Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Announcements (Altcoins)
Re: [ANN][DASH] Dash (dash.org) | First Self-Funding Self-Governing Crypto Currency
by
AlexGR
on 10/09/2016, 17:43:04 UTC
Quote from: DaveJones on September 10, 2016, 05:03:01 PM
Quote from: AlexGR on September 08, 2016, 06:39:15 AM
Quote from: coins101 on September 07, 2016, 06:54:29 PM
Allocate $x every month from the budget payouts to a hack the anon tech bounty.

Awards paid out to anyone that produces verified evidence.

When fixed, start the bounty again.

If hacks take 12 months, each year the bounty could build to values that would attract the best code breakers. It should become harder to break things after fixes.

You want to build up a $1m, or even $10m, bounty over time  to make a statement over security.

In theory it should not be difficult provided money incentives are there.

Kristov Atlas identified sybil attack on the mixing parties as a possible weakness when he did his review.

Back then the count of mixing parties were 2, to increase speed. But 2 is very easy to identify the other party. So mixing parties got up to 3 to fix that. But 3 is still low and can be sybil-attacked. All one has to do is run multiple sybil-mixing-parties bots, all day long, to "catch" those mixing. The cost of doing so would be in the fees paid to do all the mixing. Now, if you have this thing running all the time, at some point you'll catch someone who is mixing alone and you can pretend to be all his other mixing partners. At that point you have verifiable evidence that at least one tx got deanonymized. Your bounty prize will easily exceed the fees paid.

Sybil attacking the mixing parties is much cheaper than sybil attacking masternodes. And this needs fixing.

Now send me the bounty Grin

So why does everyone else say Dashcoin is sybil attack resistant when there are several examples where the security has been shown to be anything but, even by its own supporters?

This is another example of the Dash-Insta-Scam in action.

Most of the sybil-resistance aspect is focused on the mixing node and not the mixing party*.

The economic disincentives (price of DASH would have to skyrocket to acquire a very large portion of the masternodes) are considered ok, plus on a functional level we have the multi-round mixing that makes the probabilities insanely low. The more "real" problems begin with efficient IP and metadata obfuscation.

In terms of sybil attacking the mix-party, that's another issue. Actually it's a different thing to approach this theoretically, and different actually pulling it off. The second requires resources and money (far less than acquiring masternodes though - although if you want to be unmasking every transaction, you must be doing so much mixing that it'll be insane in terms of tx volume - and very visible).

Plus there are techniques with which the sybil mixing party cannot be certain. If you are mixing your coins with two of your wallets, then you are occupying two mixing seats while the sybil is the third. So at that moment he doesn't know with certainty who is who. He needs to occupy 2 seats to single out the third one. And he must also do it consistently over many rounds to not lose the trail - while not being interfered with a liquidity provider, etc etc. But you play a game of chance and in the end of the day you may have some verifiable transaction that got "cracked". It's possible if you have money to pay mixing fees for 24/48/72hrs.

* Cryptonote is vulnerable too in that aspect if a lot of coins are in possession of specific entities because they can unmask the real parties that are mixing. Monero for example says that Bytecoin is unsafe for mixing for this reason - as some Bytecoin stakeholders hold a lot of coins and thus when the coins are mixed, these can identify/single out the others who are mixing. After the latest pump of Monero, I'm not sure how the ownership stakes are for Monero and if these stakes present a threat to Monero mixing as well.