You are viewing a single comment's thread from:

RE: Why I think stealth, backups and sidechains shouldn't be added in BitShares

in #bitshares8 years ago (edited)

I'm a proponent of implementing simple blinded transfers first and not the current privacy-leaking stealth implementation. Then much later a better design for stealth could be implemented. But even with that approach you do bring up a very good point:

Also don’t forget about the fact that if you hide your balance you won’t be able to vote afterwards. That is quite worrying especially if you wanna hide a big amount. At least Yunbi won’t be hiding it’s balance, so it will be a big blow to how people receive funding.

This is a pretty big concern. I wish there was some way to have voting without exposing the balance that is voting. The only way I have thought of requires exposing your balance to a third-party that accumulates the votes (but is cryptographically prevented from falsifying the votes). Even then there are tricky privacy leaks that are still possible.

Perhaps it makes more sense to have the voting BTS balances be public but stored in an anonymous account that is not linked to the user's normal account. But doing that right means simple blinded transfers are not enough and a better stealth implementation is needed (decentralized on-blockchain coin mixing). So in that case perhaps it makes sense to delay blinded transfers as well until a proper stealth mechanism is designed and implemented.

Finally I wanted to add a side note on sidechains. Honestly that would be even worse than adding stealth. Doom scenario for sidechains : Bitcoins worth 2M USD are held by the Bitshares Blockchain.

Yes, that is a major and potentially devastating risk for BitShares if sidechains were implemented. But there is also great benefits from sidechains, namely that our DEX would actually be decentralized from the perspective of typical cryptocurrency traders who have no interest in smartcoins. Also, you must compare it to the current situation. Right now the trust is in, for example, OpenLedger (a single entity) to not steal the BTC reserves for OPEN.BTC. Now I think OpenLedger is trustworthy, but I think it is a valuable example to use as a point of comparison to sidechains. So instead of the majority of witnesses colluding, OpenLedger would just need to decide to steal the reserves. Instead of the majority of witnesses getting hacked, only OpenLedger would need to get hacked for a hacker to steal the reserves. Decentralization through this sidechain mechanism reduces the risk.

Of course, if the multisig is not selected as a set of trusted parties but rather a dynamic set of witnesses, then a new risk is introduced which you mentioned. That is the risk that someone might compromise the big proxies (or exchanges holding huge amounts of BTS), and use that voting power to vote in their sockpuppets as witnesses for just long enough so that the control of the reserve is handed over to them according to the sidechain protocol. This is a legitimate risk, but we need to decide if it is enough of a risk to outweigh the immense benefits of sidechains.

That said, a lot of the other features you mentioned at the end are also very valuable for BitShares. And perhaps many of them should be prioritized over sidechains.

Sort:  

The model of BitShares isn't good for privacy and people have to understand this. Voting, is far more important than hiding some balances. When we grow, we can add these features. It is like joining a startup and expecting nobody to know who you are, how big your share is and what you are doing, even people within your business/startup.

Right now, I can see a few potential solutions before we move into Stealth and not all of them are great, but are worth mentioning:
1)Split BitShares into VoteBTS and PayBTS (NXT is going to do something similar and got into a lot of trouble)
2)Add CoinJoin/CoinSuffle/Ring Signatures so that people can keep on voting (CoinJoin and Coinshuffle are worthless without huge demand for mixing)
3)Make voting anonymous

The 3rd one is really important in my opinion. If voting is anonymous, then people can use the some simple stealth address implementation, without worrying about leaking information about the fact that they are voting. The main problem at the moment is that very few people are voting and their opinions are public. So even if someone could vote with his stealth balance, that would be very problematic, in the sense that his balance and address would visible by inspecting the votes that workers/witnesses/committee are getting.

Add stealth, only and only if any of the other protocols are useless and if anonymous voting is possible and people want it. But anonymous voting has many problems itself and probably is nearly impossible to achieve.