Fungibility Talk

Thank you for your perspective, but you have a conflict of interest in that you are on the opposite side of the debate and have engaged in dishonest debating tactics yourself in retaliation against me for defeating your position as such you cannot be trusted to give an unbiased and objective opinion. Also this is not a popularity contest, you voting for inappropriate behavior doesn’t make it any more appropriate. Finally, your contention that the discussion is not relevant or helpful to the original topic is completely incorrect. The topic is “fungibility talk”.

The OP posted their viewpoint and I posted a counterpoint. It is completely disingenuous and inappropriate for you to insinuate that my POV is “not relevant” just because I don’t agree with the OP. I know you don’t care, but you are really disappointing me @happybeing. You have no place to behave this way and your actions and words are not at all befitting the safe network or community. Just really disappointing.

Neutral party here as I have not participated in the discussions.

Dan had in the OP of Fungibility Fun asked that the thread contain only links and that discussions are held separate.

Has his request been followed to the letter in the past, probably not, this is quite long-winded so I agree it needed to be moved.

As the OP he has the right to request links only with separate threads for discussion.

3 Likes

Dan had in the OP of Fungibility Fun asked that the thread contain only links and that discussion are held separate.

Hi! Thank you for confirming your neutrality, though I must admit you certainly lean towards the op’s position do you not? You’ve liked several of their comments which taints that claim a bit. But more importantly, you can clearly go through the thread and see plenty of discussion from the OP themselves where they discuss things they post from reddit and other places. That’s all I did, it is hypocritical to allow the OP to do so and disallow opposing views from doing so.

What’s more, where did OP’s get the right to dictate who can reply and where discussion can be had? The user is not a moderator and that ability I don’t even think they have. Unless the post is offtopic, can you point out any rules where users are allowed to forcibly dictate where and how responses should take place?

My responses were to the OP directly and in contention with their POV. Therefore its not fair to allow them the power to create an echo chamber where only favorable replies are allowed. As you can see no other discussions appear to have been moved to that thread, only mine, which indicates favoritism.

Has his request been followed to the letter in the past, probably not, this is quite long-winded so I agree it needed to be moved.

This is a dishonest reasoning. Discussions are supposed to be “long winded” when there are opposing viewpoints, that’s how you determine the truth. And the fact that you selectively make allowances for others to be so while preventing me is censorship favoritism and completely stains your claim of neutrality, at least imo.

OPs have never been allowed to request that people only reply in a way that they like as long as the replies are on topic in any forum I’ve participated in before, including this one. Step back for a second, remove yourself from the pain of having the viewpoint you support so strongly and succinctly defeated. Would you like it if someone did that you a discussion you were having? Be honest. If you made every effort to comply and still were unfairly censored because the OP couldn’t handle a loss you’d be upset as well.

Your selective reasoning, and stated support for the OP and other’s arguments against my own indicates that you are not in fact neutral and are thus being biased in your position. Also, the fact that those who opposed my viewpoint are overwhelmingly in favor of moving my comments indicates heavily that you are just supporting your biases and are not being honest or objective, which is the tell-tale sign of sore losers. Moving my posts and supporting censorship will never remove the fact that you all lost the debate today, cheers.

Is there a specific thing you want to see done with the Safe Network project to address fungibility? What action are you calling for?

So far it seems like what matters most to you is clarity of definitions, which is important for sure, but I’m not clear about what you hope to see happen as a consequence after fungibility is precisely defined and agreed on.

If I read correctly it seems like you’re suggesting Safe Network should use a coinjoin type system instead of a ring signature system. Does that sound right?

3 Likes

Is there a specific thing you want to see done with the Safe Network project to address fungibility? What action are you calling for?

Hello! The only thing I request is that my comments be allowed to remain in their original thread, that’s all. The discussion is important to me but I don’t want the network to take any action other than to disprove me if they think my POV is wrong.

If I read correctly it seems like you’re suggesting Safe Network should use a coinjoin type system instead of a ring signature system. Does that sound right?

Oh no, I’m sorry I believe this has gotten confused. I admit I may have been overzealous in stating my position. I don’t have any recommendations for the Safe network fungibility or SNT. I don’t know nearly enough about the ins and outs of the architecture to be able to concretely suggest any improvements, or even to know if it can be improved in relation to fungibility. From my understanding, SNTs would always be fungible in the truest sense of the word, without implementation of coinjoin or ring signatures.

I was under the impression that SNTs didn’t really have a history since the Safe Network isn’t implementing a blockchain architecture, and that ownership of tokens would be a sort of one-off thing in terms of information security, i.e. you own a token, you send it, and there’s no sort of history or anything attached to it, the new owner just owns it. This was my understanding and I don’t know if that’s still correct or changed.

My only suggestion is related to this forum discussion and requesting that the discussion be allowed to take place naturally in the original venue it was ventured. So its really nothing to do with the Safe Network perse, I was trying to enter my opinion into the original discussion and I was upset that it was forcibly moved even though my comments were completely relevant and in line with the context of the OP.

After all it doesn’t seem that anyone else had their comments moved to “the other thread” and the OP themselves posted significant discussions of related topics so I believe that it was unfair to move my reply at their request just because I disagree with them. Basically, I believe that Danda’s request to move my comments was spiteful, unfair and not in line with free and open discourse (that remains relevant of course!) and I merely am requesting that today’s moderator action done by JPL be reversed on those grounds.

Thank you for the questions and the opportunity to clear that up.

You were taking the original thread off-topic. It was intended for link sharing and minor comments. Much like the What’s Up Today thread, when more extensive discussions emerge, they move to a topic of their own. This thread is more aligned with the extensive discussions you have begun. If you don’t like it then start a new topic that is more accurate in your opinion. Note that any new topic you begin could be moved to a category of a mod’s choosing if they decide you have not selected a proper category for it.

5 Likes

I don’t think that is accurate. What did I say that was off-topic? I posted an external link to a fungibility discussion with the ZEC community and defended the point. If anything, Tyler and danda were the ones who “took things off topic” as I only responded to their replies to the ZEC thread. But the ZEC thread was on fungibility and was an external link which fulfills both conditions of the original post, the idea that OP’s are allowed to direct replies to their own threads notwithstanding (what moderators are for, and even that is limited to violations of the rules, again which there were none in my posts).

And why should I be required to start a new thread just because I disagree with their replies? That’s absurd and I’ve never seen a moderator encourage that kind of behavior before. In fact the opposite: starting new threads when there already is one has always been seen as frivolous and extraneous and gotten locked from my experience. “There’s already a thread for this” usually being the reason.

It just seems like you’re coming up with excuses to justify supporting an illegitimate request because you’re friends with the OP. What right does anyone have to demand you NOT post in their thread? I didn’t post about the weather or my latest cryptocurrency purchase, I posted clearly about fungibility in response to danda and Tyler.

My posts explained clearly that from the discussion I read, the definition of fungibility being used here by the OP was NOT correct. That’s a serious charge that is directly related to fungibility (obviously since its about the definition of the word itself) and moving that discussion to “another thread” is akin to ignoring the charge altogether and playing favorites. Which is not only misleading behavior, but it also you moderators interferring and entering a debate on behalf of one side without legitimate cause. This is not what moderators are for.

Correct me if I’m wrong, but you are NOT tasked with choosing victors in debates, only to make sure that they stay on topic and irrelevant, abusive and frivolous replies are not allowed. Yes? None of my replies were abusive or irrelevant. The definition of fungibility is CLEARLY related to fungibility, by definition, and therefore you saying that I was “taking things off topic”
is actually an abusive misuse of moderator power, because you’re basically lying about me to protect the ego of one of your friends. That means you shouldn’t be a moderator…If I’m wrong, please point out where.

Neither Danda nor Tyler, could reply sufficiently to defeat my arguments. Danda himself refused to specify exactly what was off-topic and you’re also saying I “took things off topic” (again basically parotting one of your friends) but where did I do so?

Which of my replies specifically do you allege was off-topic? The topic is fungibility and I posted an external link to a privacy community discussion of fungibility. How is that off topic? How can the safe community learn anything about fungibility when you declare discussions about it to be “off topic” with no reason or rationale?

If that’s off-topic, then why is this post:

Not off topic? There’s no links and it is purely discussion.

What about this post:

Or this post:

The OP posted this post and admitted it was only “tangentially related to fungibility”, yet no one is trying to forcibly remove it to another thread because of some stoic application of “the rules” (that OP came up with, violated with their own post and selectively enforced against others):

You may wonder why I seem to be so passionate about this, the truth is I’ve witnessed several times across different venues where the XMR community engages in these kinds of tactics in order to subtly slide forums towards their favor. So it doesn’t seem so big, a moved post here, a blocked topic there, a banned member over yonder. But over time this behavior amounts to censorship and sentiment manipulation in favor of a cryptocurrency that does NOT do what it says on the tin.

In this example, I allege that the XMR community is attempting to trick the Maidsafe community into adopting a FALSE NOTION of fungibility in order to increase their own clout (because they benefit from people thinking “XMR is the only fungible cryptocurrency”). This behavior is a form of corruption like bribing a Senator or paying for special treatment at university and engaging in it is always a sign of community decline.

I am not exaggerating when I state that I love the Maidsafe community. I have been here for almost 7 years waiting patiently for release. MaidSafe was THE REASON I started learning Rust. When I read @dirvine 's initial post explaining they were moving from C++ to Rust I was both awestruck and flabbergasted.

Not only because it introduced me to a new holy grail language (this is off topic but as a developer with over 20 years in the industry, I had long been searching for a replacement to C++ and C) but also at the sheer testicular fortitude required to make such a game-changing switch.

I fell in love with this community and project at that point. So it REALLY pains me to watch the XMR community attempt to manipulate and twist the arm of that same community just so that they can “corner the market” on fungibility.
Again so why are these posts allowed when they are far less relevant than any of the ones that I posted? Its hard for me to conclude that you’re doing anything other than playing favorites because one of your friends was defeated in discussion. Nobody alleged that my posts were off topic until danda waas defeated in my replies. And suddenly they’re “off-topic”. That screams of favoritism and your thin defense here does not dispel that fear.

@danda’s admission below is even more damning than I thought originally. All of the posts I quoted are several months old. The oldest going back to Nov 21’, which is roughly half a year. Yet the only time they thought to care about whether a post was “off topic or not” was when I posted correcting their view of fungibility? That is clearly evidence that they were attempting to hide my replies and slide the discussion, which is a form of corruption.

One thing Kagetoki and I can agree on is that there was some off-topic discussion in the “Fungibility Fun” thread mostly early on, some of which I (grudgingly) replied to.

I made a very clear request in the OP:

Lets keep this topic focused on links to external resources. Please create other thread(s) for discussion.

btw, I owe Nigel an overdue thanks for creating this thread for related discussions.

If mods would like to move all discussion posts (that do not contain external links) to here for consistency/fairness, I’d be fine/happy with that.

4 Likes

I will attempt shine some light on the topic of fungibility. Let’s start with the definition provided by wikipedia:

In economics, fungibility is the property of a good or a commodity whose individual units are essentially interchangeable and each of whose parts is indistinguishable from another part.

I find that definition to be a good one – and it mirrors my long-held understanding. It also is not specific to any currency and does not even mention cryptocurrency. So I proceed using that definition. (note: others may disagree with the definition, that’s up to you.)

Cash
Ok, so let’s consider cash, say the USD. If we hold strictly to the definition, we could say that dollar bills are NOT fungible because each one has a serial number that makes it distinguishable from every other unit.

However we can also take a less strict view and look at how cash is widely used. In common usage, people are not checking the serial number and are not recording it in a central DB somewhere with each transaction. So cash generally can be said to not have an associated history. Blacklists do exist, but are very infrequently checked. Each bill is generally considered to be of equal value to every other by its receiver (unless too worn/torn/damaged).

So what we can do then is imagine a “fungibility scale” from low to high. And we would probably place cash pretty high on that scale. If there were a cash without serial numbers it would go even higher on the scale.

Gold

Gold is often given as an example of a fungible currency/asset because it can be melted down and reshaped into any form. Essentially gold is gold. However, there are limits even here. Sometimes (usually?) there are impurities that a chemist can detect and that differ by source. So in some cases it can be difficult to sell “bad” gold on the world market. Just ask Ferdinand Marcos. Read the book “Gold Warriors” for fascinating history on this topic. Also, it is often impractical to melt gold down, and the actual units may carry all sorts of identifying markings. So gold also is not perfectly fungible, but I think could be considered higher on the scale than cash with a serial number.

Oil/corn/commodities

I’m not by any means an expert on these. But they seem to exhibit good “practical” fungibility. Perhaps not if one really gets into the details, but then nobody is trying to use them as money, so not all that interesting…

Bitcoin

Bitcoin utxo’s generally are attached to a long, publicly viewable transactaction history. A recipient of bitcoin funds can past transactions involving the funds and the balance(s) of the sender and past holders. There are some minor exceptions such as when using coinjoin, or also the way that fees get “re-forged” into new coins by a miner, but these are only the exception to the general rule.

Given the highly trackable nature, I would place bitcoin below gold, cash, and even oil/commodities (if they were used as a standalone currency).

Z-Cash

Z-Cash supports unlinkable transactions and hidden amounts. I would consider ZCash “z” utxos to be fully consistent with the above definition, to the best of my/our knowledge. Unfortunately, ZCash also supports transparent addresses that work like those of bitcoin and these are used by the vast majority of transactions including most (all?) tx to/from exchanges. So if we look at ZCash actual usage as a whole, we must conclude it is similar on the fungibility scale to bitcoin, perhaps one notch above.

Monero

Monero obfuscates the transaction history with ring signatures using (at present) 1 true input and 10 decoy inputs per transaction. It also hides amounts and enforces a unique recipient key/address per transaction. Looking at the public monero blockchain, the average person cannot reliably trace any transaction history for any monero transaction. It is as if each monero utxo is a dollar bill with no serial number.

Now, as with anything, the devil is in the details. It is true that decoy selection is a weak spot and thus a skilled statistician could likely detect some paths that are more probable than others. Work is in progress to make that much harder. And at a fundamental level, ring signatures do not provide true “unlinkability” in the way that ZCash z-tx or chaumian blind signatures do. So that is a tradeoff, and it cannot be said that monero offers perfect fungibility. However, every monero transaction benefits from the obfuscation features, and so in real world usage today, monero tx thus far appear to have a higher overall level of fungibility than bitcoin, zcash, and fiat cash – in my opinion.

I will certainly concede that OSPEAD is worrying and perfect unlinkability would be better if achievable.

Dash

I am not that familiar with Dash, so please correct if my knowledge is out of date, but my memory is that Dash uses optional coinjoin (assisted by masternodes) and that coinjoin tx are a relatively small percentage of the total number of Tx. Also, coinjoin does not hide amounts and is not perfectly unlinkable, but rather provides obfuscation (decoys) and plausible deniability, similar to ring signatures.

So overall then, my personal fungibility scale today would look something like:

1    NFTs, 
2
3
4    BTC
5    ZCash, Dash
6    Cash (USD)
7    Gold, Oil, Corn, Other precious metals
8    Monero
9    Cash without Serial #, PirateChain (or any ZEC clone without T addresses),
10   

note: I wouldn’t use PirateChain due to other problems unrelated to fungibility.

The above is merely my opinion that I share in case anyone finds it helpful. Feel free to disagree. you do you.

5 Likes

The definition that you use of fungibility is fine and correct. The issue I take with your position is that you selectively ignore parts of the definition in order to promote a false narrative about fungibility. How so? Look below:

we could say that dollar bills are NOT fungible because each one has a serial number that makes it distinguishable from every other unit.

You could NOT say that, even by a strict definition. In order to take this strict interpretation you would have to ignore a key word in your own definition and that is “essentially”. By saying something is “essentially interchangeable” the definition explicitly rejects strict interpretations such as yours.

In other words, because serial numbers have nothing to do with the function of currency, they do not represent an essential distinguishment. In other words, legally, you are NOT allowed to reject a USD for payment just because it has a serial number that you don’t like, or a different number than another bill. This is the meaning of the phrase “essentially interchangeable”, i.e. in essence the fundamental properties of each bill are the same.

So your strict interpretation of the definition is NOT correct. All intact USD are legally required to be accepted as payment for debts, goods and services regardless of their serial number thus they become legally fungible despite having a different marker which allows tracking and historical comparisons. This essentially completely destroys your position that UTXO coins “are not fungible because of the history”.

In essence, that’s completely irrelevant because every UTXO cryptocurrency is interchangeable with another of the same coin, so there can be NO LOSS OF FUNGIBILITY BY DEFINITION. This is the error in your position.

So even your “less strict view” completely misses the mark. Fungibility is NOT about acceptance, nor is it about “history”, it is strictly about interchangeability. If two equal units are interchangeable they MUST BY DEFINITION be fungible. Claiming anything else is inaccurate and misleading. You even admit that blacklists exist for dollars. … … … That is you admitting that the idea of blacklists for currencies are NOT a fungibility issue. Cryptocurrency blacklists are checked much less frequently than dollar black lists, as Russia finds out these days (their funds have been blacklisted by western powers).

There is no need for a “fungibility scale”, the only thing that is in question, imo, is whether or not the units are essentially interchangeable. Even with Russian funds being blacklisted and unable to be used, nobody in their right mind is claiming that the USD is not fungible because of it. Therefore, the same standard must be applied to cryptocurrencies as well or the definition of the word is violated. Such a violation is what I allege your position holds.

Your gold example continues to miss the point. Fungibility has nothing to do with blacklists or acceptance. It is about interchangeability only. If you can use a piece of gold the same as another piece of gold of equal weight and value, then it is by definition fungible. The definition that you cited has NO MENTION of blacklisting or denial of service for political reasons, therefore, it is disingenuous to claim that UTXO cryptocurrencies are less fungible than XMR for the same reasons.

Bitcoin

Your comments here are equally off the mark; Bitcoin and other UTXO cryptocurrencies are NO LESS FUNGIBLE because of the history. They were literally designed this way. The history is a feature, not a bug. And according to the definition you yourself cited there is NO loss of fungibility thereof. Furthermore, Coinjoin is not a “minor exception” and Bitcoins so mixed are not “highly trackable”. In fact, they are not trackable at all.

Coinjoined cryptocurrencies have no transaction history! See for yourself, attempt a coinjoin and look on the blockchain, there will be only a single address (the current one). That’s it. It is extremely disingenuous to pretend that this is “highly trackable” and a “minor exception” when your entire argument rests on the premise that a Bitcoin’s history makes it less fungible than gold and cash (which basically has the same history with serial numbers and manual tracking).

ZCash

Your use of language here is deceptive. There is nothing “unfortunate” about the use of transparent addresses, you are placing spin from the XMR community onto other cryptocurrencies because it is in your interests that uninformed third parties view your coin as “uniquely fungible”.

To do this not only do you ignore part of your own cited definition (i.e. "essentially interchangeable which all UTXO coins are), but you also use emotionally charged and incorrect language. No one in the ZCash, BTC, DASH or other UTXO communities feels that the transparency of their chains is “unfortunate.” That is spin from your community and it is dishonest to misrepresent that subjective opinion as fact.

Monero

Of course, the most egregious of the misinformation is in this section. Monero is VERY vulnerable to several different forms of transaction analysis and has been, by the admission of its developer community, since its inception in 2014.

Statistical heuristic analysis, various timing and side channel attacks, as well as a weak decoy selection algorithm being four major pain points that other cryptocurrencies with a UTXO model do not suffer from (ZEC excepted, they also suffered from two similar sidechannel attacks in 2019). This makes your claims even more disingenuous, because the purported solution that you’re offering is worse than the alternatives that you malgin!

If I’m correct, and please point out where if you think I am not, then my distaste for the XMR community and their proselytizing should be readily apparent. If you were to succeed, you would in essence be tricking individuals into using an INFERIOR privacy solution. There is NO solution to the above-cited OSPEAD attack. Also, timing analyses from 2018 were able to deanon 90% (!) of XMR transactions!

Monero Privacy Protections Aren’t as Strong as They Seem - The Dark Web’s Favorite Currency Is Less Untraceable Than It Seems

The researchers also found a second problem in Monero’s untraceability system tied to the timing of transactions. In any mix of one real coin and a set of fake coins bundled up in a transaction, the real one is very likely to have been the most recent coin to have moved prior to that transaction.
Before a recent change from Monero’s developers, that timing analysis correctly identified the real coin more than 90 percent of the time, virtually nullifying Monero’s privacy safeguards.
After that change to how Monero chooses its mixins, that trick now can spot the real coin just 45 percent of the time—but still narrows down the real coin to about two possibilities, far fewer than most Monero users would like.

These analyses while eventually mitigated to a degree, still exist as viable modalities of attack for XMR. What’s more, in response to the allegations:

On the issue of identifying coins based on analyzing the timing of transactions, however, [Riccardo] Spagni [Monero core developer and spokeperson] admits there’s no simple solution. “There are steps we can take to continue to improve the sampling, but the reality is that this isn’t a solvable problem by just pecking away at it,” he says.
We need to have a better scheme that allows us to sample a much bigger set [of coins].” But he also notes that the larger the set of decoy coins in every transaction, the more storage Monero requires on users’ computers and the longer its transactions take. “We’re trying to find the balance,” he says.
All of which means Monero may continue to leak small amounts of information that could be used to point to likely spenders—even if not providing a smoking gun. Even so, the researchers warn that small information leaks can build up over time, and can be combined with other data sources to provide that more concrete evidence.

This not only prevents XMR from being an acceptable privacy solution, but exposes the hypocrisy of your position vis a vis fungibility, as obviously being able to trace transactions would break your (incorrect) version of fungibility. This is an egregious oversight that forms the basis of my displeasure with your community and the narrative you’re crafting.

DASH

Further you incorrectly imply that DASH’s coinjoin is not effective, in complete contravention to the research on coinjoin. DASH’s coinjoin is the MOST EFFECTIVE form of coinjoin.

Relying on masternodes, which total over 4,000 in number (ZEC only has 330 full nodes, XMR around 1500, BCH has 1600 for comparison), which are full nodes that routinely (every day) prove both ownership over 1000 DASH as well as service to the network (i.e. instant transaction locking, selecting coinjoin participants, storing the block chain etc. etc.) removes both trust in malicious third parties (like previous coinjoin implementations that rely on a single central server, like Bitcoin Cash’s CashShuffle implementation does), as well as removing possibility of user error.

A single button click allows a user to indicate they wish to coinjoin, join a round as well as participate in a preselected amount of rounds (up to 16) at low cost (DASH transaction fees are less than 1 c, again thanks to the masternodes).

Other coinjoin implementations are expensive, slow, lack liquidity (due to not having dedicated infrastructure like DASH does), many are trustful (requiring custody of funds unlike DASH where you never lose custody of your funds) amid other problems that come from relying on volunteer efforts and third parties.

Finally, the information you provide is also incorrect vis a vis Coinjoin functionality. DASH’s Coinjoin does hide amounts and is perfectly unlinkable. DASH doesn’t just coinjoin the amount in your wallet, it breaks up each value to be coinjoined into separate denominations of 10, 1, .1, .01, and .001 DASH.

So if you want to coinjoin 6.5 DASH from a single address, for example, you will get back 6 addresses containing 1 DASH each and 5 addresses containing .1 DASH each, which effectively completely hides the total balance because UTXO blockchains have no linkages between addresses that aren’t historically tied together. Every coinjoined address is created newly, so you basically recieve 11 new addresses with ZERO history (check the blockchain to verify) which hides both the balance amount as well as the history of funds.

Furthermore, the anonymity set size for a coinjoin transactions is (3-5)^number of rounds. its 3-5 because the wallet will randomly select between 3 to 5 total participants. The default number of rounds is 2, but you can select up to 16 in the wallet. So a 16 round coinjoin provides an anonymity set size of 3^16 = 43,046,721 different possible linkages.

This is for all intents and purposes IMPOSSIBLE TO TRACE, and provides DASH the ability to " sample a much bigger set [of coins]" that the Monero core developer cited as a wanted feature above. XMR by comparison has a ring size of only 11, which means that your transaction is included with 10 other decoy transactions, giving an anonymity set size of 11. This is several orders of magnitude LESS than a DASH coinjoin session and this fact alone makes your interpretation of the “fungibility scale” extremely suspect.

Finally, you state that “coinjoin tx are a relatively small percentage of the total number of Tx”. This again is a misleading argument. As cited above, when you mix any amount of DASH, you only have to do it once. So for example if you mix 350 DASH (roughly $37,000), you’re going to have roughly 16 transactions at 16 rounds.

But at the end, you’re going to have $37,000 of mixed DASH, which means that when you spend from that amount, you don’t have to mix any of it again. You can generate for example 1000 transactions of $37 from that amount and still have only performed 16 total mixing transactions.

And because DASH separates the act of mixing DASH and sending that DASH, DASH breaks the link between mixing funds and spending them, which automatically prevents the very same timing analyses that broke XMR’s privacy that I cited above. XMR was vulnerable because every XMR transaction is a mixing event which artificially links the two together and makes the coin vulnerable to timing analyses and statistical heuristic attacks.

I.e. you can mix 10 DASH today and not spend it until next year. Or spend small amounts over time. There is no way to link a DASH spending event with a DASH mixing event, which not only breaks the transaction graph on the blockchain but obviates all forms of timing analysis. This fact is what underpins my contention that DASH’s coinjoin is the best form of privacy.

So DASH is just more efficient than XMR is, which creates the decoys and “mixes” every single transaction you make with them, causing blockchain bloat. So its misleading to use the “low number of coinjoin transactions” as a painpoint, that’s a feature not a bug. You only have to mix once in DASH which dramatically lowers the total number of coinjoin transactions necessary. But that doesn’t mean coinjoin isn’t used.

That $37,000 will be mixed FOREVER. You don’t need to mix it more than that. But XMR would require you to “mix” every time you send a transaction. Which artificially pads both the number of mixing transactions as well as blockchain bloat. This is part of the reason that XMR’s blockchain is much larger than DASH’s at over 120 GB (DASH’s is only 34 GB).

In general, there is no such thing as a “fungibility scale” because fungibility is a binary. You’re either fungible with other units or you’re not. A torn dollar is NOT fungible because it is not legally considered to be a dollar. But every intact dollar is fungible with other dollars of equal value. It is the same with UTXO cryptocurrencies. And with that, I conclude my comments in regards to fungibility and the current best-in-class of the cryptocurrency space. I welcome all criticism and dissent from my position.

@Kagetoki I find your arguments overly aggressive to the point of bordering on personal attacks, for instance using words like “deceptive” regarding my post.

If you wish to debate the monero community about fungibility or merits of dash vs monero, I suggest you engage with them on their platform(s).

You seem quite interested in claiming “victory” in this “debate” that you’ve unilaterally started out of thin air. So let me make this easy for you. I bow out of further discussion with you on this topic. You can have your “victory” and proclaim it far and wide since you appear to equate people ignoring you, with you winning the “debate” that no one else agreed to participate in.

You are clearly passionate about fungibility, which is something I generally applaud. The world needs more people that care. If you have valid points and can tone down the aggression, perhaps you can improve the community’s understanding and effect some positive change for the SafeCoin design.

For myself, I just want the people of the world to have ready access to the most private and fungible cryptocurrency that humans can devise, whatever form that ultimately takes. I think it is great that multiple approaches are being tried (including Dash) that can compete together in the market, and hopefully in the end the market chooses wisely.

10 Likes

I find your arguments overly aggressive to the point of bordering on personal attacks, for instance using words like “deceptive” regarding my post.

I can understand that and I apologize if there has been any offense, it is not intended. However, I cannot find any other possible explanation for why the information you present is so far off from the truth (which I have cited). Would you care to offer an explanation for the discrepancy?

If you wish to debate the monero community about fungibility or merits of dash vs monero, I suggest you engage with them on their platform(s).

Again you seek to move the discussion. I’m not arguing in favor of DASH, indeed my first post was a quote from the ZEC community, I’m elucidating the current state of the market in order to argue against the decidedly pro XMR stance that you are pushing here, in contravention to the facts. I’ve read your posts through the other thread and there is a decidedly pro XMR angle to your arguments, even though the facts as I laid out above clearly speak against that. Do you disagree with this assessment? I can quote you if you’d like.

You seem quite interested in claiming “victory” in this “debate” that you’ve unilaterally started out of thin air.

How can you claim I started this debate? I didn’t author either thread that I’m replying to. This is what I mean by dishonesty, you are placing the burden for this debate on me when you started the other thread and have spent the greater part of the last year pushing a decidedly onesided, pro-XMR stance.

While you also malign other options like DASH. Certainly DASH has its issues, but your characterization above was just completely inaccurate. Perhaps I was wrong to attribute malice to that behavior, but you have not provided any other explanation either.

Even though XMR is lackluster in the privacy realm as I proved above. If you truly care about fungibility and best-in-class privacy options, why did you trash every option but XMR which is the worst option as I showed above? You even said you don’t know much about DASH, but your arguments still go out of their way to paint it in the most unflattering light possible. Certainly you can forgive me for including that in the reasons that make it seem as if you have a bias towards XMR, which you also unflinchingly supported with your arguments?

So let me make this easy for you. I bow out of further discussion with you on this topic. You can have your “victory” and proclaim it far and wide since you appear to equate people ignoring you, with you winning the “debate” that no one else agreed to participate in.

Thank you for conceding the discussion to me! I will accept this as your admission of defeat in this debate and I hope that this will be followed up by a change in your demeanor vis a vis fungibility (i.e. I hope that your admission here isn’t disingenuous in an attempt to avoid responding to my claims above).

To respond to you, you should know that “ignoring someone” is not a valid form of debate. You started the topic on Fungibility fun, forced my posts to be moved here, and now claim that you’re going to ignore me in response to my well-thought out and carefully researched rebuttal. Clearly, “ignoring me” after all that is rather malevolent and underhanded in a formal debate. But I won’t press the issue as you seem to take offense to any kind of response that doesn’t agree with you and shower you with likes.

If you have valid points and can tone down the aggression,

I don’t think its fair at all to characterize any of my posts in either thread as “aggression” and I consider doing so just because I disagree with you or because the conclusions of my research hurt your feelings to be dishonest. That’s just my opinion of course, but I haven’t called you names, or attacked you personally. I have attacked your arguments, however, this is what it means to debate and I’m sorry if the kitchen is too hot for you.

For myself, I just want the people of the world to have ready access to the most private and fungible cryptocurrency that humans can devise, whatever form that ultimately takes.

I can definitely agree with this! Which is why I take so much umbrage at your stated support for XMR. XMR is probably the worst privacy option for the reasons I cited above, so as someone who wholeheartedly agrees with the above statement, I can’t understand why you would support a coin as terrible and unfit for purpose as XMR. I wish you would support your decision with reason, evidence and rationale, but that may be a bridge too far at this point.

Thanks again for your perspective and the discussion.

Cheers!

I will say that your cash examples are not 1:1 equivalents of what is being discussed with the fungibility of bitcoin. Two points.

  1. USD is not inherently trackable, even with their serial numbers. It could pass through hundreds or thousands of hands before it makes it back anywhere that actually cares enough to even check the serial numbers. This makes it essentially indistinguishable, as you put it. If we had an automated system at cash registers that read the serial numbers, check it against a blacklist, and then accept/reject said bill, it isn’t essentially fungible anymore, is it not? That brings me to:

  2. Blacklisting has to be considered when talking about fungibility. Even if going the route of coinjoin, every coinjoin creation of a “new” coin could be blacklisted if exchanges wanted to. Sure, your Jim and Joe on the street could just do wallet to wallet transactions, but blacklisting it across all major exchanges is essentially making it non-fungible, is it not? It would be inevitable a black market would arise where these blacklisted tokens would begin to carry their own value separate from the major exchange value of non blacklisted bitcoin, as they are no longer as readily usable.

3 Likes

Hi, thanks for the reply.

  1. Firstly, check this website - Trackdollar.com. The opening paragraph says clearly: “if you want to know where your money has been, or where it will go next,
    all you need to do is enter denomination, series and serial number of your dollar bill.
    If you register , you will be notified by email if your bill have been entered again into the system.”
    Also see, Fun With Money: How To Track Your Dollar Bills And I quote: “It’s FREE. It’s FUN. And it’s truly AMAZING when you realize how far your money has traveled… and how quickly!
    There are a handful of websites that track U.S. currency by serial number, so you can follow your money as it travels from store to store, city to city, and state to state.
    This one-of-a-kind interactive project has been called The Great American Dollar Bill Locater, because it makes it possible to track U.S. paper currency all across the country… and beyond!” So it should quite clear to you by now that your first point is completely incorrect, USD is inherently trackable by its nature. This is due to series and serial numbers, just like cryptocurrencies are trackable by addresses. It doesn’t have to be tracked, but it just as likely might be and in the same way that UTXO cryptocurrencies are.

  2. Since your first point is incorrect, your second point that is based off of it must also be so. But frankly speaking, USD is already essentially indistinguishable regardless of serial number or tracking. You are repeating the false and disproven-above notion that being able to track bills somehow removes their fungibility.
    Or that being unable to track them historically, gives them the property of indistinguishability. As shown above, this notion is completely false. Just because you can differentiate bills doesn’t mean that they’re not essentially indistinguishable. Serial numbers do not play into the idea of fungibility because bills are not allowed to be discriminated by them.
    You cannot reject a USD for services rendered because of the serial number. This has NOTHING TO DO with whether or not you can track them. We already do have the system you described. The US government can do EXACTLY as you described with USD. This is completely unrelated to the discussion of fungibility. You have merely reinforced my point above.

  3. Blacklisting has nothing to do with fungibility. It doesn’t matter how many times you repeat yourself, or how many times you make me repeat myself. The definition of fungibility has nothing to do with blacklisting.
    Currencies and bills are blacklisted in various ways all the time and you are being dishonest by ignoring this fact in order to push the idea that blacklisting results in a loss of fungibility. Laundromats do not accept dollar bills.
    That does NOT mean USD is not fungible! Fungibility is a property of the units of the currency, it is an intrinsic property, nothing extrinsic to that can change it.

  4. Again you list the idea that coinjoin could be blacklisted. Firstly, coinjoins are not “new”. They are new.
    Every coinjoined coin has a brand new address in both theory and practice. UTXO cryptocurrencies can generate addresses on the fly from an address space which is larger than the total number of grains of sand from all the world’s beaches put together. So there is no justification in putting the word “new” in quotations as you do.
    The coins reside in completely new addresses with no transaction history. It is important to get the details right which is why I’m hammering this point home.
    Secondly, if you can blacklist coinjoined coins, guess what? You can simply also just completely blacklist XMR, so you haven’t said or won anything by pointing that out. And coinjoined coins can get around the blacklist by being sent one hop to another address.

  5. " but blacklisting it across all major exchanges is essentially making it non-fungible, is it not?" NO! That is the whole point of this discussion. Blacklisting across exchanges does not affect the fungibility of a cryptocurrency AT ALL.
    Please do not take offense, but this notion is completely preposterous! Its like saying that height requiremenst for a roller coaster makes you shorter or something equally illogical. FUNGIBILITY IS A PROPERTY OF THE CURRENCY UNITS THEMSELVES, THIS CANNOT BE CHANGED BY OUTSIDE ACTORS. I do not know how many different ways I can say this before it lands home.
    YOU CANNOT CHANGE A CURRENCY UNIT’S FUNGIBILITY BY NOT ACCEPTING IT! You can only change a currency units fungibility by changing the currency unit itself (cutting a dollar in half for example). The idea that you can “decide which currency is fungible by not accepting it” is COMPLETELY INCORRECT! If you doubt me, refer again to the definition of fungibility. It makes NO MENTION of “markets equally accepting the currency unit”.

  6. “as they are no longer as readily usable.” Once again, this has NOTHING to do with fungibility. Fungibility is an INTRINSIC PROPERTY of the currency unit ITSELF. If you do not change that unit YOU CANNOT CHANGE ITS FUNGIBILITY. It doesn’t matter if you don’t accept it, the owner of the unit can just USE IT SOMEWHERE ELSE. If it can be equally exchange for another unit of the same currency BY DEFINITION IT IS FUNGIBLE.

Thanks for reading!

You said all this and completely ignored my point. Blacklisting would almost certainly result in a black or gray market that pops up for these blacklisted tokens. These tokens would almost certainly have different valuations based on their tradability (or lack thereof) in the wider market. Therefore, they are not indistinguishable and not fungible. As someone else said, you are stuck on a strict definition instead of living in reality. If BTC A is not tradeable on the majority of the world market, but BTC B is, why would you ever trade B for A 1:1?

2 Likes

I did not ignore your point at all. I recommend you carefully reread my reply as I directly responded to everything you said, and disproved the notions in your first reply to me. Black or gray markets are BESIDES THE POINT. You are not talking about fungibility.

Even if NOBODY accepted USD anywhere in the world, that still wouldn’t remove their fungibility. The vast majority of the world’s currencies are completely worthless and not accepted anywhere outside the country they’re issued in! Despite this obvious fact, nobody in their right or even not-right mind contends that “they’re not fungible because of it.”

Such a notion is preposterous and would get you laughed out of any serious economic forum for lack of understanding! Fungibility is not something you impart to currency units, it is an intrinsic property of them. Blacklisting and black markets have nothing to do with the discussion!

You are assuming that by rejecting the acceptance of a dollar bill, a different dollar bill would have a different value? Why are you making this assumption? This is incorrect. The reality is that fungibility is a property of currency units which is an intrinsic quality. Whether or not someone accepts those units is an extrinsic property and has NOTHING TO DO WITH THIS DISCUSSION. You are ignoring this point because your idea of fungibility is not correct and clashes with the reality of markets and money.

If the majority of the world doesn’t trade BTC A, then the market will quickly correct the value of BTC B, because BTC A and BTC B are fungible! This is what it means to be fungible. And anyway, the idea that not accepting BTC A somehow changes its value is ALSO incorrect. Markets are not centralized and your lack of acceptance of a particular BTC will not affect the value of it.

It is accurate. Also, fyi backseat moderation is a violation of the forum guidelines.

You misunderstand. The other thread follows a specific etiquette, which you don’t seem to understand. This thread is the preferred one for having the discussions you are interested in. My suggestion was that you could start another if this thread doesn’t satisfy you.

1 Like

It is accurate.

No, its not. You would need to provide the actual post I made that was off-topic for it to be so. You have not done that, presumably because you cannot. Which indicates that you are playing favorites, which is also against the rules, fyi.

fyi backseat moderation is a violation of the forum guidelines.

I do not have any moderator abilities, how could I be in violation of this rule?

You misunderstand. The other thread follows a specific etiquette, which you don’t seem to understand.

I don’t think so. As a moderator if you’re going to cite me with violations, you should probably actually cite the violation. I’ve requested at least 3 times now which post of mine was off-topic. You have not replied with the evidence. How can you moderate my posts without doing that?

I followed the etiquette of that thread to the letter. I provided an outside source and limited my discussion to that external link. The other members engaged me in discussion and I responded. You are being heavy-handed and violating the objectivity that your position requires by citing me for an offense that they committed.

You also completely ignored the same violations committed by yourself, the OP and others for months in that thread in another evidentiary display of favoritism. Why should I be subject to your selective interpretation of the rules? If you don’t enforce the rules for everyone then they shouldn’t apply to anyone.

It is completely unfair for you to attack me this way just because I defeated your friend in argument. This is called gaslighting and railroading, where you selectively enforce the rules on people you don’t like spitefully. This is not becoming of a forum moderator for a community that seeks to develop censorship-free, decentralized networks and software. Again, if I’m incorrect, please point out where it is so.

My suggestion was that you could start another if this thread doesn’t satisfy you.

Why would I start another thread to respond to people that replied to my contribution to the discussion which followed the etiquette of the thread to the letter? You are not making any sense and are providing fuel for the accusation that you are merely protecting the ego of your friends, which is an abuse of your moderator powers.

This is where you started to go off the rails.

I’ll be moving all of the discussion from that point onward over to this thread shortly.

2 Likes

How is that going off the rails? Again I was RESPONDING to someone who responded to my post which was completely in line with the “etiquette of the thread”. You’re basically saying that I should’ve “started a new thread to reply to those guys”, which is not how it works anywhere else on the internet. It is also completely unfair for you to cite ME with being off-topic when I was responding to someone else. Also, what about that post is off-topic?

Finally, why do you think its appropriate for you to dodge my questions vis a vis moderation action? Unless I’m mistaken I have a right to know why you’re moderating my posts, ignoring my requests for explicit clarity is abusive behavior and is also against the rules.

I can’t even apologize for bad behavior because you’re not telling me what I did wrong. This is completely unfair and unbecoming and you surprise and disappoint me with your negative and secretive actions. Good thing there won’t be any moderators on the SafeNetwork, huh?

The entire post is about fungibility and the various solutions provided. There is nothing in that post that is off-topic, you are now reaching. Perhaps it would be better for you to openly state why you dislike me, instead of going on fishing expeditions to retroactively justify your malice.

I’ll be moving all of the discussion from that point onward over to this thread shortly.

You can do what you like if it makes you feel better. Just know that it won’t change anything, however. Being punitive like that is akin to a child kicking over the pram just because its nap time. It will still be nap time.

Thanks for reading.