Author Topic: GhostX: how the MN network might enable completely untraceable transactions  (Read 3586 times)

Strumpet!

  • Full Member
  • ***
  • Posts: 158
    • View Profile
Working Title: GhostX  (or maybe PheoniX?) :P

1. Sender wants to send x SPR to receiver.

2. Sender ticks 'anon tx' box and 'sends' x SPR

3. Senders wallet generates a burn address (or requests one from the MN network) and sends the funds to that, not the receiver address, and broadcasts a minting key to the MN network

4. MN network mints x SPR in next block (via a side chain?) and sends it to the receiver address. Received coins are untraceable as they are freshly minted and have no history.


Step 3 is the tricky bit. The MNs need to be able to verify the burn, then extract the receiving address and amount from the key broadcast by the client, but this process needs to be untraceable by any observer.

Maybe a multi stage, multi MN process:

1. MN1 decrypts the amount from the key and sends to MN2 or broadcasts a partially signed tx.

2. MN2 decrypts the receive address and completes the signing with the receive address.

3. MN network checks for conflicts and if all is OK x SPR is minted that block and sent to the receive address.

Or something.

Now show me all the flaws or outright impossibilities in this process. Obviously my cryptographic cake is half-baked but can something like this be made workable?

edit: as it stands this is obviously subject to timing analysis. But that may be the least of its flaws... ;D

georgem

  • Tech Admin
  • ******
  • Posts: 952
    • View Profile
Hm, so you want the miner who mines a block to become the sender of the anonymous tx someone else previously initiated?
Far out!  ;D

First of all I like that you are thinking about new names for the process, instead of just copying names from darkcoin.

BTW, we should also sooner or later start to think about another name instead of "masternodes".

My motto has always been "no ones master, no ones slave".

"Master" implies the highest form of centralization thinkable, so this is just wrong.

What other names could there be?

Second, I have a few questions.

What is a minting key?
What is the definition of a burn address? (use once and throw away?)

minerpage

  • Admin / Donator
  • ******
  • Posts: 115
    • View Profile
Call it "AfterBurner" 8)

Strumpet!

  • Full Member
  • ***
  • Posts: 158
    • View Profile
What is a minting key?
The sender need to somehow let the Mn network know who to and how much to mint to. If this could be encrypted- the minting key -  the multistage process described could use sequential MNs to break it down/pass to next random MN/eventually mint the fresh SPR for the receiver, with no one MN knowing the full story.

MN1 knows how much, signs tx, passes to MN2. MN2 knows who to, signs, passes to MN3. MN3 knows nothing, just checks for double spends etc. and finalises the signing, then broadcasts it so the receiver gets it next block.

What is the definition of a burn address? (use once and throw away?)

Address where any SPR sent get burned - provably destroyed, lost forever, gone. Address without a privkey basically, anything sent there can never again be spent.

georgem

  • Tech Admin
  • ******
  • Posts: 952
    • View Profile
Ok, now I understand.

1) Transaction must be somehow marked and communicated to the network in an untraceable way. (its amount and where it is supposed to go)
2) This transaction must then be destroyed. (because the same amount of SPR will be recreated by the miners in the next step.)
3) Miners create a block that includes your transaction amount, and the transaction is then sent to its recipient.

Interesting idea to make the miners be the "post man" for the untraceable transaction.
A reason more to put emphasis on solo miners who will serve an additional role. (The more they are the better)