From 231d06f6a44487b7394458857374326f1a486cd1 Mon Sep 17 00:00:00 2001 From: Duke Leto Date: Sat, 23 Nov 2019 10:36:05 -0500 Subject: [PATCH] update --- README.md | 91 +++++++++++++++++++++++++++++++------------------------ 1 file changed, 52 insertions(+), 39 deletions(-) diff --git a/README.md b/README.md index ca74c05..4edac6e 100644 --- a/README.md +++ b/README.md @@ -1,26 +1,20 @@ -# Byrsa +# Sietch -A walled citadel on a hill for your shielded funds, made from tiny bits of shielded -dust or "zdust", like the bits of oxhide that Dido used in founding the citadel -of Carthage: +## What is Sietch? -``` - In Virgil's account of Dido's founding of Carthage, - when Dido and her party were encamped at Byrsa, - the local Berber chieftain offered them as much land - as could be covered with a single oxhide. - Therefore, Dido cut an oxhide into tiny strips and set - them on the ground end to end until she had completely - encircled the hilltop of Byrsa (Greek: βύρσα, "oxhide"). -``` +Sietch is a new set of RPC functionality and consensus rules related to +using shielded funds. Shielded transaction creation is modified above +the level of the Zcash Protocol itself, no changes to that +layer are made. This preserves compatibility with all existing Zcash protocol +ecosystem software. -## What is Byrsa? +Sietch defines certain wallet and transction conditions that must be +upheld for transactions to be accepted by the network as well as making all clients have +new default behavior that is more privacy-preserving. -Byrsa is a new set of RPC functionality and consensus rules for -using shielded funds, which do not currently modify the internals of the -Zcash Protocol, but sit on top of it. It defines certain wallet -and transction conditions that must be upheld for transactions -to be accepted by the network. +Sietch does not modify anything about Zcash internals such as zk-SNARKs, +cryptographic primitives or changing any of the deep math involved, such +as Elliptic Curves parameters or other deep cryptographic machinery. Any Zcash Protocol coin could adopt this "upgrade" to plain Zcash Protocol, though it should be noted that Hush was the first pure Sapling Zcash Protocol @@ -28,46 +22,55 @@ coin and so our implementation ignores Sprout JoinSplits, since we thankfully have none on our v3 mainnet. Supporting Sprout would not be complex and is left as an exercise to the interested privacy coin. -## How is Byrsa implemented? +## How is Sietch implemented? -Byrsa is written in C++ the hushd full node, which means -all GUI wallets can benefit from it. Some features are implemented -at the GUI wallet level. The goal is that the user does not need +Sietch is written in C++ and mostly lives inside the hushd full node, which means +all GUI wallets can benefit from it. Some features in the future +may b implemented at the GUI wallet level. The goal is that the user does not need to think or do anything different, to have more privacy when making transactions. +Since Sietch works at the hushd level, all existing code, such as GUI wallets, +mining pools and exchanges, require no code changes. They will make a shielded +transaction as they always have, via the same exact RPC methods and parameters. + From the perspective of the average GUI wallet user, It Just Works. There are no additional mandatory steps for the user when sending each transaction. No mandatory wallet maintenance will be needed -to keep their privacy. +to keep their privacy. The same goes for exchanges, mining pools and all Hush users. +No changes at all are required by end users to enable Sietch, other than upgrading +to compatible Hush software. There will be some options for advanced users, to -tweak the settings, but using them is not required for increased privacy. -They will mostly serve as ways for developers to experiment and optimize -things. +tweak the settings, but using them will not be required for increased privacy. +Hush is dedicated to all future privacy features being defaulted to ON instead +of asking our users to opt-in to privacy, which we know is a fools errand. -## What are the goals of Byrsa? +Users will not have to opt-in to Sietch and there will be no way to turn off +the functionality. - * Make linkability analysis of zaddrs drastically more expensive - * Allow people to make zaddr xtns safely/privately while thinking about - metadata leakage or advanced techniques much less +## What are the goals of Sietch? + + * Make linkability analysis of fully shielded (z2z) transactions drastically more expensive + * Allow people to make zaddr xtns safely/privately without thinking about + metadata leakage or advanced techniques * Prevent average users from making some blockchain operations which give out too much metadata * Break some assumptions which many blockchain analyst software uses * Require blockchain analysts to write new software * Increase the privacy of all funds in the shielded pool * Introduce non-determinism to counter ITM/Metaverse style metadata attacks -## What are the limitations/downsides of Byrsa? +## What are the limitations/downsides of Sietch? -The goal of Byrsa is increased privacy and the cost is increased blockspace usage per transaction, +The goal of Sietch is increased privacy at the cost of increased blockspace usage per transaction, increased CPU time and RAM to validate transcations and as a secondary effect, increased sync times. -Byrsa potentially adds inputs and outputs to transactions to increase their privacy, -and so the maximum number of actual recipients is lower when Byrsa is enabled. In practice, -transactions can still send to over 1000 recipients even with Byrsa protections, so it -doesn't actually effect any current users, as far as we know. +Sietch potentially adds inputs and outputs to transactions to increase their privacy, +and so the maximum number of actual recipients is lower when Sietch is enabled. In practice, +transactions can still send to over 1000 recipients even with Sietch protections, so it +doesn't effect normal usage. -How much longer will average xtn take? +How much longer will average zxtn take? Research: How many zouts while staying under <10s? Potentially more txfees if the transaction becomes so large to require more than the default fee. @@ -76,7 +79,7 @@ will take longer in CPU seconds, since there will be more recipients by default. ## Implementation Details -These RPCs are modified: +These RPCs are modified directly: ``` z_sendmany @@ -84,3 +87,13 @@ These RPCs are modified: z_mergetoaddress ``` +These RPCs interact with zaddr xtns and may report different or additional info after this change: + +``` + z_viewtransaction + z_listtransactions + listunspent +``` + +### z\_sendmany +