Incognito Whitepaper: Incognito Mode for Cryptonetworks

dungtran · 21 February 2021 00:51

Thank you @Semaj, we’ll update the spec.

Semaj · 21 February 2021 09:28

Hi @dungtran, I went through the documents you sent me and have some questions regarding the burning address.

Why do we force the burning address to be in shard 0? Is there any reason behind this?
I know that burning addresses are used for locking tokens, however, there are two burning addresses on the Incognito repo, which are

// burning addresses
const (
	burningAddress  = "15pABFiJVeh9D5uiQEhQX4SVibGGbdAVipQxBdxkmDqAJaoG1EdFKHBrNfs"
	burningAddress2 = "12RxahVABnAVCGP3LGwCn8jkQxgw7z1x14wztHzn455TTVpi1wBq9YGwkRMQg3J4e657AbAnCvYCJSdA9czBUNuCKwGSRQt55Xwz8WA"
)

Do these two addresses serve different purposes?

Semaj · 21 February 2021 09:36

And also, the link in the reference is dead.

Reference
https://github.com/incognitochain/incognito-chain/blob/dev/master/utility/generateburnaddress.go

dungtran · 22 February 2021 02:21

Hi @Semaj,

Why do we force the burning address to be in shard 0?

We just randomly pick the address, it happens to be in shard 0.

there are two burning addresses on the Incognito repo

The first burning address is generated by a random seed, it’s hard for community to verify. Then we change to the burningAddress2 which is generated from a fixed seed. Source code is at https://github.com/incognitochain/incognito-chain/blob/production/utility/generateburnaddress.go

Semaj · 22 February 2021 09:48

The spec says that index is the minimum positive integer number such that the last byte of output is zero (it will make sure that burn address belongs in Shard 0), so I think it was intended.
As I run the scripted in the provided link, the generated burning address is 12RxahVABnAVCGP3LGwCn8jkQxgw7z1x14wztHzn455TTVpi1wBq9YGwkRMQg3J4e657AbAnCvYCJSdA9czBUNuCKwGSRQt55Xwz8WA.
There may be a case such that some people know the private key corresponding to the burning address 15pABFiJVeh9D5uiQEhQX4SVibGGbdAVipQxBdxkmDqAJaoG1EdFKHBrNfs. In that case, they can spend funds locked in this address.
The nature of Incognito is privacy by default, which means that even if someone did the thing, it will not be detectable. Does Incognito implement any mechanism to prevent coins from a burning address to be spent?

dungtran · 22 February 2021 10:12

We publish the source code to create the burning address and making sure that nobody (including us) could find out the private key from this public address. Since Incognito shields the sender address, validators won’t know whether sender’s address is a typical address or a burning address or any special addresses, i.e. there is no mechanism to prevent coin sent from a specific address.

Semaj · 22 February 2021 10:26

So where I can find the source code to generate the burning address 15pABFiJVeh9D5uiQEhQX4SVibGGbdAVipQxBdxkmDqAJaoG1EdFKHBrNfs?

Semaj · 22 February 2021 15:29

What I want to state here is that, it is possible that someone (who generated the burning address 15pABFiJVeh9D5uiQEhQX4SVibGGbdAVipQxBdxkmDqAJaoG1EdFKHBrNfs, who knows, right?) knows the corresponding private key. Thus, he/she can spend the coins belonging to this address.

0xkraken · 23 February 2021 02:54

Hi @Semaj,

15pABFiJVeh9D5uiQEhQX4SVibGGbdAVipQxBdxkmDqAJaoG1EdFKHBrNfs
This is the old burning address that generated by this commit.
It’s just a random point on the elliptic curve. So, it returns different results for each execution. We can’t reproduce how to generate this burning address with this code.

Therefore, we upgrade the generation new burning address from the predefined seed as this code.

hieutran · 23 February 2021 03:01

Your concern totally makes sense and your solution is still possible. Basically, we can reject any transaction that used one of the inputs (including both the real one and fake ones) belonging to burning addresses 1 & 2. Because all output sent to the burning address is a no privacy transaction.

Semaj · 23 February 2021 10:24

The links do not help at all. If the code cannot generate the burning address, who knows if it is randomly chosen or someone just put it there. So basically, as a user, telling me to believe that no one knows the private key is like telling me to stop using blockchains.

Semaj · 23 February 2021 10:25

Did the team implement any mechanism for this?

0xkraken · 24 February 2021 03:08

We will add code to reject these transactions that spend inputs from the old burning address.

Semaj · 24 February 2021 16:20

Hope to get your update soon

AloneWalker · 12 March 2021 15:46

Have the check finished yet?

0xkraken · 17 March 2021 16:05

We are building the privacy v2 - it’s more privacy and more security. And we will reject these transactions that spend input coins from the burning address in this upgrade version. You can see its process here. Thank you.

NibblesnBytes · 13 April 2021 08:42

Is there any reason that that burn address couldn’t have been 0000000000? I think the community would agree that it would be hard to know the seed of this account. Another option is to take the ASCII for BURNBURNBURN and use the B64 encode for our burn address.

AloneWalker · 15 April 2021 18:18

easy thing they never thought of

AgAgent · 19 May 2021 09:58

Hi team, I’m from Augmented Finance, the new DeFi lending protocol, augmented by AI: https://docs.augmented.finance. I saw Coinspect has audited Incognito. Kindly ask you to answer some questions regarding their audit process.

Did they perform on time or were late and didn’t acknowledge that?
How cooperative they were?
Did they miss any critical bugs that put the funds of your users at risk?
Did they help you with a list of actions required after the audit to improve the security of the protocol?

duc · 19 May 2021 10:01

Just gave you the answer over Telegram, thanks.