Ξ welcome to cryptostorm's member forums ~ you don't have to be a cryptostorm member to post here Ξ
∞ take a peek at our legendary cryptostorm_is twitter feed if you're into that kind of thing ∞
Ξ we're rolling out voodoo network security across cryptostorm - big things happening, indeed! Ξ
Ξ any OpenVPN configs found on the forum are likely outdated. For the latest, visit GitHub Ξ
Ξ We've updated our CA certificate. All members need to be using the latest ones by Dec 22. See this page for more infoΞ

THEORY: Network Tokens as a currency

This subforum is both a place to find & discuss independent cryptostorm token resellers, as well as to discuss cryptocoin related topics such as buying bitcoins, altcoins such as darkcoins and dogecoins, "tumbling" coins, theoretical/mathematical topics, etc.
User avatar

Topic Author
DesuStrike
ForumHelper
Posts: 345
Joined: Thu Oct 24, 2013 2:37 pm

THEORY: Network Tokens as a currency

Postby DesuStrike » Wed Nov 06, 2013 10:21 pm

I hope I don't repeat something I already read here on the forums but I honestly can't remember everything because it is so much. :oops:

Am I the only one who can imagine NTs to become some kind of currency itself in a world where a VPN becomes mandatory for every sane human being using the internet?

The worth would be determined by the overall marked value of NTs. Actually not any different from how currencies are traded nowadays. (Oh oh! cryptostorm_team then would be like the evil world bank because it can mint new tokens as they seem fit! :P )

e.g.
Instead of selling your old PC equipment on eBay you could just trade it for a bunch of NTs. Depending on how the transaction is made it could be also totally anonymous.


PS: I got the idea after reading what naegol posted.


What does the community think? Am I crazy or does that sound possible?
home is where the artillery hits


Lignus
Posts: 33
Joined: Sat Nov 02, 2013 1:26 am

Re: THEORY: Network Tokens as a currency

Postby Lignus » Thu Nov 07, 2013 8:09 am

Wouldn't work. No way to validate token without using it, therefore starting the countdown. Besides, with central issue and validation, you face inflationary risks on the part of the issuing authority.

Recommended reading to help understand currency, money, banking, etc. (Yes, I'm an Austrian):

whathasgovernmentdone.pdf
(273.79 KiB) Downloaded 568 times

User avatar

Pattern_Juggled
Posts: 1492
Joined: Sun Dec 16, 2012 6:34 am
Contact:

Re: THEORY: Network Tokens as a currency

Postby Pattern_Juggled » Thu Nov 07, 2013 3:32 pm

Lignus wrote:Wouldn't work. No way to validate token without using it, therefore starting the countdown. Besides, with central issue and validation, you face inflationary risks on the part of the issuing authority.


You're absolutely right as it currently stands. But...

We're in process of building a token-validator tool so folks can check tokens to confirm they're legit, and what their expiry date/duration is. This is necessary both to confirm resellers are selling good tokens, and for members to know if their token is expired or almost expired.

(down the line, probably 1.1 version, the network access widget will display the token's status during network connection)

Tokens will be able to be, in other words, independently verified. We'll wrap this in a little SOAP-y API, I'm quite sure, as soon as someone's got time to document it properly.

Down the line it's very much the intention of the team to deploy a blockchain-style version of the token "database" so it can be publicly verified/authenticated in a peer-to-peer format. This also increases the resilience of the entire cryptostorm network, as exitnodes will be able to fallback to checking the "stormchain" version of the token "database" to validate network sessions. So, even if the entire internal mongoDB-based authentication infrastructure were to somehow vanish, exitnodes could still accept network connections. Resiliency is good.

There's still some theoretical work to do on this, as the question of adding new tokens into the "stormchain" is an open one. Since most of this theoretical work falls on my shoulders to draft, first version anyhow, due to my odd mix of academic credentials, I'm unfortunately the bottleneck in getting this fleshed-out enough to present for public review and development.

Also, it's possible to generate tokens that have other attributes in addition to the ones we've used for darknet authentication: since the entire thing is noSQL-based, there's nothing that pre-defines the data model. Just add a "column" and off you go. Thus, as need dictates, there could be non-expiring tokens, tokens of various classes, etc. It's an intrinsically, open-ended model which is intended to support not only what we're doing with it, but additional specific use-case scenarios.

Having done much of the theoretical work on tokens, I can say that it's not been the intention for them to be a generalised currency and we've not deployed the sorts of cryptographic components necessary to support that kind of use-case model in the token architecture. However, for small-ish, limited-value transactional work - particularly when it comes to privacy-centric, subscription-style auth needs, my hope is that the token auth model might help to generate additional uses for the model. (for example, the still-stealth 'cleanphone project' is token-based from top to bottom and the design of the token architecture was done in no small part in order to facilitate cleanphone needs, down the road...)

Above all else, making tokens portable and identity-independent (not tied to a specific person) serves the function (in a classical structural-functionalist perspective, for fans of old-school Malinowski-style social analytics :-P ) of improving the security of network members. Put another way: the more decoupled tokens are from purchase by a specific person with a specific financial instrument, the more secure all cryptostorm network members are, ceteris paribus. This is functionally analagous to the increased per-user security Tor users gain from broader usage of Tor overall (by stochastically hardening the network at a macro level against traffic-analysis-based attacks).

There's some really interesting second-order consequences of how we've deployed tokens in our production model that we've not yet published (just lack of staff time to write them up, not some decision to retain secrecy). In particular, the use of hashing functions to decouple token minting from network authentication is, if I may say so myself, something about which we're all quite proud.

More to come...
...just a scatterbrained network topologist & crypto systems architect……… ҉҉҉

    ✨ ✨ ✨
pj@ðëëþ.bekeybase pgpmit pgpðørkßöt-on-consolegit 'er github
bitmessage:
BM-NBBqTcefbdgjCyQpAKFGKw9udBZzDr7f

User avatar

Topic Author
DesuStrike
ForumHelper
Posts: 345
Joined: Thu Oct 24, 2013 2:37 pm

Re: THEORY: Network Tokens as a currency

Postby DesuStrike » Thu Nov 07, 2013 6:40 pm

This is the second time I ask a kinda trivial question and you guys go forward and blow my mind with your reply. I'm defenitely looking forward to how this blockchain-styled "Token-History" will look like and how it will work in practice.

What I also understand is that even though Tokens may never work as a currency in the original sense of the term, it very well is a good idea to exchange them as much as possible (prefferedly offline) for something so in the end it is absolutely impossible to reproduce the path back to where those Tokens have been bought orginally.
home is where the artillery hits


cryptostorm_ops
ForumHelper
Posts: 104
Joined: Wed Jan 16, 2013 9:20 pm
Contact:

two words...

Postby cryptostorm_ops » Thu Nov 07, 2013 9:20 pm

DesuStrike wrote:What I also understand is that even though Tokens may never work as a currency in the original sense of the term, it very well is a good idea to exchange them as much as possible (prefferedly offline) for something so in the end it is absolutely impossible to reproduce the path back to where those Tokens have been bought orginally.


two words: token tumbler

...'nuff said.

    ~ cryptostorm_ops


Rider
Posts: 97
Joined: Tue Jan 01, 2013 11:21 pm
Contact:

Re: THEORY: Network Tokens as a currency

Postby Rider » Fri Nov 08, 2013 6:15 am

DesuStrike wrote:This is the second time I ask a kinda trivial question and you guys go forward and blow my mind with your reply.


CryptoStorm is an intelligent team who blows my mind away too. Simply because of the way they explain and their knowledge on the subject. Hell, you ask em anything and they will know and if though they say they don't, they still gave away the answer.

It takes me few reads of their response before I understand (Ye, I am a noob :p).

User avatar

parityboy
Site Admin
Posts: 1220
Joined: Wed Feb 05, 2014 3:47 am

Re: THEORY: Network Tokens as a currency

Postby parityboy » Sat Feb 08, 2014 11:50 pm

@PJ

One thing that caught my eye is the term "minting". Are they minted in the BitCoin fashion (as in there is a relatively low and finite supply), or is it in the fashion of a credit card number (i.e. "simply" mathematically valid)?

User avatar

Pattern_Juggled
Posts: 1492
Joined: Sun Dec 16, 2012 6:34 am
Contact:

Re: THEORY: Network Tokens as a currency

Postby Pattern_Juggled » Mon Feb 10, 2014 3:36 pm

parityboy wrote:One thing that caught my eye is the term "minting". Are they minted in the BitCoin fashion (as in there is a relatively low and finite supply), or is it in the fashion of a credit card number (i.e. "simply" mathematically valid)?


Both, and neither. And this is really more Graze's expertise, but I'll give a shot as I know he's heads-down in some Mongo work currently.

The goal of token minting is to ensure it's expensive to spawn "valid" tokens, which is to say tokens that collide with previously-minted tokens. So if the pool of possible tokens was fairly small, a brute-force attack would be likely to result in valid tokens being generated - and that would mean a network member couldn't access the network because their token showed as "in use" via the collided version already being authenticated to the network at any given point in time.

However, there's no formal difficulty component to this process as is the case with BTC. Graze does have a clever token minting codebase that mixes in several layers of stochasticity (he'd likely say "randomness," and I'd likely object to the use of the world and insist on PRNG). Thus "replay attacks" against the algorithm become infeasible. I wonder if it might not be possible to publish that algorithm - since it's not, by definition, its "secret" nature that makes brute-forcing tokens infeasible. Indeed, to publish brings a wider set of critiques to bear and any flaws in the algorithm could be exposed preemptively. But in the end it's mostly his judgement call, as he'd be responsible for cleaning up the code for publication (as anyone who has produced 'private' code knows, there's usually some work to do before it can be exposed to public review - adding/removing comments, cleaning up spaghetti, etc.).

Finally, there's no embedded logic in the tokens themselves. We discussed that, early on - it was an ideal I found attractive, in particular. But in terms of implementation, it didn't prove a robust idea and it was scrapped (much bigger issues wrt reverse-engineering such an algorithm, obviously). So tokens are, in a sense, "pure entropy." Not formally, but colloquially. There's no "content" in them. The expiry date isn't embedded, nor is any other (intended) pattern. So that's divergent from the credticard-number generation algorithms, for example. Someone seeking to "reverse" the token generation process isn't going to be able to use embedded structure to do so.

That said, we've not run formal statistical tests on the generated tokens to ensure "random" metrics are met - that'd be interesting to do, but isn't mission critical in terms of member support, and thus is more of a wishlist item than something that's on the formal project management queue presently.
...just a scatterbrained network topologist & crypto systems architect……… ҉҉҉

    ✨ ✨ ✨
pj@ðëëþ.bekeybase pgpmit pgpðørkßöt-on-consolegit 'er github
bitmessage:
BM-NBBqTcefbdgjCyQpAKFGKw9udBZzDr7f

User avatar

parityboy
Site Admin
Posts: 1220
Joined: Wed Feb 05, 2014 3:47 am

Re: THEORY: Network Tokens as a currency

Postby parityboy » Mon Feb 10, 2014 6:20 pm

@PJ

Thanks for the reply. I agree, embedding logic in them would (or perhaps might) be a bad idea; your authentication platform uses the SHA hash of the token in order to validate access, so obviously you either

a) have the tokens on file along with the expiry date, and perform a SHA hash to see if the submitted hash is valid, or
b) only have the SHA hash on file in the auth database, along with the expiry date, and dump the minted token(s) once
they've been sold and/or activated.

I suspect the latter, since it would increase the level of decoupling between your network and the token minter/reseller, especially if the minter/reseller is a third party.

User avatar

ABISprotocol
Posts: 36
Joined: Fri Feb 14, 2014 6:53 am

Re: THEORY: Network Tokens as a currency

Postby ABISprotocol » Tue Apr 01, 2014 8:55 am

It is interesting to contemplate here how these tokens, or something like them, could be exchanged in decentralized, peer to peer systems.

Some possibly related reflections:

https://github.com/goshakkk/decentraliz ... ce-concept (a concept)
http://www.mastercoin.org/ (fairly new, but having been worked on for a while, under development, interesting ideas)
http://chromawallet.com/ (in preview mode, alpha (can not yet be used directly for p2p trade outside of testnet / test environments, makes reference in page to "issu(ing) securities/tokens of any kind," etc.)
ABISprotocol ~ https://keybase.io/odinn
PGP 0x6c70abf8a7486f02
http://abis.io


Return to “independent cryptostorm token resellers, & tokens 101”

Who is online

Users browsing this forum: No registered users and 5 guests

Login