Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Announcements (Altcoins)
Re: [ANN] AEON 2nd gen cryptonote, anon, mobile-friendly, scalable, pruning
by
phoenix rises
on 06/02/2017, 14:46:04 UTC
Quote from: smooth on February 06, 2017, 04:21:23 AM
Quote from: phoenix rises on February 05, 2017, 06:01:30 PM
Quote from: smooth on January 11, 2017, 07:34:24 AM

... the AEON approach of allowing limited use of 0 mix and non-RingCT transactions would allow things like pool payouts where both tracing and hiding amounts is largely pointless (the blocks mined by the pool is generally public anyway, as are the payout transactions) to be done with lower cost. Or at least, they would bid for access to the quota of 0-mix transactions. My guess is that those slots would be most valuable to pools for cheap payouts, but I don't know. The market will sort it out.

I don't see RingCT or required mixing being a problem here at all. People who don't need it can opt out, as long as is kept under control and doesn't compromise the privacy of the chain as a whole...


Hey Smooth, is there somewhere I can read more about what the AEON approach is concerning allowing a limited number of 0 mix and non RCT tx's without compromising the overall privacy of the chain as a whole?
Obviously including a 0 mix input into a >1 mix reduces privacy at the most basic level. Is there already/will there be an algo that is used to regulate this ?

Thanks

There are two methods planned, one of which is already implemented in the current release. The first (already implemented) is that the number of 0-mix (also currently 1-mix, but maybe those should be prohibited altogether) transactions is limited to a maximum of one per block. Given growth in usage that will be a small minority of the total number of transactions, which results, statistically, in the chain as a whole is being protected any sort of chain reaction attacks.

The second method allowing a different pathway for smaller and lower-cost transactions is planned for an upcoming upgrade but has not been disclosed yet.

I am not an expert, but it intuitively makes sense to me that if we allow some 0-mix txs then abolishing 1-mix would significantly reduce the impact they could have on privacy. Realistically though I think we are just talking about the possibility of one of the inputs in a tx being indentifiable as 'real' in a limited number of txs right? (ie where a 1-mix tx had a 0-mix as an input for one of the amounts).
Perhaps instead of abolishing 1-mix txs, we could prevent the use of 0-mix inputs for them. Is that feasible?
If my understanding is right, for 1-mix tx, you would have to be have every input paired with a 0-mix input for to reveal the whole tx, which would be a low probability event, but possible (I am working on the assumption that ring inputs are selected simply by matching amounts and not looking at other parameters, such as mix - please correct me if this is wrong, I am keen to learn and help)

I look forward to the details of the second method in due course Wink

On a seperate note will Kovri/I2P be implemented in Aeon when it is complete in Monero? I am assuming that it is equally vulnerable to IP snooping.