Telepod volume
One-Eyed Willie keeps most of his treasure in cold storage, safe behind a complex series of traps and puzzles in his favourite cave. For satisfying the needs of day-to-day trading, he requires a number of maps ready to go. As well as ensuring a ready supply of unit hoards (consisting of a single gold coin) buried and ready to go, he maintains a running total of larger-denomination chests and maps. Once he has passed a map on, he always destroys any old copies, just in case they fall into the hands of the East India Trading Company or a gang of enterprising pre-teens.
Since it makes sense to create as many telepods as are needed but no more (due to the costs involved in tying up funds), there needs to be a mechanism for satisfying a given level of requests for Teleport in the most efficient manner. Suppose that the demand is for X coins, delivered in batches of standard-denomination pods.
We can assume an uncontaminated minipod will always be available from the faucet, since this is cheap to arrange, so the problem reduces to finding the best set of available telepods to fulfil the total required. The older the clone date, the more protection exists. However, a simple ‘first fit’ method will not work so well, as there is also the issue of matching the total amount X with the right denominations. However a simplified approach provides a good starting point.
Take the first N telepods, such that the total value of these N telepods >= X, but sum of N-1 < X. It is good practice to prevent telepod sets that have not aged enough from being used, and this can be passed in as a parameter. Using this parameter (or a default), we will also have a list of potential replacement telepods that are a little younger than the initial set, but still older than specified. Ideally, the selected telepods would exactly match X with the least number of telepods used, in order to reduce the number of packets that need to be sent. There may be a deterministic algorithm to solve this perfectly, but with the expected number of telepods and speed of the average CPU, this is a simple problem for a genetic algorithm to find the fittest set. Using a genetic approach also allows flexibility in the criteria for the selection set. Different users may have different requirements.
Assuming these requirements have been met, we have the set of selected telepods that now need to be sent to the recipient. In the event there is not an exact match for X, issues arise regarding where to send the change without resulting in contamination. To sidestep this issue, in addition to the minipod faucet that will patch transaction fees, the system also requires a supply of telepods that are of the lowest denomination supported by Teleport. Since standard recommended denominations include 1 and 5, no user will ever require more than 4 of these unit pods. (It makes sense for transporter accounts to store a larger number based on likely estimations of demand, since then more than one Teleport order can be fulfilled without waiting for more telepods to age.)
There should therefore always be an exact match between the order sum X and the total value of the telepods. They can then be sent to the recipient, to await confirmation of successful cloning. In order to minimise timing attacks, the acceptance procedure should be randomly spread out over a set amount of time. Again, a user-specifiable parameter with some reasonable minimum requirement is a practical approach. The recipient can also immediately acknowledge receipt of all telepods without cloning, in the case that the sender is trusted not to double spend. While this is not realistic for arm’s-length transactions, for transfers internal to a single organisation it avoids needless cloning and the expenses and loss of ageing that creates. If a user is creating telepods for their own purposes and later use, again there is no risk of lost funds.
Upon receipt of acceptance, the sender deletes the telepods. This is a potential (edge case) information leak if the sender prevents deletion, but it can never raise the possibility that an untrusted sender will double spend. It is also in the interest of the sender to delete the telepods, as the sender’s privacy is at risk (again, in extreme cases) as long as these files remain on their system.
Receiving telepods
Roger the Cabin Boy has received his monthly pay in the form of a set of standard-denomination treasure maps, delivered over the course of the last week by the pirates’ courier network. Broadly trusting his employer, Captain Pugwash, he has a choice about when to move the treasure and copy the maps, and does not have to do this all at once. He decides to wait until Saturday to recover some of the treasure, since many other people will have just been paid and will be engaged in digging. The more people are active at any one time, the less his own activities will raise the suspicions of the East India Tea Company.
The final part of the telepod transaction process is reception. As the telepods arrive, they are processed according to the stated trust level and user parameters. In the case of a trusted sender, the telepods are verified to contain proper unspent outputs on the blockchain and acceptance is given. (A higher-level packet that describes the entire set can be used to identify any packets lost in transit and to make the accounting simpler, though this is not required for the proof-of-concept to work.)
In the expected event of an arm’s-length sender, the recipient should immediately clone each telepod, thus preventing double spend by the sender. Of course, in the event the sender does double spend, then the recipient simply rejects the payment, or pro-rates the amount double spent. Thus a double spend is an inconvenience but poses no threat of fraud.
The cloning process involves taking the unspent amount in the telepod, adding the transaction fee equivalent from the minipod, and sending the funds to a newly-generated telepod address. After the cloning process is completed, the telepods begin aging and can become part of outbound teleports when a satisfactory age threshold is reached.
The issue arises of when to clone each telepod received in the set. To simplify the processing logic, it is recommended to await the arrival of all telepods, as specified in the summary packet. This allows a retransmission process to complete before proceeding to the cloning stage. The problem with cloning all the telepods at the same time is that this results in a much easier target to correlate, especially if the total amount is substantial. In addition to a general minimum time to wait before cloning takes place, there need to be provisions for processing larger amounts. Ideally, the total amount being processed by the entire network would be used to determine the recommended duration of the cloning process. Instead of specifying an arbitrary time limit, a privacy level can be chosen such that all telepods are part of a large enough global set. The reception side is far more critical than the sending side, due to the significantly smaller timeframe over which this needs to occur. This may result in delays early on in the implementation of Teleport.
As the overall Teleport activity increases, these undesirable delays will be dramatically reduced, or even eliminated totally: Teleport works better and faster the more overall activity there is.
Leaving hyperspace
Roger the Cabin Boy has won a number of maps in a game of chance. The problem arises that although the maps have changed hands anonymously dozens of times in that form, when he actually needs to spend the treasure in the chests he risks creating a link that could be followed back to him. The simple answer is that all of the maps were originally created by the legendary pirate, Jack Sparrow, and can be traced back to him. (Since Jack knew this all along, this is of no consequence to him.) So Roger can return the maps to Jack Sparrow in return for regular payment in whatever currency he prefers, and there will never be any evidence that Roger has dealt in the maps at all.
This system describes the creation and continued use of telepods within hyperspace, or within a set of transactions that have no further relationship with the blockchain and addresses that can be identified by their associations – either other addresses to which they are linked, or other information available through external means.
For some privacy-oriented activities, the telepods will continue circulating in hyperspace and will never have to rejoin the main (monitored) blockchain. This would provide the optimum circumstances for using Teleport.
There will naturally be cases where users want to cash out telepods so that they can spend the funds within them, outside the Teleport ecosystem. This represents a significant vulnerability. Just as the original creation of a telepod is traceable to the address that first created it, so the address to which the telepod is cashed out for general use will also be visible.
Fortunately, there are effective ways to circumvent this problem. Some users will be content to move funds directly into their day-to-day accounts, especially if the transactions are obfuscated by other means (use of mixers, for example, is not precluded by Teleport). However, for the highest levels of privacy, the following methods are recommended:
Anonymous bank card. Through a partnership with cryptocurrency payment processor Coinomat, BTCD balances can be withdrawn to a bank card. When funds are sent to the linked deposit address, they appear on the card’s cash balance. This can then be used for online purchases and even ATM withdrawals. If the cards are delivered by mail then there is a potential risk; the ideal solution to this is purchase for cash. This telepod → fiat exit path offers a total anonymous ecosystem for cryptocurrencies.
Blockchain withdrawals via the originating account. In many cases, owners will want to ‘withdraw’ the contents of their telepods to the blockchain, in order to use the funds as normal – purchasing goods online directly with the cryptocurrency, converting to other currencies via exchanges, and so on. Since this represents a second point of vulnerability (the first being the original telepod creator), it makes sense to combine the two. Thus anyone wishing to cash out their telepods may do so via the original issuer. To the outside observer, the line of transactions simply follows a loop from the originator back to the originator, via an unspecified number of clone addresses:
[Graphic]
Input account
|
Transporter account → A → B → C → D … M
|
Transporter account ← Z ← Y ← X ← W … N
|
Output account
Conclusion
Captain Kidd has devised a cipher with which to record the location of his treasure. Whilst adequate for the limited threat posed by his own circle of acquaintances, after the treacherous business with William Legrand he decides that extra precautions would be wise. Kidd uses his cipher to encode the location of his replacement treasure chest, and then buries these instructions in a second location, marked on a treasure map in the established fashion – thereby cumulatively gaining the benefits of both forms of secrecy.
Teleport offers robust anonymity for cryptocurrency users – initially BitcoinDark users, though the protocol will allow other cryptocurrencies to be anonymised through the BTCD system for only minimal transaction fees. Teleport’s exceptional level of privacy is achieved not by mathematically superior encryption or more sophisticated mixing processes, but by enabling transaction information to be sent outside of the blockchain within a complete ecosystem designed for privacy from the ground up.
It is anticipated that BitcoinDark will naturally compete with other cryptocurrencies offering anonymity features, including Darkcoin and Monero, which use variations of mixing and ring signatures respectively. Whilst no solution can ever be perfect, the addition of a wholly different approach to the current cryptocurrency landscape must be welcomed. The CryptoNote white paper points out that the currency is not considered a full replacement for Bitcoin, but that there are advantages to having competing currencies: these are the circumstances under which innovation and improvement occur.
Bitcoin’s immense network effect means that there is little chance in the medium term of another cryptocurrency unseating it. As the established digital currency for internet commerce, it makes no sense for users to switch to another form of cryptocurrency without good reason – though for private transactions they may choose another currency. Nevertheless, Teleport’s versatility as a complete system rather than as an cryptocurrency-specific algorithm mean that in those circumstances where privacy is required by Bitcoin or another ‘transparent’ cryptocurrency, this eventuality is also covered by using BTCD through a third-party service.
There is also nothing to stop existing privacy-oriented cryptocurrencies from adding Teleport to their approach, either before or after native measures are taken. This layered use of anonymity protocols will provide exceptionally strong privacy for the most sensitive applications.
Further reading
Evan Duffield and Kyle Hagen (2014). Darkcoin: Peer-to-Peer Currency with Anonymous Blockchain Transactions and an Improved Proof-of-Work System. HYPERLINK "
https://www.darkcoin.io/downloads/DarkcoinWhitepaper.pdf"
https://www.darkcoin.io/downloads/DarkcoinWhitepaper.pdfMichael Fleder, Michael S. Kester and Sudeep Pillai (2014). Bitcoin Transaction Graph Analysis. HYPERLINK "
http://people.csail.mit.edu/spillai/data/papers/bitcoin-transaction-graph-analysis.pdf"
http://people.csail.mit.edu/spillai/data/papers/bitcoin-transaction-graph-analysis.pdf Satoshi Nakamoto (2008). Bitcoin: A Peer-to-Peer Electronic Cash System. HYPERLINK "
https://bitcoin.org/bitcoin.pdf"
https://bitcoin.org/bitcoin.pdf Surae Noether (2014). Review of CryptoNote White Paper. HYPERLINK "
http://monero.cc/downloads/whitepaper_review.pdf"
http://monero.cc/downloads/whitepaper_review.pdf Fergal Reid and Martin Harrigan (2011). An Analysis of Anonymity in the Bitcoin System. HYPERLINK "
http://arxiv.org/pdf/1107.4524.pdf"
http://arxiv.org/pdf/1107.4524.pdf Nicholas van Saberhagen (2013). CryptoNote v 2.0. HYPERLINK "
https://cryptonote.org/whitepaper.pdf"
https://cryptonote.org/whitepaper.pdf Satoshi Nakamoto (2008). Bitcoin: A Peer-to-Peer Electronic Cash System. HYPERLINK "
https://bitcoin.org/bitcoin.pdf"
https://bitcoin.org/bitcoin.pdf See Fergal Reid and Martin Harrigan (2011). An Analysis of Anonymity in the Bitcoin System. HYPERLINK "
http://arxiv.org/pdf/1107.4524.pdf"
http://arxiv.org/pdf/1107.4524.pdf Nakamoto (2008).
Michael Fleder, Michael S. Kester and Sudeep Pillai (2014). Bitcoin Transaction Graph Analysis. HYPERLINK "
http://people.csail.mit.edu/spillai/data/papers/bitcoin-transaction-graph-analysis.pdf"
http://people.csail.mit.edu/spillai/data/papers/bitcoin-transaction-graph-analysis.pdf Reid and Harrigan (2011).
Jinyoung Lee Englund, spokeswoman for the Bitcoin Foundation. See ‘Silk Road arrest exposes a hidden Internet’, HYPERLINK "
http://articles.baltimoresun.com/2013-10-06/news/bs-md-silk-road-tech-20131006_1_silk-road-deep-web-internet-privacy/2"
http://articles.baltimoresun.com/2013-10-06/news/bs-md-silk-road-tech-20131006_1_silk-road-deep-web-internet-privacy/2 CoinJoin was first described in HYPERLINK "
https://bitcointalk.org/index.php?topic=279249.0"
https://bitcointalk.org/index.php?topic=279249.0 See Evan Duffield and Kyle Hagen (2014). Darkcoin: Peer-to-Peer Currency with Anonymous Blockchain Transactions and an Improved Proof-of-Work System. HYPERLINK "
https://www.darkcoin.io/downloads/DarkcoinWhitepaper.pdf"
https://www.darkcoin.io/downloads/DarkcoinWhitepaper.pdf HYPERLINK "
https://cryptonote.org/coins.php"
https://cryptonote.org/coins.php Nicholas van Saberhagen (2013). CryptoNote v 2.0. HYPERLINK "
https://cryptonote.org/whitepaper.pdf"
https://cryptonote.org/whitepaper.pdf ‘Untraceable Payments’, HYPERLINK "
https://cryptonote.org/inside.php"
https://cryptonote.org/inside.php HYPERLINK "
http://wiki.darkcoin.eu/wiki/FAQ" \l "What_can_I_expect_in_terms_of_traceability.3F"
http://wiki.darkcoin.eu/wiki/FAQ#What_can_I_expect_in_terms_of_traceability.3F HYPERLINK "
https://blockchain.info/"
https://blockchain.info/ HYPERLINK "
http://monerochain.info/"
http://monerochain.info/ HYPERLINK "
https://blockchain.info/charts/blocks-size"
https://blockchain.info/charts/blocks-size HYPERLINK "
https://blockchain.info/charts/n-transactions-total"
https://blockchain.info/charts/n-transactions-total HYPERLINK "
https://blockexplorer.com/"
https://blockexplorer.com/ Surae Noether (2014). Review of CryptoNote White Paper. HYPERLINK "
http://monero.cc/downloads/whitepaper_review.pdf"
http://monero.cc/downloads/whitepaper_review.pdf Nakamoto (2008).
HYPERLINK "
https://github.com/cryptosphere/rbnacl"
https://github.com/cryptosphere/rbnacl Adi Shamir (1979). How to share a secret. HYPERLINK "
http://dl.acm.org/citation.cfm?doid=359168.359176"
http://dl.acm.org/citation.cfm?doid=359168.359176 HYPERLINK "
https://coinomat.com/"
https://coinomat.com/