[Discussion / poll] Does NuBits have a role as privacy enhanced digital cash?

Cashless = privacy-less
With more countries going cashless or charging high rates for cash discouraging its usage I believe it is time for Nu to consider one of the roles fiat has, namely privacy. Cash is still difficult to trace and anonymous. You can handover cash to others or organisations you wish to support without third parties (banks) having knowledge of that it came from you. This may protect you in the future when you e.g. supported organisations or persons with a political objective which became less favourable or even illegal. With a cashless society that ability ceases to exist.

Privacy on the blockchain?
A less known fact is that with the transparent blockchain, whether it is Bitcoin, Peercoin or NuBits some of the assumed privacy is not actually there. There are specialised companies out there to trace money flows in the blockchain and they can proof that a certain address highly likely belongs to you. Only those who are very aware of that and have been taking proactive time consuming and complicated measures to prevent that from happening may be able to keep their privacy on the current blockchain.

Nuā€™s role
For NuBits to be able to fully take the role of digital cash I think it should be possible for everyone to protect their privacy if they wish to do so. This should be optional, possibly for an additional fee as there are business models where you still need transparency and we shouldnā€™t take that away. Examples of existing privacy protecting blockchains in the top 20 are Dash and Monero. Monero has optional encryption, but has its own blockchain technology. Dash is based on the Bitcoin code but doesnā€™t allow transparent transactions as far as Iā€™m aware. Both are opensource and their approaches can be studied and used to implement with NuBits when desired.

I think it is an unique market we could enter. The first ā€˜realā€™ replacement for digital cash, stable value and (optional) privacy guaranteed. However there is likely a significant investment required.

Poll
I like to hear what you think which role Nu should take, please enter the poll below and post any comments you have.

  • Nu should stay away from further privacy protection. The Nu blockchain is good enough for this purpose and it can send negative marketing signals, e.g. NuBits seen as a darkcoin. People can use Dash or Monero and exchanges if they need additional protection.

  • Nu should take the privacy protecting role of cash eventually, but this is a long term strategy and not our immediate focus.

  • This is a no-brainer. Nu should take the privacy protecting role of cash as soon as possible, this should be our new focus and in the top 3 of priorities to develop. e.g. the share buy-back funds can be used for this now.

  • This is a no-brainer. However we should invest in transparent, user friendly tools provide with Nu to enable user to use e.g. the Dash and Monero blockchain (or others). Think Shapeshift integration or cross chain transactions.

  • Other, please post your comment below

0 voters

6 Likes

I think strong privacy should be the default as soon as possible. Iā€™m not sure using share buyback funds would be the right timing at this moment, but I feel the alternative I voted (long-term strategy) may be interpreted to be farther away than I desire.

With terrorist organizations seeking all means to finance themselves I donā€™t think this is a good time to make Nu a lightning rod of being more anonynous than btc.

Like this perspective. Transparency is optional and only if desired. Why would third parties need to know who you pay or receive funds from?

Terrorists will always find ways to help themselves. We didnā€™t dismiss airplanes and cars as means of transport because terrorists are using them. But I share your concerns from a marketing perspective. However providing governments with backdoors or other means to circumvent encryption or break privacy is not the way to go I believe. It is a difficult dilemma though.

Edit: A possibility might be to have decentralised network (shareholders?) retain keys for specific transactions which can only be revealed when the majority believe that transparency should prevail privacy e.g. when illegal funding is taking place. Will put a different perspective on the role of a ā€˜Shareholderā€™ though.

Indeed, I somewhat share the concern as well. We shouldnā€™t let hysteria rule, of course. Apple is at least publicly taking the appropriate stance to privacy. BlackBerry recently released a new phone called Priv, and later went saying they take a balanced approach to encryption.

Putting the mercy of privacy in the hands of shareholders or any other people than the ones making the transactions sounds like an awful idea to me, but itā€™s very good that you bring it up.

I think Bitcoin allows stealth transactions and you can see how this looks like:
https://blockchain.info/tx/6ea5c6f1a97f382f87523d13ef9f2ef17b828607107efdbba42a80b8a6555356

but from marketing perspective it is not the right time to advertise.

It has always been my plan to improve the privacy of transactions. The team had discussed this in May 2014, but it became lower priority as time moved on and we didnā€™t have the level of funding we would have preferred.

Privacy is just a necessary feature of financial transactions. Consider the NuBit transactions we use to pay contributors, or the funds any organisation uses to pay its workers. It isnā€™t healthy for everyone to be able to make guesses about what co-workers are getting paid. We ought to aim for user configurable privacy, ranging all the way from completely transparent to robustly private.

I believe the most promising solution is CryptoNote, which is used in Monero and Bytecoin. Saberhagen states in his CryptoNote whitepaper that ā€œour scheme could also be applied to Bitcoin in the futureā€. The feasibility and best methods of including CryptoNote features in Nu needs research, but it is likely practical.

Our rising market cap is beginning to give us some additional options for speeding up development. Perhaps the best way to get it done would be to bring in a CryptoNote/Monero/Bytecoin developer specifically for this purpose. That way it would add to overall development instead of distracting our precious developer resources.

6 Likes

Donā€™t like it either, but I believe it is better than having the key in the hands of governments which may be corrupted and non-transparent. Voting Shareholders would at least prove to be very clear what is happening and why. More comparable with a public Jury. It might make terrorists thinking twice of using the network while still maintaining privacy for those who need it.

Agree with that, but it does beg for a robust discussion.

Agree

I remember talking to @mably in Peercoin chat and I believe he mentioned Moneroā€™s ring signature tech had something to do with the privacy of their transactions, but that it added a lot of space to their blockchain. Maybe Iā€™m remembering wrong though. @mably can you please clarify? Iā€™m sure Jordan knows more about this than I do. I just remember this from a chat one day, so I figured Iā€™d bring it up just in case.

For the record this was initially discussed here: https://bitbucket.org/JordanLeePeershares/nubit/issues/30/implement-coinjoin-using-darkcoin-as-a
It was very different than CryptoNotes though. It was just about implementing an automated mixing protocol inside the client.

What about stealth addresses like Vertcoin has implemented?

http://vertcoin.org/wp/stealth-addresses/

DarkWallet bitcoin wallet provides working code for Stealth addresses:

https://wiki.unsystem.net/en/index.php/DarkWallet/Stealth


http://sx.dyne.org/stealth.html


With a stealth address, you ask payers to generate a unique address in
such a way that you (using some additional data which is attached to the
transaction) can deduce the corresponding private key. So although you
publish a single ā€œstealth addressā€ on your website, the block chain
sees all your incoming payments as going to separate addresses and has
no way to correlate them. (Of course, any individual payer knows their
payment went to you, and can trace how you spend it, but they donā€™t
learn anything about other peopleā€™s payments to you.)

ā€” http://bitcoin.stackexchange.com/a/29648

I havenā€™t yet understood if CryptoNote addresses that traceability.

Maybe. Such a direction of development would worry me anyhow.

I guess this is what I was talking about: https://en.wikipedia.org/wiki/CryptoNote#Blockchain_bloat_and_ring_signature_size

I might write a more elaborate reply in addition to join the discussion, but my position can be explained quite simply:

I believe thereā€™s no freedom without privacy.
I believe thereā€™s no privacy if financial transactions canā€™t be made anonymously.

As people are often not aware of the consequences of their actions, Iā€™d vote for not only having privacy for transactions, but making it the default as well.

2 Likes

Agree to a great extent with it. But how would you deal with terrorists or mental health patients in such a system? Do we not have the obligation to make life difficult or remove those people abusing and destroying the systems we think are important for our social fabric or economy? Do we accept or ignore that as part of life and that we canā€™t do anything about it because 100% privacy guarantees our freedom? Iā€™m struggling with that as the obvious solution, reducing privacy, appears to reduce freedom. But makes freedom alone life safe enough?

Exceptions and cost
Is there a middle ground or is it black and white? Our society had always a way to trace and correct people behaving badly which always comes at a cost for that same society. Iā€™m looking for an acceptable cost to privacy in order to retain maximum freedom and safety.

Therefore I would grudgingly support a system which guarantees privacy for all by default, but allows a majority of people part of that system (like a Jury) vote to specifically remove the privacy from a person in case there is strong evidence that they are abusing or destroying the system by their actions. The Jury could be the Shareholders or appointed by them. The network/blockchain would release/decrypt the specific key only when the majority votes for it. As I dislike unlimited storage of data I would also limit the ability to remove the privacy of transactions older than e.g. 12 months. The keys required can be auto destroyed by the network after a year.

Requirements
With this discussion Iā€™m trying to identify the requirements for the technology Nu needs. Whether that is Cryptonote, Coinjoin or another way to implement stealth addresses is I believe a secondary and technical discussion. Assuming Nu want to be mainstream, any choices regarding an implementation we make should appeal to the majority of the potential users of Nu, even when the importance of privacy is under scrutiny and unpopular or not well understood by many like now with the Paris attacks OR during periods of relative peace when it all appears to be not that important.

I think the blockchain and in particular Nu enables us with new possibilities, however we have to make the right choices on how to use it or it can be used against us all in adverse ways as we have seen with a number of new technologies with two faces in the past.

2 Likes

Very cool idea. Is that possible to timelimit? Struggling with understanding how the key is hidden until requested. How/when is the key generated/released?

Perhaps I must reevaluate what is possible with this technology. Iā€™ll have to think through the meaning of Nu in my zen garden. I may be getting ā€˜tooā€™ comfortable on this board. :kissing_smiling_eyes:

Concur, but[/and?] I also think we shouldnā€™t necessarily go by what the masses think. I guess Iā€™ll find out what Nu thinks. :smile:

Donā€™t have all the technology answers here, but I assumed that it would be possible to create a third private key for every transaction. That third key can be used to decrypt the transaction details only. This key would be ā€˜lockedā€™ by the network for e.g. a year and then deleted (pruned). This may prove difficult, but with a system like parking I think it should be possible to include the time mechanism coupled with voting. But maybe Iā€™m thinking too simplistic and too much conceptual.

Without trying to dive into technical aspects, I want to vote for avoiding the possibility to remove privacy from certain addresses or transactions.

Quis custodiet ipsos custodes? - Who watches the watchmen?

is the motto of this post.

I agree that itā€™s unfortunate to face situations in which evil people profit from the privacy created by transferring value in a future version of Nu that protects privacy.
I think itā€™s a burden to realize that money laundering and funding illegal activities can be made by transferring NBT.

But itā€™s also a burden to decide which address or which transaction is rightfully removed from the protection.
Do NSR holders want to decide? Base on what evidence? Shall governments be allowed to request that? On what way (I mean, they canā€™t just send a judicial decree)? How to verify the authenticity of such a request?
And even if it were authentic: the same governments Nu wants to ā€œunburdenā€ from responsibility could trigger the process, seriously?
What crimes and what evidence are required to disguise people?
Does Nu need to monitor and investigate international criminal activities to make sure they donā€™t reveal the wrong people?
How easy will NSR holders fall victim to propaganda?

And even if NSR holders were 100% reliable (which they arenā€™t): governments could just buy sufficient shares to remove privacy protection from all addresses and transactions they want.

While it would be an economical paradise for NSR holders to have a government desperately buy enough NSR to uncloak people, it would undermine an ideological paradigm of Nu: to help making the world a better place.
Nu fails if it doesnā€™t stay reliable and trustworthy.
Removing privacy later poses attack vectors which must be avoided. If Nu is going to offer privacy it should be unconditional after it was applied.
Providing the option to have no privacy protection by user choice is a different topic.

Under no circumstance Iā€™d approve removal of privacy by Nu or any other instance.
NBT and future products are only a tool. They will be used to do bad things. But itā€™s not in control of Nu and not in the responsibility of Nu.
Should a vendor of kitchen knives be held responsible for people being stabbed with them?

Fiat can be used to fund evil things as well. Fiat canā€™t be traced - at least not that Iā€™m aware of it. If people doing bad things with fiat, itā€™s the people that need to be target of surveillance, not the fiat.

Would you want to have backdoors included in each cryptographic solution? You can be sure that cryptography is used by bad guys.
Thatā€™s the price you have to pay for freedom.
Life isnā€™t safe.
ā€œThose who would give up Essential Liberty, to purchase a little Temporary safety, deserve neither Liberty nor Safety.ā€

6 Likes

Iā€™ll be happy with any solution that does not reveal who sent or received coins and how much was sent, but Iā€™m strongly against advertising this. We are not ready yet to survive targeted government attack. Even Bitcoin is not ready enough.

1 Like