Monero should learn from payment channels and DERO's account-based model.
DERO's account-based model will lean toward total 100% pruning of transaction history. Thus, storage scalability is a lot better with DERO than with most other cryptocurrencies that depend on UTXOs.
In terms of storage savings, this is better than even mimblewimble.
The fact that DERO is account-based means it's not possible to trace UTXOs. At least, some of monero's UTXOs can be traced through EAE attack and various other means.
Even with payment channels, on-chain transactions are going to be needed. Given enough time, without 100% pruning, blockchain is going to grow infinitely. I don't want to worry about infinite growth of blockchain. Earth is not infinite. We can't have infinite storage. NANO's block lettuce is close to solving the problem of infinite growth of blockchain, but account-based model solves the storage problem definitely. I want a private censorship-free payment system that works for ever. The scalability of such a system must be practically limitless.
Account-based system also enables instant wallet syncing because you only need to query the latest block.
I'm grateful that monero has brought us far and will continue to help people avoid censorship and protect privacy for the foreseeable future, but account-based model and payment channels can enable infinite scalability far beyond VISA's processing capacity of several thousand TPS without having to worry about storage capacity.
Dero's account based model has significant drawbacks.
-
Monero uses stealth addresses to for recipients, which are indistinguishable. Dero uses a ring, so it's 1/16.
-
Much greater statistical analysis via long term data accumulation and interaction frequency.
You can't trace UTXOs under Dero because there aren't UTXOs. You absolutely can still perform statistical analysis on it and it's a much greater issue than it is for Monero. Saying it's not possible is either misinformed or malicious (as it's using a technicality).
As for Monero's future, I point to Seraphis which is a modular protocol intended to be flexible and comprehensive, immediately I point to Grootle proofs (Groth + Bootle) for rings up to 128, and in the long-term, SNARKs.
You absolutely can still perform statistical analysis on it and it's a much greater issue than it is for Monero.
boots up R
lol.. eager to see results
You absolutely can still perform statistical analysis on it and it's a much greater issue than it is for Monero
I guess that if you are running a node that has access to mem pool, maybe you are right.
But, in theory, an account-based blockchain doesn't require storing any history. I mean if there is no history, you cannot trace anything.
If I wanted to design a private account-based cryptocurrency, I may consider forceful erasure of transaction history after a week or two and encryption of transaction history(?).
Being able to erase 100% of transaction history has the advantage of allowing many trillions of on-chain transactions without increasing the blockchain size. While monero serves us now, I don't want to think about monero blockchain size after centuries. We can't assume infinite storage. We should definitely explore account-based privacy cryptocurrency systems while we still have time.
I think a practically untraceable account-based privacy cryptocurrency is possible.
I merely used DERO as a conceptual example.
Anyone can simply save the history. There's no gun to your head to delete it and no computational way to truly force erasure. Besides, if the history was erased, it'd no longer be verifiable, breaking the "cryptography" part of "cryptocurrency"
Yeah, imagine a bank that is throwing away all journal entries and tells everybody "All our balances are correct, we swear".
Some people fret about possibly catastrophic hidden inflation bugs because of Monero's opaque blockchain, and other people are ready to throw away transactions altogether because accounts, plus summing to accounts hidden from view.
DERO is a cryptocurrency based on concensus, not a private bank.
A bank would modify history of an account at whims. Didn't you hear about bank bail-in which is a fancy name for taking money from customers? You don't trust banks just because they keep transaction history.
https://grin.mw/ says
Mimblewimble leverages cryptography to allow past transaction data to be removed with no compromise on security. This avoids Grin collapsing under the weight of data having to be kept on chain.
mimblewimble uses mathematics to prove that account balances are correct after history erasure. The same can be said for account-based cryptocurrencies that can delete history.
The key idea is to delete history while keeping privacy. You can build payment channels on top of it to increase TPS. People can achieve this in any way. Mimblewimble and encrypted account-based cryptocurrencies are just specific examples.
I don't think you understood my main argument. It's about the possible presence, however unlikely, of bugs or exploits in the cryptographic constructs of a coin itself.
I don't understand how on the one hand some people can fear such bugs and exploits in Monero because things in the blockchain are hidden, and on the other hand maybe the same people being cool with throwing away transactions and in the case of a bug or exploit be never again able to even see what happened.
I am not one of the people you described. Don't clump me with other people.
Progress is possible. I think there can be a way to verify the total current supply of a coin that deletes history. This seems more feasible than expecting infinite storage on finite earth.
This may or may not be possible, but if you think something is impossible even before trying, you can't make it happen. Many people used to think men could not fly. If everyone thought men could not fly, they would not have tried inventing airplanes.
There can be bugs, but if you don't try new ideas despite fear, you can't make progress. So, my ideas can serve as a basis for a new cryptocurrency. I can fear bugs, but we need courage to take action despite fear. Fear is the lowest possible place to take actions from.
You are right that forceful erasure of history is not possible. But, it still saves space.
By the way, mimblewimble also can delete history. Thus, the same can be said about tari and BEAM and GRIN and litecoin which recently adopted mimblewimble. It's possible to delete history while retaining mathematical proofs that account balances are correct. If it wasn't possible to retain such proofs, history erasure wouldn't be attempted.
MimbleWimble doesn't offer mathematical proofs that the current data is accurate. It offers mathematical proofs that some blob of transactions doesn't have more outputs than it does inputs. That says nothing about if the TXs in it should be or shouldn't be. Verifying that blob is the actual blob still requires verifying the full transitions which requires verifying the full chain.
Monero should learn from payment channels and DERO's account-based model.
Ok, we're eager to learn. Just give the link to technical specs and/or papers that describe how it all works because I couldn't find them.
Woah now hold on there. That's asking alot isn't it? OP was nice enough to drop a hit-and-run in our suggestion box, and now it's up to us to perform. OP already did the real genius by thinking of something no one here ever thought of. The rest is just boring details that even the casual hobbyist could probably do from scratch in a few days.
I tried using DERO once and it wasn’t anything impressive, does it have smart contracts capabilities yet or is it still just “soon”?
Best I could find on technical specs is: https://github.com/deroproject/derohe#dero-he-features
No papers explaining "how it all works" though.. guess one gotta read the code there.
Some of the technical specs do sound very promising though... like instant transactions, no block scanning / instant balance lookup, 66 bytes per account, no matter how many transactions (200 GB for 1bn accounts), no trusted setup,...
If I where you I would read up on gnomon and gravaton db. Two very advanced technologies for on chain client based search engine and innovative database management.
Then play with there alpha engram wallet. It has one click mining. Very noob friendly
Also trie to make friends with high level cryptographurs and have them look at the code
> this is better than even mimblewimble.
I couldn't find any documentation about that on docs.dero.io other than some unproven claims.
I did see plenty of mistakes like
> Cryptonight Hash: This is memory-bound algorithm. This provides assurance that all miners are equal. ( No miner has any advantage over common miners).
Only ASIC miners are equal to each other.
> Pederson Commitment: (Part of ring confidential transactions): Pederson commitment algorithm
They're called Pedersen commitments.
some unproven claims
This is off-topic and not really constructive. If you want to make a point, be on topic. The topic is infinite scalability and privacy.
I did see plenty of mistakes like
Again, this is off-topic and is about errors in documentation. Everybody makes mistakes when they write.
All cryptocurrencies including DERO have flaws. I can point out various flaws in every cryptocurrency including monero and bitcoin. This post was not written to make people fight over which cryptocurrency is better because no cryptocurrency is really good enough at this point. We need to either revamp existing cryptocurrencies or create a better one.
The point is that encrypted account-based model is a step in the right direction. If encrypted account-based model is combined with a layer 2 solution like payment channel, we can have infinite scalability and privacy without storage issues and long wallet sync time.
My aim is to explore infinite scalability and privacy.
This post should provide an idea for a new better cryptocurrency.
some unproven claims
This is off-topic and not really constructive.
Where is the better-than-MW scaling documented and convincingly demonstrated? Until you can provide those, it is an unproven claim.
With Dero, I don't think we should point out trivial errors as deal breakers, yet the lack of documentation to the flat-out misleading claims which I'd personally call false advertising. This, combined with their lack of willingness to discuss their work unless it's with blind adoration, and their lack of innovation, makes me have no interest in working with it.
*I got banned in <5 minutes for joining and trying to clarify a few points.
**Their current privacy protocol is a design called Zepher IIRC. While they may have some novel optimizations, nothing seemed revolutionary and those optimizations are not documented. Their cryptography is also incredibly disorganized, from my review of it, where the code can't practically serve as the documentation. There's also a lack of review and... it goes on and on :/
Yo, that's just cryptography by obfuscation. It's as good as you it gets :p
I didn't go deep into DERO. I merely understood DERO at conceptual level.
DERO may be a poorly documented blackbox, but the concepts were understood by me.
I think the ideas are right. In theory, A cryptocurrency that has only encrypted account balances can prune 100% of all transaction history because it doesn't rely on UTXOs. It merely relies on adding to and subtracting from encrypted account balance. Dero uses additive homomorphic encryption(used for addition & subtraction on account balance) rather than full homomorphic encryption. Being able to prune 100% of transaction history without sacrificing privacy should be a huge win for saving storage space if such a thing exists.
Payment channels can increase transactions per second, but current iterations of payment channels cannot just route large sums of money. That's a big issue.
I'd like to see a simple cryptocurrency that has only encrypted account balances and uses additive homomorphic encryption to add to or subtract from account balance. Then, we can try implementing payment channels on top of it. I guess DERO is trying to do too much too fast without documenting much in the process.
I find DERO a pretty fascinating case. It looks absolutely fantastic. I had a look and tried to find out whether the thing is as fantastic as it looks but did not get very far. One, because as others already said much about the "true meat" is not documented, and two because my knowledge about cryptography is severly limited.
But I know about what is called "proof by contradiction". DERO is here, everybody can have a look, even try it out themselves without problem, for many months already.
Imagine it was a sensation, and worked fantastically. Sooner or later, maybe rather sooner than later, somebody in the know and with authority would recognize what shiny pearl we have there in the form of DERO, would report with being able to argue convincingly, the cat would be out of the bag, and DERO could start its long march to victory and leave many other, definitely less fantastic coins in the dust.
That does not happen.
I have to assume, using proof by contradiction, that DERO is not fantastic.
That logic works until it dosnt🙃 By that logic luna would have been proven pearl Then months later proven not fantastic.
But the whole time it was just a dushe p&d. Better to do actual research. Don't trust authorities unless you want to be like Celsius or lunc bag holders.
Crypto is a nacent space. Absolutely no room for gambling. Talk to dero devs. Ask questions. Find dero fudsters get there arguments down till you can repeat em back and then cross examine.
I found dero to be a bit hostile when I started but I listened to fudsters and asked questions for a year. I still cannot verify HE code but I can still understand there arguments and the opposition has shown that they have been lazy and have weaker arguments that don't stand up to screwtney. I went back and read nearly every single captain dero post and he seems to be upstanding and internally consistent -- a true builder that makes what he wants and dosnt give a crap about what people think. He's building it for those who feel ideologically the same.
I dont like that monero kicked thankful_for_today, its creator out. I read all his posts also. He seemed to be a good guy, a thankful and giving guy who was excited to creste. Bad look for the other xmr guys. I actually suspect TFT and CaptainDero are the same person now.
Highly likely that the REAL monero creator continued his vision like he said he would.
Ask yourself how the fuck else did he write the only other original cryptonote implementation in 3 months, in a different language? Answer: he didn't He wrote it a long time ago, under a different penname.
CaptainDero ... a true builder that makes what he wants and dosnt give a crap about what people think
Contrast this with:
Crypto is a nacent space
Something like the lone warrior dev, walking tall and walking alone, right? As a dev, I have all alarms going off loudly when I hear something like this. Crypto is so wild, so complicated, so multi-faceted, that such a single warrior dev simply can't do it alone. Recipe for desaster, IMHO. Not immediately of course, but certainly in the long run.
Comment deleted by user
Well spoken, but it's not about community building. It's about seeing and understanding the capabilities. People like the Seraphis creator UkoeHB or u/kayabanerve had already ample time to have a look, after getting curious one way or another, then slap their forehead, mumble "Genius! We must copy this as soon as possible" and then report back.
Did Dero ever release the source code which can be reproducibly built for their launch binaries? Because I thought that they never released that. Which for a coin with hidden amounts, leave a gaping hole for the potential of a hidden inflation bug.
One thing I know they did, was to incorporate Bulletproofs before the formal audit was complete, which is a wildly irresponsible thing to do. Especially when no one is using your chain anyways and waiting a few months will have practically no negative effect on the project.
EDIT:
So someone from apparently the official Dero channels answered my question: u/kryptoid . They said that yes the source is released, even for that first year when it was previously closed source, and yes it has been reproducibly built.
But now both of their comments are deleted. So I don't really know what to make of that. Kinda odd. Was that our mods, or was that kryptoid? Our mods almost never delete comments like that.
The user probably blocked you, since I can still see their comments.
Comment deleted by user
The rift between the few honest/reasonable communities, and the intentionally exclusionary scammy echo chambers, seems to continually grow wider. The fact that this person just blocked me for asking a basic question, is so petty and ridiculous. That they're apparently a leader for Dero tells me everything I need to know about their project. That's not how we behave here in Monero, at all. We might duke it out from time to time, but people are basically free to speak their mind.
That Seth thread is weak low effort fud. You look closely.
When I challenged him on his central claim that Dero was lying about having homomorphic encryption.
-When challenged he admitted he had no capability to evaluate and make such a claim, but then just went on "but I just don't believe it" or some baseless crap.
I had respected and followed Seth up to this point.
His only other source was the dev of firo who also couldn't understand the code. So sure no positive confirmation but Seth was acting like an argument from ignorance is proof dero is a scam.
Just as likely is that the code is just above them. If its doing all it claims then it's no surprise that it would be Leaps and bound more advanced. It's all original code after all. No fork copy pasta.
Both firo and monero are forks after all.
Ya they did about 4 years ago. Also, doesn't use cryptonote anymore.
Are you sure? I just want to make sure that you're answering the same question I'm asking. Here's my understanding:
The first year was closed source.
The second year, they published their source code but only for the new version of the node/wallet, not for that prior year.
I was under the impression that first year of the node/wallet implementation remained closed, and only available as a binary. There was some controversy over the fact that they wouldn't publish it.
What is your understanding of all that? Did they actually open up that first year of code? Have people run a reproducible build off that source for the original implementation under which the project was launched?
Yes and yes.
Comment deleted by user
Comment deleted by user
You're joking right? Anyone can build from that repo, no binaries required.
Comment deleted by user
Oh, so it doesn't mean being able to build from source? Educate me, sensei
This again... for the last 2 years ever month or so I have to listen to some dude explaining why DERO is sooooo much better than Monero and it will 100% take over the world. Frankly, it's beyond laughable now, it's just annoying. Until I see Dero being used on some DNM I will call BS on takes like these:
https://twitter.com/sethforprivacy/status/1517141762011140096
