From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1UcnAs-0006LS-4Q for bitcoin-development@lists.sourceforge.net; Thu, 16 May 2013 01:40:06 +0000 Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.217.179 as permitted sender) client-ip=209.85.217.179; envelope-from=gmaxwell@gmail.com; helo=mail-lb0-f179.google.com; Received: from mail-lb0-f179.google.com ([209.85.217.179]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1UcnAr-0008OI-EW for bitcoin-development@lists.sourceforge.net; Thu, 16 May 2013 01:40:06 +0000 Received: by mail-lb0-f179.google.com with SMTP id d10so2578402lbj.38 for ; Wed, 15 May 2013 18:39:58 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.112.185.67 with SMTP id fa3mr15100733lbc.118.1368668398697; Wed, 15 May 2013 18:39:58 -0700 (PDT) Received: by 10.112.71.97 with HTTP; Wed, 15 May 2013 18:39:58 -0700 (PDT) In-Reply-To: References: <20130514115151.GA21600@netbook.cypherspace.org> <20130514140902.GA22447@netbook.cypherspace.org> <20130515102509.GA3401@netbook.cypherspace.org> <20130515111906.GA26020@savin> <20130515114956.GA5863@netbook.cypherspace.org> <5193825B.20909@lavabit.com> <20130515162129.GB6156@netbook.cypherspace.org> <20130515234030.GA17920@netbook.cypherspace.org> Date: Wed, 15 May 2013 18:39:58 -0700 Message-ID: From: Gregory Maxwell To: Gavin Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -1.6 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (gmaxwell[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1UcnAr-0008OI-EW Cc: "bitcoin-development@lists.sourceforge.net" Subject: Re: [Bitcoin-development] blind symmetric commitment for stronger byzantine voting resilience (Re: bitcoin taint & unilateral revocability) X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 May 2013 01:40:06 -0000 On Wed, May 15, 2013 at 6:24 PM, Gavin wrote: > Busy with pre-conference stuff, not following details of this conversatio= n... > > ... but it sounds a lot like the "guy fawkes" protocol Zooko was thinking= about a year or so ago. Sort of, but in a guy fawkes signature you use the commitment to hide the preimage that proves you had authority to spend a coin. Adam proposes you do this in order to hide _which coin you're spending_. This has obvious anti-DOS complications, but Adam deftly dodged my initial attempts to shoot him down on these grounds by pointing out that you could mix blinded and blinded inputs and have priority and transaction fees come from only the unblinded ones. Effectively, it means that so long as you could convince the network to let you spend some coins, you could also spend other ones along for the ride and the network wouldn't know which ones those were until it was too late for it to pretend it never saw them. I think there are all kinds of weird economic implications to this=E2=80=94= a blinded payment would seem to have a different utility level to an unblinded one: you can't use it for fees=E2=80=94 except you can unblind it= at any time. And the discontinuousness ("two types of inputs") and that it would enable mining gibberish (though perhaps not data storage, if you see my preimage solution to that) seems awkward and I think I have to spend some time internalizing it before I can really think through the implications.