Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <mh.in.england@gmail.com>) id 1UcnqM-0002qc-5R
for bitcoin-development@lists.sourceforge.net;
Thu, 16 May 2013 02:22:58 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.219.45 as permitted sender)
client-ip=209.85.219.45; envelope-from=mh.in.england@gmail.com;
helo=mail-oa0-f45.google.com;
Received: from mail-oa0-f45.google.com ([209.85.219.45])
by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1UcnqK-0001js-Sc
for bitcoin-development@lists.sourceforge.net;
Thu, 16 May 2013 02:22:57 +0000
Received: by mail-oa0-f45.google.com with SMTP id j6so3134743oag.18
for <bitcoin-development@lists.sourceforge.net>;
Wed, 15 May 2013 19:22:51 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.182.240.136 with SMTP id wa8mr19191607obc.2.1368670971434;
Wed, 15 May 2013 19:22:51 -0700 (PDT)
Sender: mh.in.england@gmail.com
Received: by 10.76.162.230 with HTTP; Wed, 15 May 2013 19:22:51 -0700 (PDT)
In-Reply-To: <CAAS2fgQP6mFb0izQxZcBwqBWdxKUiAy1sG23ScAZ+tEMvGU0WQ@mail.gmail.com>
References: <20130514115151.GA21600@netbook.cypherspace.org>
<20130514140902.GA22447@netbook.cypherspace.org>
<20130515102509.GA3401@netbook.cypherspace.org>
<20130515111906.GA26020@savin>
<20130515114956.GA5863@netbook.cypherspace.org>
<5193825B.20909@lavabit.com>
<20130515162129.GB6156@netbook.cypherspace.org>
<20130515234030.GA17920@netbook.cypherspace.org>
<BF1C6C71-9EE5-4A2F-8B73-3E8F934A7CAE@gmail.com>
<CAAS2fgQP6mFb0izQxZcBwqBWdxKUiAy1sG23ScAZ+tEMvGU0WQ@mail.gmail.com>
Date: Wed, 15 May 2013 19:22:51 -0700
X-Google-Sender-Auth: WycmANa9buLooiy1X2aW9WejvU4
Message-ID: <CANEZrP2dFi-3nZhYpaA9RfJ8N2e-GQ_YQtKMdnFfPx-9YLU6MA@mail.gmail.com>
From: Mike Hearn <mike@plan99.net>
To: Gregory Maxwell <gmaxwell@gmail.com>
Content-Type: multipart/alternative; boundary=089e01634f0e1121a404dccc8b45
X-Spam-Score: -0.5 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(mh.in.england[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1UcnqK-0001js-Sc
Cc: "bitcoin-development@lists.sourceforge.net"
<bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] blind symmetric commitment for stronger
byzantine voting resilience (Re: bitcoin taint & unilateral revocability)
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Thu, 16 May 2013 02:22:58 -0000
--089e01634f0e1121a404dccc8b45
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Conceptually it sounds a lot like ZeroCoin (not in implementation)?
I'm not really convinced miner cartels that try to exclude transactions are
likely to be a big deal, but such schemes could I suppose be kept in a back
pocket in case one day I'm proven wrong.
On Wed, May 15, 2013 at 6:39 PM, Gregory Maxwell <gmaxwell@gmail.com> wrote=
:
> On Wed, May 15, 2013 at 6:24 PM, Gavin <gavinandresen@gmail.com> wrote:
> > Busy with pre-conference stuff, not following details of this
> conversation...
> >
> > ... but it sounds a lot like the "guy fawkes" protocol Zooko was
> thinking about a year or so ago.
>
> Sort of, but in a guy fawkes signature you use the commitment to hide
> the preimage that proves you had authority to spend a coin. Adam
> proposes you do this in order to hide _which coin you're spending_.
>
> This has obvious anti-DOS complications, but Adam deftly dodged my
> initial attempts to shoot him down on these grounds by pointing out
> that you could mix blinded and blinded inputs and have priority and
> transaction fees come from only the unblinded ones.
>
> Effectively, it means that so long as you could convince the network
> to let you spend some coins, you could also spend other ones along for
> the ride and the network wouldn't know which ones those were until it
> was too late for it to pretend it never saw them.
>
> I think there are all kinds of weird economic implications to this=E2=80=
=94 a
> blinded payment would seem to have a different utility level to an
> unblinded one: you can't use it for fees=E2=80=94 except you can unblind =
it at
> any time. And the discontinuousness ("two types of inputs") and that
> it would enable mining gibberish (though perhaps not data storage, if
> you see my preimage solution to that) seems awkward and I think I have
> to spend some time internalizing it before I can really think through
> the implications.
>
>
> -------------------------------------------------------------------------=
-----
> AlienVault Unified Security Management (USM) platform delivers complete
> security visibility with the essential security capabilities. Easily and
> efficiently configure, manage, and operate all of your security controls
> from a single console and one unified framework. Download a free trial.
> http://p.sf.net/sfu/alienvault_d2d
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
--089e01634f0e1121a404dccc8b45
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr">Conceptually it sounds a lot like ZeroCoin (not in impleme=
ntation)?<div><br></div><div>I'm not really convinced miner cartels tha=
t try to exclude transactions are likely to be a big deal, but such schemes=
could I suppose be kept in a back pocket in case one day I'm proven wr=
ong.</div>
</div><div class=3D"gmail_extra"><br><br><div class=3D"gmail_quote">On Wed,=
May 15, 2013 at 6:39 PM, Gregory Maxwell <span dir=3D"ltr"><<a href=3D"=
mailto:gmaxwell@gmail.com" target=3D"_blank">gmaxwell@gmail.com</a>></sp=
an> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div class=3D"im">On Wed, May 15, 2013 at 6:=
24 PM, Gavin <<a href=3D"mailto:gavinandresen@gmail.com">gavinandresen@g=
mail.com</a>> wrote:<br>
> Busy with pre-conference stuff, not following details of this conversa=
tion...<br>
><br>
> ... but it sounds a lot like the "guy fawkes" protocol Zooko=
was thinking about a year or so ago.<br>
<br>
</div>Sort of, but in a guy fawkes signature you use the commitment to hide=
<br>
the preimage that proves you had authority to spend a coin. =C2=A0 Adam<br>
proposes you do this in order to hide _which coin you're spending_.<br>
<br>
This has obvious anti-DOS complications, but Adam deftly dodged my<br>
initial attempts to shoot him down on these grounds by pointing out<br>
that you could mix blinded and blinded inputs and have priority and<br>
transaction fees come from only the unblinded ones.<br>
<br>
Effectively, =C2=A0it means that so long as you could convince the network<=
br>
to let you spend some coins, you could also spend other ones along for<br>
the ride and the network wouldn't know which ones those were until it<b=
r>
was too late for it to pretend it never saw them.<br>
<br>
I think there are all kinds of weird economic implications to this=E2=80=94=
a<br>
blinded payment would seem to have a different utility level to an<br>
unblinded one: you can't use it for fees=E2=80=94 except you can unblin=
d it at<br>
any time. =C2=A0And the discontinuousness =C2=A0("two types of inputs&=
quot;) and that<br>
it would enable mining gibberish (though perhaps not data storage, if<br>
you see my preimage solution to that) seems awkward and I think I have<br>
to spend some time internalizing it before I can really think through<br>
the implications.<br>
<div class=3D"HOEnZb"><div class=3D"h5"><br>
---------------------------------------------------------------------------=
---<br>
AlienVault Unified Security Management (USM) platform delivers complete<br>
security visibility with the essential security capabilities. Easily and<br=
>
efficiently configure, manage, and operate all of your security controls<br=
>
from a single console and one unified framework. Download a free trial.<br>
<a href=3D"http://p.sf.net/sfu/alienvault_d2d" target=3D"_blank">http://p.s=
f.net/sfu/alienvault_d2d</a><br>
_______________________________________________<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo=
pment@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
</div></div></blockquote></div><br></div>
--089e01634f0e1121a404dccc8b45--