacy coins deeply and feel I’ve reached a sufficient findings to merit s...

The following post by MaesterEmi is being replicated because some comments within the post(but not the post itself) have been openly removed.
The original post can be found(in censored form) at this link:
np.reddit.com/ CryptoCurrency/comments/7qfr3r
The original post's content was as follows:
By Taylor Margot. Everyone should read this!
THE BASICS
SUMOkoin is a fork of MONERO (XMR). XMR is a fork of Bytecoin. In my opinion, XMR is hands down the most undervalued coin in the top 15. Its hurdle is that people do not know how to price in privacy to the price of a coin yet. Once people figure out how to accurately assess the value privacy into the value of a coin, XMR, along with other privacy coins like SUMOkoin, will go parabolic.
Let’s be clear about something. I am not here to argue SUMOkoin is superior to XMR. That’s not what this article is about and frankly is missing the point. I don’t find the SUMOkoin vs. XMR debate interesting. From where I stand, investing in SUMOkoin has nothing to do with SUMOkoin overtaking XMR or who has superior tech. If anything, I think the merits of XMR underline the value of SUMOkoin. What I do find interesting is return on investment (“ROI”).
Imagine SUMO was an upcoming ICO. But you knew ahead of time that they had a proven product-market fit and an awesome, blue chip code base. That’s basically what you have in SUMO. Most good ICOs raise over 20mil (meaning their starting market cap is $20 mil) but after that, it’s a crapshoot. Investing in SUMO is akin to getting ICO prices but with the amount of information associated with more established coins.
Let me make one more thing clear. Investing is all about information. Specifically it’s about the information imbalance between current value and the quality of your information. SUMO is highly imbalanced.
The fact of the matter is that if you are interested in getting the vision and product/market fit of a $6 billion market cap coin for $20 mil, you should keep reading.
If you are interested in arguing about XMR vs. SUMOkoin, I point you to this infographic
Background
I’m a corporate tech & IP lawyer in Silicon Valley. My practice focuses on venture capital (“VC)”) and mergers & acquisitions (“M&A”). Recently I have begun doing more IP strategy. Basically I spend all day every day reviewing cap tables, stock purchase agreements, merger agreements and patent portfolios. I’m also the CEO of a startup (Scry Chat) and have a team of three full-time engineers.
I started using BTC in 2014 in conjunction with Silk Road and TOR. I recently had a minor conniption when I discovered how much BTC I handled in 2014. My 2017 has been good with IOTA at sub $0.30, POWR at $0.12, ENJIN at $0.02, REQ at $0.05, ENIGMA at $0.50, ITC (IoT Chain) and SUMO.
My crypto investing philosophy is based on betting long odds. In the words of Warren Buffet, consolidate to get rich, diversify to stay rich. Or as I like to say, nobody ever got rich diversifying.
That being said I STRONGLY recommend you have an IRA and/or 401(k) in place prior to venturing into crypto. But when it comes to crypto, I’d rather strike out dozens of times to have a chance at hitting a 100x home run. This approach is probably born out of working with VCs in Silicon Valley who do the same only with companies, not coins. I view myself as an aggressive VC in the cryptosphere.
The Number 1 thing I’ve taken away from venture law is that it pays to get in EARLY.
Did you know that the typical founder buys their shares for $0.00001 per share? So if a founder owns 5 million shares, they bought those shares for $50 total. The typical IPO goes out the door at $10-20 per share. My iPhone calculator says ERROR when it tries to divide $10/0.00001 because it runs out of screen real estate.
At the time of this writing, SUMO has a Marketcap of $18 million. That is 3/10,000th or 1/3333th. Let that sink in for a minute. BCH is a fork of BTC and it has the fourth largest market cap of all cryptos. Given it’s market cap, I am positive SUMO is the best value proposition in the Privacy Coin arena at the time of this writing. *
ROI MERITS OF SUMOkoin
So what’s so good about SUMOkoin? Didn’t you say it was just a Monero knock-off?
1) Well, sort of. SUMO is based on CryptoNote and was conceived from a fork of Monero, with a little bit of extra privacy thrown in. It would not be wrong to think SUMO is to Litecoin as XMR is to Bitcoin.
2) Increased Privacy. Which brings us to point 2. SUMO is doing several things to increase privacy (see below). If Monero is the King of Privacy Coins, then SUMO is the Standard Bearer fighting on the front lines. Note: Monero does many of these too (though at the time of fork XMR could not). Don’t forget Monero is also 5.8 billion market cap to SUMO’s 18 million.
a) RingCT. All transactions since genesis are RingCT (ring confidential transactions) and the minimum “mixin” transactions is 13 (12 plus the original transaction). This passes the threshold to statistically resist blockchain attacks. No transactions made on the SUMO blockchain can ever be traced to the actual participants. Nifty huh? Monero (3+1 mixins) is considering a community-wide fork to increase their minimum transactions to 6, 9, or 12. Not a bad market signal if you’re SUMOkoin eh?
b) Sub-addresses. The wallet deploys disposable sub-addresses to conceal your real sumo wallet address even from senders (who typically would need to know your actual address to send currency). Monero also does this.
3) Fungibility aka “Digital Cash” aka Broad Use Case. “Fungibility” gets thrown about a bunch but basically it means ‘how close is this coin to cash in terms of usage?’ SUMO is one of a few cryptos that can boast true fungibility — it acts just like physical cash i.e. other people can never trace where the money came from or how many coins were transferred. MONERO will never be able to boast this because it did not start as fungible.
4) Mining Made Easy Mode. Seeing as SUMO was a fork, and not an ICO, they didn’t have to rewrite the wheel. Instead they focused on product by putting together solid fundamentals like a great wallet and a dedicated mining app. Basically anyone can mine with the most intuitive GUI mining app out there. Google “Sumo Easy Miner” – run and mine.
5) Intuitive and Secure Wallet. This shouldn’t come as a surprise, yet in this day and age, apparently it is not a prereq. They have a GUI wallet plus those unlimited sub-addresses I mentioned above. Here’s the github if you’d like to review: https://github.com/sumoprojects/SumoGUIWallet The wallet really is one of the best I have seen (ENJIN’s will be better). Clear, intuitive, idiot proof (as possible).
6) Decentralization. SUMO is botnet-proof, and therefore botnet mining resistant. When a botnet joins a mining pool, it adjusts the mining difficulty, thereby balancing the difficulty level of mining.
7) Coin Emission Scheme. SUMO’s block reward changes every 6-months as the following “Camel” distribution schema (inspired by real-world mining production like of crude oil, coal, etc. that is often slow at first, then accelerated in before decline and depletion). MONERO lacks this schema and it is significant. Camel ensures that Sumokoin won’t be a short-lived phenomena. Specifically, since Sumo is proof-of-work, not all SUMO can be mined. If it were all mined, miners would no longer be properly incentivized to contribute to the network (unless transaction fees were raised, which is how Bitcoin plans on handling when all 21 million coins have been mined, which will go poorly given that people already complain about fees). A good emission scheme is vital to viability. Compare Camel and Monero’s scheme if you must: https://github.com/sumoprojects/sumokoin/blob/mastescripts/sumokoin_camel_emission_cal.cpp vs. https://monero.stackexchange.com/questions/242/how-was-the-monero-emission-curve-chosen/247.
8) Dev Team // Locked Coins // Future Development Funds. There are lots of things that make this coin a ‘go.’ but perhaps the most overlooked in crypto is that the devs have delivered ahead of schedule. If you’re an engineer or have managed CS projects, you know how difficult hitting projected deadlines can be. These guys update github very frequently and there is a high degree of visibility. The devs have also time-locked their pre-mine in a publicly view-able wallet for years so they aren’t bailing out with a pump and dump. The dev team is based in Japan.
9) Broad Appeal. If marketed properly, SUMO has the ability to appeal to older individuals venturing into crypto due to the fungibility / similarities to cash. This is not different than XMR, and I expect it will be exploited in 2018 by all privacy coins. It could breed familiarity with new money, and new money is the future of crypto.
10) Absent from Major Exchanges. Thank god. ALL of my best investments have happened off Binance, Bittrex, Polo, GDAX, etc. Why? Because by the time a coin hits a major exchange you’re already too late. Your TOI is fucked. You’re no longer a savant. SUMO is on Cryptopia, the best jenky exchange.
11) Marketing. Which brings me to my final point – and it happens to be a weakness. SUMO has not focused on marketing. They’ve instead gathered together tech speaks for itself (or rather doesn’t). So what SUMO needs a community effort to distribute facts about SUMO’s value prop to the masses. A good example i...
submitted by censorship_notifier to noncensored_bitcoin [link] [comments]

Of Wolves and Weasels - Day 452 - Weekly Wrapup #58

Hey all, GoodShibe here!
And this was your week in Dogecoin.
This Week’s oWaWs
Announcements
Top Images/Memes of the Week
Other Cool Stuff
Did I miss something? Of course I did! Please let me know in the comments and I'll add it!
It's 8:40AM EST and we've found 98.89% of our first 100 Billion DOGEs! Our Global Hashrate is up from ~1420 to ~1430 Gigahashes per second and our Difficulty is down from ~24749 to ~25602.
As always, I appreciate your support!
GoodShibe
Please take 10 seconds or so out of your day to vote for Josh Wise.
submitted by GoodShibe to dogecoin [link] [comments]

Bitcoin Air — Q&A

2018 have been such a refreshing year when it comes to emerging cryptoprojects and the level of innovation they introduce. Gone are the stupid infographics trying to solidify Coin-X as the highest amount of transactions per second (who cares?).
Instead there seems to be a steady influx of new projects with developers who are innovating for real.
A couple of months back I stumbled across Haven Protocol which caused me to write my first crypto-article ever, fast forward a month-or-so and the first fork of Haven, Bitcoin Air, was quietly announced.
Now many initially dismissed Bitcoin Air as nothing but a Haven Protocol clone, but that is a severe misjudgement. I’ve been lucky enough to follow the development of this project from the inside for a while, and I’ve witnessed first hand that this project has set its sight on introducing a host of new features to the world of cryptocurrencies.
In this Q&A with Bitcoin Air’s Lead Dev, Anthony, I get answers to a lot of questions that should give a good understanding about what Bitcoin Air is aiming to accomplish.
Enjoy.
First of all, how would you summarise what Bitcoin Air is all about for someone who reads about it for the first time?
The first thing we want people to think of when they see, hear, or speak “Bitcoin Air” is simplicity and transparency.
The reason for this being, cryptocurrency is this currently ecstatic and mysterious world that a lot of people are afraid to dive into due to these unknowns. When someone approaches Bitcoin Air, we want them to understand that we are a lightweight, secure, and decentralized payment system that also ofers a static crypto-backed reserves system that allows for a user to print their own fiat currency (AirCash).
In layman’s terms, we want to give the power of the Mint, Reserve, and Banking System all to the consumer and merchant!
What sparked the idea for the project we now know as Bitcoin Air?
The idea for Bitcoin Air was sparked from a protocol concept originally designed by the administrative team. The main idea coming from the fact that Bitcoin is subject to high volatility, and Tether is both manipulatable and a separate entity from what should be a joint efort for Bitcoin.
Beyond this, we feel the need to bring cryptocurrency to a form of widespread acceptance through applying modern technology to age old tactics of in person payments. This will of course be accompanied by all of the amazing features that come with cryptocurrency and it’s secure nature.
The Bitcoin Air project is a fork of Haven, how essential has the Haven teams work been for your concept and project development?
Haven Protocol’s work hasn’t been significant in our development. Their initial idea was sparked to allow users to “offshore” their value to a secure storage environment in some different country.
This idea, to our team, seemed unapproachable and limited it’s greatest potential. We followed through with the idea of offshoring, and instead made it far more approachable and adaptable and instead of creating an internal contract system, devised a bilateral blockchain system that will operate as a dual auditing blockchain.
How would you differentiate what Bitcoin Air will be, compared to Haven, what are your most obvious differences between the two?
Haven Protocol is based on an internal smart contract system that will offshore the value of your coins to a safe storage environment, this will allow you to mint and burn between Haven Protocol and XHVD, safely offshoring your value from volatility.
Bitcoin Air is a bilateral blockchain that will allow one end of the chain to operate in volatile value and conduct basic cryptocurrency transactions including sending and receiving through any basic exchange as well as our internal wallet exchange. The second side of the chain will operate in static value and will operate as a crypto-backed reserve chain for Bitcoin Air.
This static chain will have strictly mint and burn protocols that will allow the creation of Bitcoin Air or AirCash. This static side chain will not allow person to person sends and will instead be specifically designed as a reserves and fiat system for day to day use.
How many developers are actively contributing to your project now?
Currently we have over 8 active developers working around the clock on establishing our test net, minimum viable product, and a proof of concept design that can be presented to the public.
The goal is to operate our development much like an ICO without intentions of gathering funding from the public. We are a privately funded, Non-ICO, Non-VC funded development backed by a handful of guys who simply are very in tune with the cryptocurrency community.
We hope to deliver a well-rounded and established development for the people.
Is there any field in which you are looking for contributions from the community, if so, what are these?
We are always open to as much community contribution as possible. We are 110% focused on community input and transparency and that goes down to every vote and choice we have.
Ultimately we feel that a larger consensus brings the greatest discussions to a situation along with calculated execution. This being said, we are opening an Ambassadors and Evangelists Program that will operate much like a permanent bounty hunters program.
Top level representatives from all countries can apply and voice their expertise on why they should be an Ambassador for Bitcoin Air. This will in turn gain them access to the private Ambassador Panel where they can participate in tasks to earn monthly points for payouts based on worth ethic! Additionally, we are always open to community open-source developers who seek some lead into the cryptocurrency world.
We are always thrilled to teach and learn from other professional development teams as we are seeking to develop the most community driven coin of 2019!
Is the launch of the Bitcoin Air and the air protocol in any way dependant on the Haven teams Offshore Storage smart contracts. Will you have to wait until they release this feature or is the work on the Air Protocol completely independent of that effort?
We are in no way tied to the Haven Protocol development and are developing our own dual chain protocol that will not use smart contracts.
What we hope through our fork with Haven Protocol, is to allow a transition/bridge in between USDAP and XHVD that will bridge both the privacy and clear coin chains to allow for a user based choice of chain use.
We feel privacy is important, but not necessary thanks to the secure nature of cryptocurrency, but we still want to give our users a option to go into a privacy coin at some point effciently without worry of value loss.
Correct me if I’m wrong, Bitcoin Air is a Haven & Bitcoin fork, while Haven originated as a pure Monero fork. If I understand that correctly what does this mean for XAP, for instance; will Monero features like RingCT be a part of your project or will Monero-Specific features not be a part of the overall Bitcoin Air project?
Bitcoin Air is a bilateral merge fork joining Peercoin with Bitcoin, and forking Haven Protocol into our side chain.
This means that, in the end, there will be 2 chains operating together with one being accessible to exchanges and basic user features like sending and receiving; while the other operates privately in the background of this chain only accessible via wallet interface for means of minting/burning and staking/mining.
The Haven Protocol end of the chain will not feature basic usage like sending and receiving, and will instead carry the latest features for minting, burning, and printing of fiat Air Cash.
If I understand correctly, you have two options for binding your cryptocurrency into a static dollar (or similar) value, the first one is $USDAP — which I imagine works more or less like Haven’s $XHVD, right?
$XHVD will operate much like $USDAP, except for the fact that they are using smart contracts and we are applying a new solid blockchain. This static resource backed currency chain will operate to back the overall reserves and value of $XAP and Air Cash
And the second one, Air Cash, I find especially interesting. You will allow users to print their own QR coded “paper money” for use at retailers, etc. Does this money exist on its own sidechain, or is it more or less a physical version of the $USDAP?
This is correct. Air Cash will be the physical, fiat form of $USDAP. Users will be able to customize their own fiat currency sheets with predesigned templates that they can then add to their basic home printer.
The user would choose the denomination (Sheets would print in size of 8 bills) and they could choose to set the bills equally, or to diferent denominations. The wallet would then generate private key, and print the denomination value of $USDAP on the bill front along with the QR code generated Private Key as the center. The wallet would send the wallet to this address and it would be removed from the wallet entirely. The Air Cash would now maintain the value of the $USDAP and can be used in store or handed over to another person.
The merchant or user could then sweep the Air Cash into their wallet and receive $USDAP. The paper would then become worthless and could be recycled as needed.
Will the creating of Air Cash require any form of miner fee, and if so will that fee be a “static value” bound to it or a fluctuating value? In other words, will it be tied to cents or to “satoshis”?
The creating of Air Cash will require a static fee tied to $USDAP that will only vary based on a the amount you send. These ranges would most likely be $0.01-$10,000, $10,001-$100,000, and $100,001+. These fees will most likely be extremely small ranging from $0.05-$0.15 accordingly.
We are not going to allow miners/stakers to set the price on this as people should not be held back from when they need fiat, but all things take resources to create, and we feel a small fee should be in line to provide back resources to the mining and staking community securing and operating our network.
Also, what happens if a user looses an Air Cash bill before they get the ability to spend it. Will it be lost forever, like “normal currency” or will it only be lost if someone manages to spend it before you have time to move the currency to another address, and print a new bill?
The user will have a maintained track record of all of the bills they print within their private Air Cash Ledger. This ledger will not be available to the public due to the Haven Protocol/Monero Privacy Features. The user will be able to swap an Air Cash bill if it has not been swept into the receiving parties wallet if they set the loss prevention feature on within their wallet.
If the bill has been swept into the receiving parties wallet, they will not be able to cancel the bill. This feature will be available via desktop and mobile to ensure the quickest response to lost funds. This would encourage people to ensure that the receiving party sweeps their funds immediately, as you would want to ensure the value is on the bill!
Also, as a miner, I’m curious about how I can obtain Bitcoin Air through mining. I’ve seen you describe the project as “Hybrid Dynamic Proof of Stake and Proof of Work coin” — does this mean that one can both mine and stake in order to participate in the network?
We are currently developing a new consensus algorithm that we are dubbing “Proof of Risk”. We prefer not to release much information on our new consensus algorithm for now, but we plan to release extensive information once it is perfected. Just know for now, you will be allowed to both mine, and stake. It will also be HIGHLY encouraged, if not required, to do so in some sort of way.
Can you tell us a bit more a bout the planned merchant platform, what are its base features and how will it work?
The future merchant platform will be available to both in-person and online merchants. Small Business that accept Bitcoin Air will be able to use any tablet that allows them to download the Bitcoin Air PoS Application. This will allow their tablet to turn into a mobile PoS system with Sweep features thanks to the cameras on most tablets. Merchant can establish their item list and can have the consumer scan the QR code shown on the screen to automatically set the amount and receiving address.
Consumers will confirm the amount and proceed to process the transaction in $XAP. When the merchant receives confirmation, the system will automatically convert their $XAP to $USDAP so they can avoid market volatility until they choose to re-enter and sell to fiat. For online merchants, it will allow integration with most e-commerce platforms available. This means people can proceed to pay for their items with Bitcoin Air via their Desktop or Mobile wallets wherever accepted.
When you fork, you have — in your latest community update — listed the following existing chains that will be receiving Airdrops of either $XAP or $UDSAP:
  1. Bitcoin ($BTC) holders will receive Bitcoin Air ($XAP)
  2. Peercoin ($PPC) holders will receive Bitcoin Air ($XAP)
  3. Haven Protocol ($XHV) holders will receive USD Air Protocol ($USDAP)
I find it interesting that $BTC and $PPC holders will receive $XAP as a result of the fork, while $XHV holders will receive $USDAP instantly without needing to mint them, will this mean that every $XHV holder is guaranteed a re-mintable (or is it burnable, perhaps:) value of ~1$ USD for each $XHV they are holding while the $PPC and $BTC holders will get a coin of fluctuating value?
This is somewhat correct. $XHV holders will receive a static value $USDAP after the snapshot for the fork. Bitcoin and Peercoin holders will receive $XAP, which is subject to market health and volatility due to access via exchanges. Bitcoin and Peercoin holders who would like to exit the volatility can simply mint into $USDAP whenever they would like to.
Full Disclosure: I’m currently a part of the Bitcoin Air team and will help them with their marketing. This is a great chance for me to get “an insiders view” on the development of a new cryptocurrency, and as such I see this as a great opportunity for me to get to write some more interesting articles on Bitcoin Air and its development process as it moves along. Stay tuned.
https://bitcoinair.org/
submitted by 67vader to cryptocurrencynewico [link] [comments]

EB81 – Nathaniel Popper: Digital Gold - The Inside Story Of Bitcoin Bitcoin Black Market: Atlantis vs. Silk Road -- Bitcoins Seized? -- Small Business Bitcoin Can Bitcoin Reach $1 Million by 2020? -Realistically The Silk Road: Connecting the ancient world through trade ... Leo Henry - YouTube

In a recent transaction data, a popular darknet site Silk Road which sells drugs online seems to have moved USD 1 billion worth bitcoin from its cold wallet. In its early years, Bitcoin was known as the currency of the Darknet. People used it for all According to Ross Ulbricht who is the founder of the infamous Silk Road darkweb marketplace, strong signals suggest that BTC is likely to plunge to $1,200. News Bot is working hard day 24/7 gathering the best Bitcoin and Cryptocurrency news for you. Nearly everything published in three categories - Bitcoin News, Ethereum News, and Cryptocurrency News - is taken by News Bot from other news sites. You can find the source link at the bottom of each article - and keep in mind the content is republished as is, we do not verify any information or data ... Ethereum Mining Calculator; Litecoin mining Menu Toggle. Litecoin Mining Hardware; Litecoin Mining Calculator; Monero Mining Menu Toggle. Monero Mining Hardware; Monero Mining Calculator; You are at: Home » News » Where will Silk Road’s customers spend their Bitcoins now? Where will Silk Road’s customers spend their Bitcoins now? By Maria Santos Last updated on January 2, 2018 at 00:00 N In this article, we will be taking a look at some of the most interesting predictions for how the Bitcoin price will perform moving forward. Aside from 2020 Bitcoin predictions, we will also feature some predictions for 2024 and 2028, which is when the next two Bitcoin halvings will be taking place. Peter Brandt: $5,500 target for July 2020

[index] [32750] [3201] [39227] [14766] [39469] [35799] [43173] [9367] [38248] [19915]

EB81 – Nathaniel Popper: Digital Gold - The Inside Story Of Bitcoin

The Bitcoin Group #55 - Silk Road 2.0 Shutdown - Crypto Equity Crackdown - Lawsky Keynote World Crypto Network. Loading... Unsubscribe from World Crypto Network? Cancel Unsubscribe. Working ... 03/22/2013 Bitcoins are a currency controlled by no government, no company, and no group, but rather by maths: a series of complex cryptographic calculations... - The story of the Silk Road and how it played such a critical role in the early days of Bitcoin - How Xapo CEO Wences Casares came to play a crucial role in evangelizing Bitcoin among Silicon ... Cape Town, South Africa -- I'm hoarding hyperinflation and I'm coming in for a hard landing. -- Here are today's MadBits: Bitcoin prices are steady. near the $100 mark. With a Last of 102, a High ... Past, present and future of the finest fiber. A complete and exhaustive story realized by the CNN to share the knowledge about this fabric, from the inceptio...

#