Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Altcoin Discussion
Re: The Pros and Cons to Cloakcoin and Darkcoin, lets discuss them.
by
synechist
on 31/07/2014, 17:20:44 UTC
Quote from: illodin on July 31, 2014, 05:11:06 PM
Quote from: synechist on July 31, 2014, 03:21:09 PM
Quote from: illodin on July 31, 2014, 02:57:40 PM
Quote from: PowderMonkey on July 31, 2014, 02:46:48 PM
Quote from: illodin
The goal when ddos'ing nodes is to first set up many nodes yourself, then ddos the other nodes, so you can then have a control of big enough percentage of the nodes so you can spy the transactions with good enough success.

Again, since transactions are fragmented into small pieces and then sent through the network, this attack would not be effective.  The attacker could try to spy the network, but the truth of the matter is that the remaining good nodes are still going to end up handling the transactions, however few they may be.  But again, since every single wallet is a node, I just don't see this attack being feasible.

How can you tell which nodes are good and which nodes are spying? You can't.

You can't spy productively on XC nodes because private transactions are fragmented and because every node forwards them trustless. This creates a scenario where there's no telling if the sender/recipient of a fragment is the original sender or final recipient, and there's no telling whether the amount sent is the whole amount.

Furthermore since fragments can be sent, even non-private transactions become "private" in this respect, since the amount sent could be a fragment, and so a spy has no grounds to assert that the amount sent/received is the total amount, or that the sender/recipient is the original sender/final recipient.

If the attacker is controlling nodes A and B, and they both receive fragments (= XC encrypted messages?) from the same IP at the same time, he knows that is the IP of the sender, not another node forwarding fragments. And if the attacker is controlling all nodes in a path starting from A or B, he knows the sending and receiving addresses. Or is this totally wrong?

Hmm... let's say that an attacker controlling two nodes receives fragments from a single other node at the same time:

- the node's IP will be concealed due to it being either on TOR or something proprietary which I can't reveal yet. (TOR is current - the XC TOR Stick is releasing on Thur next week; it's its own OS, runs as a TOR node, and does payments and XChat. However in future there are other, even more secure plans...)

- the node will be identifiable as the sender of the fragments

- the node will not be identifiable as the originator of the payment that the fragments partly comprise

- the node will not be identifiable as the sender of the payment

- if it's a message rather than a private payment, it's not forwarded but sent directly to the recipient and encrypted from end to end, so to snoop on it you'd need to decrypt it (which is computationally infeasible).

- even if attacker nodes happen to receive all the fragments of a transaction, there will be no way to know that this is the case, and so the amount sent will not be ascertainable.