(Whitepaper) "ShadowCash: Zeroknowledge Anonymous Distributed ECash via Traceable Ring Signatures"

Ben 2014-12-16 21:08:29 UTC #1

Abstract - We introduce Shadowcash, an anonymous cryptographic transaction protocol: Anonymous transactions are implemented using traceable ring signatures, which utilise a noninteractive zero knowledge proof.

Excoin 2014-12-16 21:11:41 UTC #2

We just added their coin to our exchange after pushing them to make more of it open source. The code is interesting. It will be interesting to see if it works as expected.

Chronos 2014-12-16 21:14:49 UTC #3

Be careful when adding coins with new tech that haven’t been vetted. For example, if a coin has a defect that allows double-spends, and this one might, your exchange could be attacked as follows:

Deposit large amount of vulnerable coin
Trade it for another coin like BTC
Withdraw the BTC
Activate the vulnerability to roll back the deposit

This leaves your exchange without the BTC, and nothing to show for it.

Excoin 2014-12-16 21:18:07 UTC #4

We are very careful about the coins we add, we requested to see the source code before adding it. The reason they released so much was because we kept requesting more.

After our review we believe the code will work.

We are aware of the risks involved, it would only affect people trading for SDC. We assume they understand the risk of the SDC anonymous system failing before trading.

I appreciate the feedback regardless, if anything it may make others aware of the risks.

Chronos 2014-12-16 21:20:52 UTC #5

But would my outlined attack above affect the exchange directly?

Excoin 2014-12-16 21:27:19 UTC #6

If for example SDC was vulnerable to a double spending bug, the attacker could only sell for BTC. So the attacker could clear the order book and remove that BTC amount that was on the SDC from the exchange.

If the attacker rolled back their deposit, only our SDC would be insolvent. If a user used our exchange and did not participate in the SDC exchange they should not be at risk.

But if I’m missing something please clarify, I appreciate the input.

Chronos 2014-12-16 21:36:14 UTC #7

You’re on the right track. It sounds like you would plan to seize users’ SDC if you are attacked. I guess that’s one option, but I was thinking that the exchange would pay for damages, and instead of taking the SDC from users who were not involved in the attack. Either way, it would be pretty bad for reputation. This sort of thing has happened to other exchanges with other coins.

Sounds like you’ve done your research on the source code for this coin. Good thinking.

Chronos 2014-12-16 21:43:16 UTC #8

Zeroknowledge proofs are big. Does anyone know the size of the SDC blockchain so far?

Excoin 2014-12-16 21:43:28 UTC #9

Our developers are in different time zones, so we have decided to try to have someone watching the logs and watching the news at all times over the next few days to react immediately in case there is an issue.

If there was an attack, it would likely be staged on Bittrex since their volume is much greater. If they did attack our users we would cover much as their loses as we could afford.

We did code review and we believe it is safe, but only time will tell.