leave it to marlinspike to design a cryptocurrency that depends on a single company :P
in seriousness, does anyone know how this SGX stuff works? what prevents a node from pretending to use SGX, when it’s actually just running the code in a way that lets it read private keys? does it have to be digitally signed by Intel?
All I know about SGX is the papers breaking security schemes that use it are sometimes coming out about as fast as those building on it. I also expected Intel to half-ass some good concepts in a way that has bypasses due to half-ass part or just corner cases from integrating with their legacy ISA. I can’t remember if papers from breakers were doing that or not since I didn’t have intention to use SGX. Any ISA that complex and crufty just can’t be trusted for strong security.
It’s why I vainly pushed for all high-performance processors to be able to run user-supplied or at least third-party microcode. Then, we can just get rid of crap we don’t need for our applications while putting in instructions that improve performance or security.
I talked to people building Sancus which is basically a simplified variant of SGX. Their chip is simple enough (MSP430, 16bit processor) to avoid all the complexity breaking SGX again and again.
On the other hand, would it make sense to rent MP430s in the cloud?? Would it make sense to use an MSP430 for cryptocurrencies, email filtering, and addressbook matching?
This bothers me a great deal, despite the enormous amount of respect I have for Moxie.
I understood WhisperSystems’ move when they used SGX for Signal contact discovery, because that took a bad situation and improved it (or in other words, what was there before was even worse). But I was seriously bothered that they didn’t address all the criticisms of SGX, like the fact that AFAICT (and admittedly I know very little about it) it’s unauditable and it centralizes trust around Intel. But this new cryptocurrency is very different because instead of incrementally improving a situation which was already pretty good, literally the entire system relies on SGX. If SGX breaks for Signal contact discovery, it’s not the absolute end of the world; the Signal protocol is still pretty damn good and contact discovery doesn’t happen that often. If SGX breaks for MobileCoin, it’s game over. Period.
Although, I dunno. I guess it’s an incremental improvement over traditional payment processing? Maybe?
crypto coins must be decentralised if they are to have any value over fiat. they are welcome to throw their hat into the proverbial ring, but I won’t touch a single byte of a currency designed by the people who shut down open source, 3rd party clients to something as simple as a messenging protocol.
It still leads to centralized accumulation in some sense, if not around work (or the ability to work) then the stake one has. Those with a higher stake will over time tend to dominate the market.
Generally speaking, every Po[X] will fail became of [X], or so it seems at least to me.
Came here to post something similar, but perhaps less inflammatory. Moxie’s done some good work on crypto, but if anything the work he’s done is against, not for decentralization, which seems to be necessary for a currency.
In all honesty the white paper doesn’t describe anything revolutionary compared to other coins, and I suspect this will trade on Moxie’s name, which could ultimately be damaging for both. When you’re dependent on funding from a budget descended from a CIA propaganda program that’s one thing. When there’s serious volumes of whales shilling and trashing it’s something different.
leave it to marlinspike to design a cryptocurrency that depends on a single company :P
in seriousness, does anyone know how this SGX stuff works? what prevents a node from pretending to use SGX, when it’s actually just running the code in a way that lets it read private keys? does it have to be digitally signed by Intel?
All I know about SGX is the papers breaking security schemes that use it are sometimes coming out about as fast as those building on it. I also expected Intel to half-ass some good concepts in a way that has bypasses due to half-ass part or just corner cases from integrating with their legacy ISA. I can’t remember if papers from breakers were doing that or not since I didn’t have intention to use SGX. Any ISA that complex and crufty just can’t be trusted for strong security.
It’s why I vainly pushed for all high-performance processors to be able to run user-supplied or at least third-party microcode. Then, we can just get rid of crap we don’t need for our applications while putting in instructions that improve performance or security.
I talked to people building Sancus which is basically a simplified variant of SGX. Their chip is simple enough (MSP430, 16bit processor) to avoid all the complexity breaking SGX again and again.
On the other hand, would it make sense to rent MP430s in the cloud?? Would it make sense to use an MSP430 for cryptocurrencies, email filtering, and addressbook matching?
SGX has an attestation feature, so you can prove you’re running in the enclave. Basically intel signs it for you.
that’s what i figured… disappointing but not surprising.
This bothers me a great deal, despite the enormous amount of respect I have for Moxie.
I understood WhisperSystems’ move when they used SGX for Signal contact discovery, because that took a bad situation and improved it (or in other words, what was there before was even worse). But I was seriously bothered that they didn’t address all the criticisms of SGX, like the fact that AFAICT (and admittedly I know very little about it) it’s unauditable and it centralizes trust around Intel. But this new cryptocurrency is very different because instead of incrementally improving a situation which was already pretty good, literally the entire system relies on SGX. If SGX breaks for Signal contact discovery, it’s not the absolute end of the world; the Signal protocol is still pretty damn good and contact discovery doesn’t happen that often. If SGX breaks for MobileCoin, it’s game over. Period.
Although, I dunno. I guess it’s an incremental improvement over traditional payment processing? Maybe?
crypto coins must be decentralised if they are to have any value over fiat. they are welcome to throw their hat into the proverbial ring, but I won’t touch a single byte of a currency designed by the people who shut down open source, 3rd party clients to something as simple as a messenging protocol.
Do they have to be trustless though?
The current coins waste enormous amounts of power on mining… and 51% of the network easily ends up very centralized anyway.
PoW coins do – there are a couple other models around that don’t use up energy, like proof of stake, etc
It still leads to centralized accumulation in some sense, if not around work (or the ability to work) then the stake one has. Those with a higher stake will over time tend to dominate the market.
Generally speaking, every Po[X] will fail became of [X], or so it seems at least to me.
Came here to post something similar, but perhaps less inflammatory. Moxie’s done some good work on crypto, but if anything the work he’s done is against, not for decentralization, which seems to be necessary for a currency.
In all honesty the white paper doesn’t describe anything revolutionary compared to other coins, and I suspect this will trade on Moxie’s name, which could ultimately be damaging for both. When you’re dependent on funding from a budget descended from a CIA propaganda program that’s one thing. When there’s serious volumes of whales shilling and trashing it’s something different.
Since the problems with cryptocurrencies are economic and social, not cryptographic or technical, I have my doubts.