Dandelion++ provides network-stage shielding of IP addresses. I2P/Tor are additionally an mega darknet choice.

TL;DR: Monero addresses and amounts don't seem on the blockchain and thus cannot be derived through chain evaluation.

Monero's all-spherical reliability may be evidenced by the fact that it has a 100% good track document, literally not a single real-world consumer has ever been traced despite repeated de-anonymization efforts by the likes of the FBI, Europol and the IRS, who are otherwise efficiently tracing and prosecuting Bitcoin users on the darknet and elsewhere.

Almost about ringsize and anonymity sets, word that your private anonymity set grows (compounds) over time even when you do nothing. This is how decoy inputs with ring signatures work, since a given output will continue to appear in numerous ring signatures in several blocks at different occasions its anonymity set grows infinitely.

So no, your effective anonymity set is unquestionably not simply Current_RINGSIZE, it pretty shortly grows to tons of, 1000's and hundreds of hundreds of potential outputs on the chain. And as soon as Triptych Seraphis increases the ringsize from 11 to 128, multiply all that by 12. Game FUCKING OVER for anybody still making an attempt to crack ring signatures.

Monero makes use of established, many years-old i.e. certifiably reliable cryptography and can in future integrate more complete, at present experimental zero-information solutions (zk-SNARKs/STARKs) once they mature and their commerce-offs turn out to be much less prohibitive. Research is ongoing.

Monero is at the moment changing Bitcoin wherever privacy & fungibility matter

Continuing advances in chain analysis have step by step eroded Bitcoin's already tenuous fungibility to the purpose that it might no longer compete in markets the place fungibility and privacy specifically are absolutely important. This has inevitably resulted in a piecemeal exodus from Bitcoin into Monero, which, because the world's most battle-examined privacy coin, is uniquely certified to reliably service the transactional stealth requirements of an ever-rising variety of cryptocurrency customers.

Monero's surging adoption is now also being mentioned on mainstream television news experiences.

Colonial Pipeline paid ransom to hacker group DarkSide: Source

Bitcoin is the best thing to occur to the FBI: BlockTower's Bucella

Why some hackers are ditching Bitcoin for a cryptocurrency known as Monero

Last Week Tonight with John Oliver

Ransomware: Last Week Tonight with John Oliver (HBO)

BONUS: John McAfee's legendary coke-fueled rant on XMR vs BTC

https://www.youtube.com/watch?v=SgpKDVkvboE

BONUS: Mental Outlaw - How Monero Works (And Why Its A greater Currency Than BTC)

https://www.youtube.com/watch?v=QrHsFZBab4U

BONUS: Mental Outlaw - Bitcoin is for Fools, Monero Rules!

https://www.youtube.com/watch?v=PGrMM65QOa8

BONUS: Coin Bureau - Monero: Why XMR Has A lot POTENTIAL!!

https://www.youtube.com/watch?v=O58STfvxZnY

Recognizing traceability FUD

A common habit of FUDsters, notably those shilling competing privacy projects, is to routinely allege that Monero is somehow damaged or compromised, often whereas citing obvious research to that effect. While at first these claims and accompanying research might seem compelling, the fact that the Monero-using darknet and criminal underworld aren't deterred by such allegations needs to be your first hint that you may be coping with some good old fashioned bullshit.

A typical FUD tactic involves citing outdated, pre-2018 knowledge and hoping you won't think to ask about it is age. Namely, Monero is a continuing work-in-progress that solely keeps getting increasingly more safe with age, that means it used to be considerably less so just a few years back when 0-decoy or non-fastened mixins have been allowed and amounts weren't but shielded (pre-RingCT).

At the moment, these vulnerabilities may very well be exploited to make deducing the true spend (ring member) much easier, though stealth addresses obviously remained unassailable so you still retained a respectable degree of privacy. Some studies had been published that highlighted these potential issues and in due course the Monero devs upgraded and reinforced the protocol to the purpose that the prevalence of previous traceability issues is now successfully zero.

Another thing to be careful for are flawed or deceptive studies which might be primarily based on theoretical workout routines as opposed to actual-world fight e.g. flood attack simulations:

In any case, a devoted FUDster may additionally usually attempt to convince you that: 1. Ring signatures are the linchpin of Monero's privacy protocol and with them broken Monero would instantly become traceable.2. Ring signatures are damaged because causes.

The primary one is mistaken because ring signatures actually solely serve to provide plausible deniability about which output is being spent, the bulk of Monero's privacy is definitely supplied by stealth addresses & CT, which shield the essential information i.e. addresses and amounts. Those remain off-chain and rock-strong. Furthermore, figuring out the true spend does not mechanically translate into identifying the precise real-world user, without correlating KYC data there's literally nothing else to go on and this factor will become far more important as zero-KYC DEXs just like the upcoming Haveno begin to achieve traction.

The second assertion fails to take into consideration how challenging it will truly be to meaningfully "break" ring signatures in an unpredictable actual-world setting. To place issues in perspective, regardless of the sheer quantity of transactions concerned an attacker would in some way have to take care of consistent and unique management over 65% of ALL outputs to compromise just 1% of arbitrary rings per day. Raising the ringsize from 11 to 20 would up that share to 80%.

So when you consider the truth that the upcoming Triptych Seraphis improve will enable ringsizes as massive as 128, the utter futility of even trying to interrupt ring signatures this manner becomes glaringly obvious.

How the Seraphis upgrade will additional improve Monero's capabilities

No, CipherTrace has clearly NOT cracked Monero

Literal faux information and vaporware. The primary pink flag right here is that CipherTrace is seemingly claiming to have the ability to do one thing that extra respected chain analysis enterprises overtly concede just isn't likely to be feasible, particularly tracing Monero transactions. Since Monero is an open supply mission with a well-understood privateness protocol it is exceedingly unlikely that CipherTrace has managed to find some devastating new vulnerability that literally every other competitor and pen-tester have missed in their constant, years-lengthy efforts to crack Monero.

However, what's much more likely is that CipherTrace is just making an attempt to generate media hype in an effort to raise their profile, and nothing will get individuals's attention like performing a miracle, in this case apparently cracking crypto's esteemed king of privacy.

But the dead giveaway that CipherTrace is, to place it mildly, significantly exaggerating their Monero-tracing capability is: 1. there has been no practical demonstration of their tech in action.2. the vague, sales pitch-laden and contradictory messaging they use.

"next-era enhanced Monero tracing visualization software" that in some way manages to work regardless of the CEO already having acknowledged that they cannot truly hint Monero deterministically. It seems the entire thing is finally just a glorified probabilistic guessing game where CipherTrace spams the community with transactions in a Hail Mary try to filter out and guesstimate the possible true ring members i.e. outputs, followed by correlating what little they've bought with available KYC information within the hopes of constructing a connection to an actual actual-world identity.

In different phrases, as long as you're practising basic, frequent-sense OPSEC i.e. making certain your shady dealings are a couple of TX removed from any subsequent KYC deposit, not spending funds immediately after receiving them, utilizing subaddresses or fresh accounts, etc then the already low chance of your output being pegged as the true spend goes all the way down to successfully zero. It bears reminding that Monero addresses and quantities Do not Appear ON THE BLOCKCHAIN so even when CipherTrace (or anyone else for that matter) in some way, against all the odds managed to establish your output that still wouldn't reveal anything about how much XMR was truly despatched and to whom, your plausible deniability would thus still stay viable.

Of course, you could be questioning: what is the point of developing and advertising and marketing a Monero tracing instrument that does not actually work? The reply is simple: it's all compliance theater and CipherTrace's instrument is merely a prop for use accordingly. In their own press launch they state:

"The availability of this enhanced Monero tracing bolsters the viability of privacy coins for the lengthy-term, assuring regulators that exchanges, OTC desks, and other virtual asset service suppliers will have the ability to adjust to international Anti-Money Laundering requirements while persevering with to accept Monero transactions."

Pricing for supply tracing of Monero transaction capabilities begins at $16,000 USD per yr, per user, for existing licensed CipherTrace users at selected customers and agencies.

So if you're an alternate and you want to make or keep Monero obtainable to your clients you now should be demonstrably proactive almost about AML regulations and such and for the small sum of $16K per yr CipherTrace can cowl your ass and verify that you probably did indeed do the whole lot you have been purported to, up to and together with "monitoring" suspicious Monero transactions. Yeah, it didn't amount to something but not less than you tried, proper? It's truly win-win for everyone involved: CipherTrace will get paid, the trade is certified as compliant and Monero keeps being obtainable to prospects.

And ultimately it seems that CipherTrace's little publicity stunt most undoubtedly did not backfire on them: in early September 2021 it was revealed that MasterCard might be buying CipherTrace for an unknown amount (kek) of USD. Well played, gentlemen!

Vaporware: How to spot Bogus Claims

CipherTrace’s Monero Tracking Tool Has Not Been Proven Effective, Researcher Says

Yes, you'll be able to really verify the XMR provide

"Muh inflation bug" is a few of the more common Monero FUD one will encounter on /biz/ and elsewhere, basically the implication right here is that as a result of quantities are absolutely shielded, as a result of we can't instantly observe and tally them up like we will with Bitcoin that there is then no approach of knowing what's actually happening beneath the hood and that due to this fact all manner of inflationary fuckery might be occurring with out it being obvious. Probably the most prevalent FUD narrative is that the devs have secretly been exploiting this bug for all these years, minting thousands and thousands of additional XMR thus retaining the worth so inexplicably low.....

To grasp why such theories are bullshit, we first need to ascertain one very related reality: prior to the introduction of RingCT in January 2017 XMR amounts were not SHIELDED, meaning that whereas user identities remained unknown the specific quantities they have been transacting have been on public display for everybody to see. Obviously this would then make any profiteering from an lively inflation bug not possible to hide, thousands and thousands of excess XMR moving round and getting dumped on exchanges would have immediately been seen.

So we will subsequently be fairly confident that up till the activation of RingCT no significant inflation bug was active or being exploited. There was nevertheless a dormant inflation bug discovered earlier that same year, a relic of the original Bytecoin code Monero forked off from. Subsequent audits confirmed that the bug was NOT exploited, as was already obvious, and the offending code was patched.

Thus, when speaking about "muh inflation bug" solely the RingCT-era, 2017-current day, is relevant. And that is the place one can legitimately pose the question: how can we be assured that hundreds of thousands of excess XMR aren't being minted right now?

To which the answer is: by relying on some very intelligent math and counting up block rewards

Namely, inside RingCT XMR amounts are set and encrypted utilizing a zero-knowledge proving system, particularly Pedersen commitments. The resulting homomorphic hash can then have mathematical calculations performed on it to confirm the validity of its hidden worth. In other words, even with out knowing, with out being able to directly observe specific XMR amounts we are able to nonetheless nonetheless mathematically show their correctness and confirm that no further coins have materialized i.e. that inputs and outputs are balanced and every part provides up perfectly, ergo "zero-knowledge" proof.

But how can we be so sure that these Pedersen commitments actually do what they're speculated to? Well, the most vital purpose is that in contrast to more novel ZKP variants, Pedersen commitments are an established, many years-previous scheme, having debuted in 1991. Meaning they've 30 years of continuous use and battle-testing underneath their belt, we know how they work and, crucially, that they work, which thus makes them very predictable and therefore highly reliable.

So far as their implementation in Monero's codebase goes, RingCT was clearly subjected to intense stress-testing and underwent a number of rounds of 3rd-occasion auditing before lastly being activated to make sure the whole lot is working optimally.

But probably the most sensible strategy to validate the opaque accounting is by summing up block rewards i.e. coinbase outputs. Since freshly-minted coins haven't any transaction history, they do not require shielding, that means each single XMR coin that enters the ecosystem is briefly visible till it eternally disappears into the shielded RingCT pool. Because the fastened emission price tells us exactly what number of coins must be in circulation at any given second, as long as the tally of coins transparently coming into the ecosystem = the expected in-circulation quantity we might be very assured that the underlying math keeping all the pieces in verify is working properly.

Furthermore, double-spending of present amounts is prevented by key images. A key image is unique to every output and is only revealed as soon as the funds have been spent. This permits anybody to verify that the amount to be spent hasn't already been transacted before.

Now, there are clearly no 100% ensures in relation to software of any type, together with extremely eyeballed code like Bitcoin, which has technically had twice as many inflation bugs as Monero: 1. 2010: bug was exploited with 184 billion BTC being mintedThe Day Someone Created 184 Billion Bitcoin2. 2018: bug was not exploited however had gone undetected for 2 yearsThe newest Bitcoin Bug Was So Bad, Developers Kept Its Full Details a Secret

The lesson here being that undiscovered bugs are at all times a possibility however at some point you simply have to accept that the code has been sufficiently audited and battle-tested and move on. It's why you do not ponder the validity of the underlying code each time you generate a new Bitcoin deal with, you simply have faith that every thing is working properly regardless that there is a non-zero likelihood that a bug in the system is producing faulty non-public keys which may be compromised in future. Ultimately, the extra time that passes with out such a bug being detected the more assured we can be that it would not exist and finally we just stop worrying about it.

How to purchase & store Monero

How to purchase Monero for burgers

The best way to create a Monero paper wallet

How to maneuver Monero into cold storage

How BTC<->XMR atomic swaps will work beneath the hood

COMING Soon: Haveno DEX

A community-funded Monerocentric Bisq fork called Haveno is at the moment being developed and will quickly be operational. Having a dedicated zero-KYC DEX (decentralized alternate) will enormously increase user privateness while substantially offsetting the detrimental effects of CEX delistings. Permissionless P2P buying and selling is the future.

Haveno will utilize 2/three multisig and atomic swaps. Users will be capable to anonymously commerce Monero <-> Bitcoin and other cryptocurrencies as well as purchase or sell Monero straight through bank deposit or cash-in-mail.

https://haveno.exchange/

Where can I obtain the Monero wallet?

Desktop wallets

Mobile wallets

How lengthy does it take for my stability to unlock?

Your stability is unlocked after 10 confirmations (which implies 10 mined blocks). A block is mined roughly every two minutes on the Monero community, in order that could be around 20 minutes.

How can I show that I despatched a fee?

The fastest and most direct means is by utilizing the ExploreMonero blockchain explorer. You might want to get better the transaction key from your wallet (complete information for GUI / CLI).

Why I can't see my stability? Where is my XMR?

Before any motion there are two issues to check:

1. Are you using the newest obtainable version of the wallet? A brand new model is released roughly every 6 months, so make sure you are using the current launch (compare the release on GetMonero.org along with your wallet's model on Settings, beneath Debug data).2. Is your wallet fully synchronized? If it is not, wait the sync to complete.

Because Monero is completely different from Bitcoin, wallet synchronization is not on the spot. The software needs to synchronize the blockchain and use your private keys to identify your transactions. Check in the lower left corner (GUI) if the wallet is synchronized.

You cannot send transactions and your balance could be wrong or unavailable if the wallet shouldn't be synced with the community. So please wait.

If this is not a enough answer to your case and you're looking for extra data, please see this answer on StackExchange.

How do I upgrade my wallet to the most recent model?

Why does it take so lengthy to sync the wallet [for the primary time]?

You may have determined to use Monero's wallet and run a neighborhood node. Congratulations! You've gotten chosen the safest and most safe option on your privacy, however sadly this has an initial price. The first purpose for the slowness is that you might want to obtain your complete blockchain, which is significantly heavy (+70 GB) and continually rising. There are applied sciences being implemented in Monero to gradual this progress, however it is inevitable to make this preliminary obtain to run a full node. Consider syncing to a machine that has an SSD instead of an HDD, as this drastically impacts the velocity of synchronization.

Now that the blockchain is in your pc, the subsequent time you run the wallet you only have to obtain new blocks, which ought to take seconds or minutes (depending on how usually you use the wallet).

I don't want to download the blockchain, how can I skip that?

The solution to skip downloading the blockchain is connecting your wallet to a public distant node. You may observe this guide on methods to set it up. You will discover a listing of public distant nodes on MoneroWorld.

Be suggested that when utilizing a public distant node you lose a few of your privacy. A public distant node is able to determine your IP and opens up a range for certain assaults that additional diminish your privacy. A distant node can't see your steadiness and it cannot spend your XMR.

How do I restore my wallet from the mnemonic seed or from the keys?

To revive your wallet with the 25 phrase mnemonic seed, please see this guide.

To revive your wallet together with your keys, please see this information.

How do I generate a Ledger Monero Wallet with the GUI or CLI?

How do I generate a Trezor Monero Wallet with the GUI or CLI?

This question is beautifully answered on StackExchange. Check this web page for the GUI directions, and this page for the CLI instructions.

How can my local node grow to be a public distant node?

If you want to assist different Monero customers by making your node public, you possibly can observe the instructions on MoneroWorld, beneath the part "How To incorporate Your Node On Moneroworld".

How can I connect my node through Tor?

This query is beautifully answered on StackExchange.

Bitcoin: The unique Non-Fungible Token

Bitcoin's inherent lack of fungibility has real-world penalties: the US Department of the Treasury’s Office of Foreign Assets Control (OFAC) now maintains a blacklist of tainted digital currency (largely BTC) addresses. Your funds can and might be seized if Uncle Sam decides they are in some way connected to sanctioned persons or associated "suspicious activity".

How do I block digital forex?

Once it has been determined that your institution is holding digital foreign money that is required to be blocked pursuant to OFAC’s rules, you should be sure that access to that digital forex is denied to the blocked particular person and that your establishment complies with OFAC rules related to blocked belongings.

Blocked digital currency should be reported to OFAC inside 10 business days. 202-622-2490 or ofac_feedback@treasury.gov https://home.treasury.gov/policy-issues/financial-sanctions/faqs/646

"Just use a mixer or CoinJoin, bro"

Binance Returns Frozen BTC After User ‘Promises’ Not to make use of CoinJoin

Major Exchange Restricts Crypto Transactions Linked to Coin Mixing, Sparking Privacy Concerns

CoinJoin Flagging

Money Trail From Liquid Exchange Hack Points to Wasabi Privacy Wallets

Bitcoin’s Fungibility Graveyard

"Taproot and Schnorr will fix that, bro"

No, Taproot and Schnorr signatures most positively will not make Monero redundant, because of its elementary transparency Bitcoin can never and will never be as airtight as Monero. Bitcoin Won't ever Be Truly Private Says Andreas Antonopoulos: "Bitcoin is just not a privacy coin"

"I think what we’re going to see quickly is Schnorr, Taproot, and Tapscript, which open the door to loads of improvements," Antonopoulos stated, "But they nonetheless do not contain zero-data proofs or the types of ring signatures and stealth addresses which might be completed in Monero. Bitcoin is just not a privacy coin."

"Just use Lightning Network, bro"

No, Lightning Network additionally most positively is not going to make Monero redundant, privacy as an afterthought on Layer 2 will never go darknet-tier OPSEC muster on account of the increased attack surface. Another layer = added complexity = bigger assault floor = better statistical probability of exploits and data leakage, which can be utilized for heuristic assaults. Therefore, robust Layer 1 privacy will all the time be prioritized by those that require the absolute best privateness ensures.

https://en.wikipedia.org/wiki/Attack_floor

https://en.wikipedia.org/wiki/KISS_principle

https://en.wikipedia.org/wiki/Overengineering

Attack surface aside, Lightning Network additionally has inconsistent privacy guarantees to start with. Users are nonetheless advised to CoinJoin both earlier than and after and to maintain different issues in thoughts i.e. but extra things to worry about getting excellent. Meanwhile, Monero users merely hit [send] and are carried out with all of it.

"The important factor we need to realize in the bottom layer isn't scaling; the important thing we want to realize in the bottom layer that Cannot be achieved within the layers above is fungiblity and privacy with strong ensures and simple primitives. And if we have now privacy primitives and fungibility primitives in the bottom layer than we will do scaling within the second layer and we can do it securely. Otherwise, we have a privateness drawback. And that privateness problem will get magnified as we go up the layers. If you can do analysis on the base layer, that offers an important diploma of insight into what's happening above."

Andreas Antonopoulos Bitcoin Q&A: Layered Scaling and Privacy

Researchers Surface Privacy Vulnerabilities in Bitcoin Lightning Network Payments

https://www.coindesk.com/researchers-floor-privacy-vulnerabilities-in-bitcoin-lightning-network-funds

Current State of Lightning Network Privacy: "Unfortunately, there are scenarios the place Lightning is just not great for privateness"

https://abytesjourney.com/lightning-privateness/

"Sorry to burst your bubble, Lightning is a pals-solely, nothing-can-ever-go-unsuitable toy community proper now. The adversarial screws haven’t even been put in yet, let alone tightened. It’s time to wake up out of the hype dream.

There are two major lessons of privateness attacks that basically concern me, and as I'll get into shortly will not be simply hypothetical things. They are very potential assaults with very real economic incentives that may inevitably create entities in the perfect position to take advantage of these courses of assaults."

https://medium.com/block-digest-mempool/lightning-network-yield-and-incentives-b2b624375094

Even these guys understand that optimal Bitcoin privacy still isn't as dependable as just utilizing Monero

The darknet: where for apparent causes you will repeatedly get advised to ditch Bitcoin and start using Monero

Outside perspectives on Bitcoin

Ray Dillinger (worked with Satoshi): "Bitcoin is a disaster"

Investment strategist and ex-HODLer: "Bitcoin is an investment cult"

2021 skilled analysis: "Bitcoin is simpler to trace than conventional banking transactions"

Distinguished economist Steve H. Hanke: Bitcoin can be replaced by a superior crypto

Why Monero is healthier than Zcash™

- no CEO
- no vulnerable company presence, nameless core developers not topic to US/EU regulatory pressure or intimidation
- not overly-concerned with compliance, privacy is prioritized in every consideration no matter the consequences
- fully non-public at protocol stage (no non-obligatory privacy), all transactions look the identical, transparency is strictly decide-in
- auto-shielded IP addresses
- uses established, nicely-understood, battle-tested and thus dependable cryptography as opposed to novel, experimental, a lot less understood and thus probably flawed cryptography i.e. no "spooky moon math"
- modular method to privateness = no single point of failure
- confirmed monitor report, 6+ years of sustained darknet usage with zero customers traced, has notably foiled the FBI, Europol & the IRS
- no suspected backdoors
- no dev tax i.e. "founder's reward/neighborhood growth fund", conditional donation-based dev funding offers the group more leverage and retains devs disciplined
- wasn't designed to systematically enrich founders & early Zerocoin Electric Coin Company LLC buyers, whales either mined or bought their coins like everybody else
- not a Bitcoin fork
- not transitioning to Proof-of-Stake, PoW has a proven 10+ 12 months monitor document whereas consumer-grade CPU mining stays probably the most nameless, most permissionless approach of buying coins
- ASIC resistance
- tail emission
- dynamic blocksize
- decrease inflation
- ever-growing real-world adoption, actually displacing Bitcoin in OPSEC-vital markets, endorsed by the DNM Bible
- rising criminal adoption = infinitely more avenue cred + legislation enforcement/regulator hostility = further battle-hardening
- passionate grassroots enthusiasm, considerably more neighborhood engagement and activism, has higher memes
- considerably better repute, widely admired and revered by non-hodlers, has much more traction on Reddit, 4chan, and so forth
- higher decentralization = much more likely to outlive a governmental crackdown on privacy coins
- no trademark restrictions, no pandering to the Establishment, has steadfastly remained true to crypto's anti-authoritarian free market cypherpunk ideals

Meet the boss

2018 article that shines a mild on some significantly questionable exercise concerning Zcash™’s governance

https://steemit.com/bitcoin/@proofofresearch/usdzcash-is-nothing-more-than-a-pump-and-dump-get-rich-fast-scheme

Zcash™ contemplating a move to Proof-of-Stake reveals they prioritize wealth over privateness

https://www.reddit.com/r/CryptoCurrency/comments/oxbrdl/zcash_contemplating_a_move_to_proof_of_stake_exhibits/

Zcash™ CEO gets paid circa $300K per month while Monero's core crew works at no cost

https://www.coindesk.com/zooko-wilcox-ohearn-zcash-millionaire

Bag-holding billionaire is stunned that Zcash™ is disliked by so many individuals, doubles-right down to get a pump going

Why Proof-of-Stake privacy coins are a nasty concept

1. With PoS there isn't any way to purchase into the community purely by mining. Mining is THEE most non-public strategy to independently purchase crypto, so with that possibility gone you are left counting on other holders to sell to you, which introduces an element of dependency and thus renders the method less permissionless and less private. Conversely, with (ASIC-resistant) PoW anyone with a computer can anonymously start mining for brand spanking new coins.
2. Law enforcement businesses tend to have a selected policy of not liquidating any privateness coins i.e."Anonymity-Enhanced Cryptocurrencies" present in seized crypto wallets, ostensibly to forestall them from getting used for nefarious activities. While this would possibly actually be helpful for a PoW privacy coin because it successfully reduces the accessible supply, it's potentially problematic for a PoS privacy coin because it provides historic adversaries the opportunity to stake seized coins and thus to amass undue affect on network consensus. With PoS, the more coins that an entity holds, the more energy and rewards they may earn. They can then use these rewards to keep growing their stake, thereby reaching yet extra influence over the community, which obviously defeats the goal of decentralization that cryptos search to attain.

TL;DR: a official privateness coin will uncompromisingly search to maximise privateness, permissionlessness & decentralization in all features. Using PoS isn't per this approach.

Predictably, a Zcash™ fork that seeks to address these flaws was launched by disappointed ZODLers

Zcash™ is toxic to criminals.....and here is why that's a superb thing!

Because nothing says "decentralized cypherpunk ethos" like a Board of Directors

More company bullshit: you can't use the Zcash™ brand without getting permission from their legal dept first

Think they will not get ya? Fuck round and find out

Unlike Monero, Zcash™'s tech continues to be so new and unproven it comes with particular disclaimers

A key hallmark of such exotic cryptography is poor peer comprehension, which makes detecting probably devastating bugs much more difficult

https://www.youtube.com/watch?v=ypzXihRjGak&t=1031s

Bitcoin core dev Peter Todd has been warning about the potential hazards of Zcash™'s experimental tech (zk-SNARKs) for years

To his credit, at the least the CEO has been upfront about it

Bottom line: older, extensively used and extra battle-tested cryptography is always going to be the safest, most dependable option

The appearance of zk-STARKs will finally make zk-SNARKs less relevant

zk-STARKs are essentially a sooner and much safer improvement on zk-SNARKs. They started being developed soon after Zcash™ launched by the identical ZKP guru that co-invented zk-SNARKs, Eli Ben-Sasson. Eli cashed in his ZEC luggage and went off to co-found StarkWare with one other zk-SNARKs co-inventor, Alessandro Chiesa. StarkWare have been creating zk-STARKs ever since and are at the moment optimizing them in preparation for extra widespread adoption.

So what exactly is the large deal? With regards to the aforementioned issues, STARKs are considerably safer than SNARKs since they make the most of established collision-resistant hash capabilities which have been round because the late 1970's. This makes STARKs less advanced, extremely predictable and therefore very reliable, they do not require the form of disclaimers that Zcash™ must add. Furthermore, STARKs have 20x faster proving times and, not like SNARKs, they are totally quantum-resistant, which makes them the more future-proof possibility.

It's totally telling that Eli now identifies as a zk-STARK maximalist and solely ever mentions zk-SNARKs to express his belief that they will be outperformed and obsoleted by zk-STARKs within the following 5 or so years.

It's value reminding that zk-STARKs have been on Team Monero's radar virtually since day one and so they remain a main candidate to sometime exchange ring signatures and enhance overall scaling.

Sad day for you: Z-Cucks are butthurt over Eli and Alessandro ditching them for pastures greener

Zcash™ CEO is fanatical about compliance and kowtowing to regulators, truly will get triggered by the mere suggestion of darknet adoption instead of recognizing the critical validation that will carry

Instead of combating them, Zcash™ CEO is willing to collaborate with central banks to assist the event of CBDCs

Zcash™ CEO insists optional privacy is preferable and never detrimental regardless of tutorial analysis repeatedly showing otherwise

zk-SNARKs are still very new, experimental and enigmatic expertise that might but be confirmed defective. Far more, years more peer assessment + battle-testing is necessary

Like their CEO, Z-Cucks have an almost pathological fetish for submitting to authority

That is What Z-Cucks Actually Believe

Surprisingly, nobody on /biz/ is excited about Zcash™

Zcash™ CEO would not assume ASIC resistance is one thing price fighting for

Muh decoys: Z-Tards don't perceive how Monero truly works

Predictably, Z-Cucks Can't Meme

Memetics Dept.

The Lowdown on PirateChain

Premine shenanigans apart, it should even be noted that PirateChain is actually an asset chain of Komodo which is itself a fork of Zcash™ , that means PirateChain inherits many of Zcash™'s liabilities and depends on Zcash™ for the vast majority of current and future core (zk-SNARKs) development. In different words, if Zcash™ sinks, PirateChain additionally goes down with the ship.

PirateChain's main promoting point is that it makes use of zk-SNARKs and, unlike Zcash™, that it is absolutely private by default i.e. transparent transactions are disabled. While that positively makes it preferable to Zcash™ privacywise, the theoretically superior privacy that zk-SNARKs offer is offset by their novelty and immaturity, which makes their reliability extra questionable than older, more established tech. Namely, newer and insufficiently examined cryptography like zk-SNARKs carries with it risks of systemic failure that cannot be mitigated with out years, usually decades worth of peer assessment and battle-testing, particularly given the insane ranges of mathematical complexity concerned i.e. "moon math." Because of this some cryptographers wouldn't be stunned if zk-SNARKs ultimately find yourself proving defective on account of some yet-undiscovered fatal flaw. Only time will inform.

Like Zcash™, PirateChain can also be highly weak to spam assaults. An assault costing just $0.Forty five was capable of bring the community to its knees, cripple wallet software program, and revealed that the network couldn't even handle 10% of its claimed capacity of 31 transactions per second. At the time of writing, this vulnerability Still has not been totally patched. Most of PirateChain's "largest anonymity set of any cryptocurrency" is comprised of spam.

Also value highlighting is that PirateChain's daring claims of an invulnerability to 51% assaults (as dPOW tends to be marketed) are basically a marketing ploy additionally borrowed from Komodo's dodgy playbook. A security mannequin that truly gives such a formidable degree of safety would obviously be adopted by every different chain in existence, the fact that no person else is using it tells you every part you'll want to know.