@harryhalpin at the most recent meeting, the @ZcashGrants Committee voted to approve the revised proposal for $150,000 and has requested that you provide updates per milestone via the forum in this thread. This approval is contingent on your team making those changes on the Submittable platform and the elaboration of your milestones specifics.
12 Likes
Below are the links for the revised proposal that ZCG approved for $150,000. This ensures that all relevant information is consolidated in this thread for easy reference.
6 Likes
The ZingoLabs team is thrilled to announce completion of a basic Proof Concept Implementation of sending Zcash Transactions over Nym. We owe thanks to @zooko and @harryhalpin for explaining the problem space and setting us off in the right direction!
TL;DR:
This POC is code complete, and has been manually tested and independently verified (aka sanity tested) by two separate parties in disparate environments.
Iāve been asked to provide a quick explanation of why users must care about network privacy.
Isnāt Zcash private already?
The answer is Yes! Zcash uses Zero Knowledge Cryptography to provide state of the art privacy on the Zcash blockchain. No one outside of the sender and recipient can learn anything about the details of your financial transactions.
Nym integration builds on the protection offered by Zcash.
Nym uses a state of the art Mixnet to prevent surveillance from detecting that a user has communicated with the blockchain at all.
That is, Nym protects your data on its way to the blockchain, Zcash protects your data on the chain.
To reiterate, this POC is EXPERIMENTAL CODE. It will only work for a use willing to clone and build the source code for themselves, and has not yet been thoroughly test, audited, or packaged in any way.
Buyer Beware: GitHub - idky137/zingo-proxy at nym_integration
11 Likes
A kind of double armor or double protection?
Well, your activity becomes invisible in different places.
On the Blockchain:
Zcash stuffs your money into an envelope that can only be opened by the person you are sending it to.
On the Network
Nym sends a continuous stream of completely identical envelopes to the post-office.
So, if you use Zcash over Nym then the Zcash envelope, that only the recipient can open, is mixed in with many, many, many other envelopes that look the same.
So if thereās a bad guy, at the post-office, he wonāt even know that youāre using Zcash.
Of course, even if he did, he couldnāt open the envelope.
7 Likes
Excellent explanation - thank you!
1 Like
Simple and easy explanation to understand how Nym and Zcash work together. Thanks!
2 Likes
Hi Harry, I have a few questions for you if your please.
Would converting grpc streaming to http proxy incur any kind of performance / feature penalty?
Is Nym going to add latency to the traffic to synchronize between packets in the mixnet?
Finally, do users need to have NYM tokens to pay for the service?
Thanks,
āh
2 Likes
Excellent explanation! Thank you very much!
Hi @hanh, thanks for your questions!
Weāre starting with sending transactions over Nym.
This is a critical use-case, and plausibly protects against some of the most damaging attacks.
We donāt believe that streaming efficiency is relevant to UX in this case.
Per your question regarding the cost of usage, Nym is currently free-to-users. I believe operations costs are covered by NymTech budget and token sales on an open global market.
This is in contrast to the Tor model where the cost of network operation is free-to-users, and the cost of operation is subsidized by the US government including elements of its military and intelligence agencies.
Per the critical question of User Experience our UI will make any costs incurred by the User for its use:
(a) clear
(b) opt-in
This means that a User will be able to opt-out of Nym in the case that they donāt wish to pay for security.
For streaming services we might consider tunneling data over Tor.
5 Likes
Do you have a reference for that?
how will this look like in the future? doesnāt sound like a great business model if the user doesnāt have to pay for the service?
btw, i am excited about the NYM integration
Users do have to pay for Nym-network security, if they want that service. Theyāll always be able to use Zingo without that service/security.
2 Likes
Youāre asking me for a reference demonstrating that US intelligence agencies are invested in TOR infrastructure?
Yes. This is a pretty serious accusation, it would be nice to have some proof. By the same argument, you can say that crypto is NSA.
Proof?
Well you can see the below links that I offer for convenience after 5 minutes of wikipedia search. Itās possible that the US Intelligence Community has divested interests in TOR since 2012ā¦ so I agree that I need to qualify my assertion that the IC does run TOR infrastructure with a more nuanced:
almost certainly
since I donāt have first hand experience.
Hereās a wikipedia article concerning the original raison dāetre for TOR:
āprotecting American intelligence communications onlineā:
āThe core principle of Tor, onion routing, was developed in the mid-1990s by United States Naval Research Laboratory employees, mathematician Paul Syverson, and computer scientists Michael G. Reed and David Goldschlag, to protect American intelligence communications onlineā
From: The Tor Project - Wikipedia
As of 2012, 80% of the Tor Projectās $2 million annual budget came from the United States government, with the U.S. State Department, the Broadcasting Board of Governors, and the National Science Foundation as major contributors,[32] āto aid democracy advocates in authoritarian statesā.
Iām not anti-TOR BTW. As far as I know itās as good as it gets for streaming services, and I know some very dedicated privacy activists that work hard to make that true. That having been said, I believe that itās well-established that it doesnāt offer strong privacy against adversaries that can surveil both ends of a stream of traffic.
I assume that many (plausibly MOST) cryptocurrency validators/miners are run by Chainalysis or related entities. Donāt you?
I believe that thereās a lot of value to using stream-based mixers, because I donāt think that US IC is the only threat that should be mitigated, and thereās not a better option for streams. (AFAIK) So, again, I am glad TORās around. And frankly, I am glad that (again presumptively) Chainalysis is doing all that validation work!
I think thereās room for nuance.
In my opinion, the way you present TOR as
is misleading to the user. It seems to imply that the traffic is readable by the US gov.
Moreover, it would have been better to clearly announce that getting data from the server through NYM is not in your milestone proposal. Or is it?
- This is technically difficult to do without latency penalty,
- It accounts for >99.99% of the traffic between a client and a node.
But I thank you for the clarification and Iām looking forward to you solving the synchronization over nym part.
1 Like
You are implying, by this statement, that you believe that itās not.
Is that correct?
Are you asserting that TOR traffic is NOT vulnerable to US government surveillance?
Again, I believe that TOR offers significant privacy benefits against many classes of attackers. Weād like to support TOR in cases where Nym cannot be used.
Itās important to understand what protection TOR does provide.
I am saying that having investments in TOR does not mean they can read the traffic.
Otherwise by the same logic, the ECC can read the zcash transactions.
2 Likes