DA Williamson [ARCHIVE] on Nostr: 📅 Original date posted:2021-03-16 📝 Original message:Good Afternoon, Verifiable ...
📅 Original date posted:2021-03-16
📝 Original message:Good Afternoon,
Verifiable and independantly verifiable are not the same. Independantly
scrutinable means any public can scrutinise blockchain to determine it
is honest. It does not rely on involved parties but insistently on the
data published in the blockchain. The accepted case of P2SH is also a
moot point since we are checking transactions and not where the balance
is but where it has come from. It is not further to P2SH which is not
obfuscation but is indeed publishing to then say that we only need
publicly disclose G3 which is a tangent obfuscation.
KING JAMES HRMH
Great British Empire
Regards,
The Australian
LORD HIS EXCELLENCY JAMES
HRMH (& HMRH)
of Hougun Manor & Glencoe & British Empire
MR. Damian A.
James Williamson
Wills
et al.
Willtech
www.willtech.com.au
www.go-overt.com
and other projects
earn.com/willtech
linkedin.com/in/damianwilliamson
m.
0487135719
f. +61261470192
This email does not constitute a general
advice. Please disregard this email if misdelivered.
On Tue, 2021-03-16 at 02:11 +0000, ZmnSCPxj via bitcoin-dev wrote:
> Good morning JAMES,
>
> > No-one has yet demonstrated that Conjoin or using Wasabi wallet is
> > secure if it relies on third-parties. Are the transaction not
> > forwarded partially signed as with an SPV wallet? So it is possible
> > the SPV server cannot redirect funds if dishonest? SPV wallets are
> > secure producing fully signed transactions. A ConJoin transaction
> > signs for the UTXO and forwards it to be included signed for in
> > another larger transaction with many inputs and outputs
>
> The above point was not answered, so let me answer this for
> elucidation of you and any readers.
>
> A CoinJoin transaction is a single transaction with many inputs and
> many outputs.
>
> Every input must be signed.
>
> When used to obfuscate, each input has different actual entities
> owning the coin.
>
> In order to prevent fraud, it is necessary that what total amount
> each entity puts into the transaction, that entity also gets out (in
> freshly-generated addresses, which I hope you do not object to) as an
> output.
>
> When providing its signature, each entity verifies that its provided
> address exists in some output first before signing out its input.
>
> The provided signature requires all the inputs and all the outputs to
> exist in the transaction.
> Because of this, it is not possible to take a "partial" signature for
> this transaction, then change the transaction to redirect outputs
> elsewhere --- the signature of previous participants become invalid
> for the modified transaction..
>
> Thus, the security of the CoinJoin cannot be damaged by a third
> party.
>
> Third parties involved in popular implementations of CoinJoin (such
> as the coordinator in Wasabi) are nothing more than clerical
> actuaries that take signatures of an immutable document, and any
> attempt by that clerical actuary to change the document also destroys
> any signatures of that document, making the modified document (the
> transaction) invalid.
>
> > . Also, none of those you mention is inherently a Privacy
> > Technology. Transparency is one of the key articles of value in
> > Bitcoin because it prevents fraud.
>
> The prevention of fraud simply requires that all addition is
> validatable.
> It does not require that the actual values involved are visible in
> cleartext.
>
> Various cryptographic techniques already exist which allow the
> verifiable addition of encrypted values ("homomorphisms").
> You can get 1 * G and 2 * G, add the resulting points, and compare it
> to 3 * G and see that you get the same point, yet if you did not know
> exactly what G was used, you would not know that you were checking
> the addition of 1 + 2 = 3.
> That is the basis of a large number of privacy coins.
>
> At the same time, if I wanted to *voluntarily* reveal this 1 + 2 = 3,
> I could reveal the numbers involved and the point G I used, and any
> validator (including, say, a government taxing authority) can check
> that the points recorded on the blockchain match with what I claimed.
>
> For the prevention of fraud, we should strive to be as transparent as
> *little* as possible, while allowing users to *voluntarily* reveal
> information.
>
>
> Regards,
> ZmnSCPxj
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev at lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
📝 Original message:Good Afternoon,
Verifiable and independantly verifiable are not the same. Independantly
scrutinable means any public can scrutinise blockchain to determine it
is honest. It does not rely on involved parties but insistently on the
data published in the blockchain. The accepted case of P2SH is also a
moot point since we are checking transactions and not where the balance
is but where it has come from. It is not further to P2SH which is not
obfuscation but is indeed publishing to then say that we only need
publicly disclose G3 which is a tangent obfuscation.
KING JAMES HRMH
Great British Empire
Regards,
The Australian
LORD HIS EXCELLENCY JAMES
HRMH (& HMRH)
of Hougun Manor & Glencoe & British Empire
MR. Damian A.
James Williamson
Wills
et al.
Willtech
www.willtech.com.au
www.go-overt.com
and other projects
earn.com/willtech
linkedin.com/in/damianwilliamson
m.
0487135719
f. +61261470192
This email does not constitute a general
advice. Please disregard this email if misdelivered.
On Tue, 2021-03-16 at 02:11 +0000, ZmnSCPxj via bitcoin-dev wrote:
> Good morning JAMES,
>
> > No-one has yet demonstrated that Conjoin or using Wasabi wallet is
> > secure if it relies on third-parties. Are the transaction not
> > forwarded partially signed as with an SPV wallet? So it is possible
> > the SPV server cannot redirect funds if dishonest? SPV wallets are
> > secure producing fully signed transactions. A ConJoin transaction
> > signs for the UTXO and forwards it to be included signed for in
> > another larger transaction with many inputs and outputs
>
> The above point was not answered, so let me answer this for
> elucidation of you and any readers.
>
> A CoinJoin transaction is a single transaction with many inputs and
> many outputs.
>
> Every input must be signed.
>
> When used to obfuscate, each input has different actual entities
> owning the coin.
>
> In order to prevent fraud, it is necessary that what total amount
> each entity puts into the transaction, that entity also gets out (in
> freshly-generated addresses, which I hope you do not object to) as an
> output.
>
> When providing its signature, each entity verifies that its provided
> address exists in some output first before signing out its input.
>
> The provided signature requires all the inputs and all the outputs to
> exist in the transaction.
> Because of this, it is not possible to take a "partial" signature for
> this transaction, then change the transaction to redirect outputs
> elsewhere --- the signature of previous participants become invalid
> for the modified transaction..
>
> Thus, the security of the CoinJoin cannot be damaged by a third
> party.
>
> Third parties involved in popular implementations of CoinJoin (such
> as the coordinator in Wasabi) are nothing more than clerical
> actuaries that take signatures of an immutable document, and any
> attempt by that clerical actuary to change the document also destroys
> any signatures of that document, making the modified document (the
> transaction) invalid.
>
> > . Also, none of those you mention is inherently a Privacy
> > Technology. Transparency is one of the key articles of value in
> > Bitcoin because it prevents fraud.
>
> The prevention of fraud simply requires that all addition is
> validatable.
> It does not require that the actual values involved are visible in
> cleartext.
>
> Various cryptographic techniques already exist which allow the
> verifiable addition of encrypted values ("homomorphisms").
> You can get 1 * G and 2 * G, add the resulting points, and compare it
> to 3 * G and see that you get the same point, yet if you did not know
> exactly what G was used, you would not know that you were checking
> the addition of 1 + 2 = 3.
> That is the basis of a large number of privacy coins.
>
> At the same time, if I wanted to *voluntarily* reveal this 1 + 2 = 3,
> I could reveal the numbers involved and the point G I used, and any
> validator (including, say, a government taxing authority) can check
> that the points recorded on the blockchain match with what I claimed.
>
> For the prevention of fraud, we should strive to be as transparent as
> *little* as possible, while allowing users to *voluntarily* reveal
> information.
>
>
> Regards,
> ZmnSCPxj
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev at lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev