Re: [Taler] minor changes

taler

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Taler] minor changes

From:	Christian Grothoff
Subject:	Re: [Taler] minor changes
Date:	Wed, 14 Oct 2015 10:13:52 +0200
User-agent:	Mozilla/5.0 (X11; Linux i686; rv:38.0) Gecko/20100101 Thunderbird/38.3.0

Jeff, if you "make" (by force or suggestion) users "wait" before
spending for some 'fixed' time, you achieve nothing as the adversary
can just deduct that amount of time.

Now, we could generate a random number, say between 0 and 3600s and
"force" a delay in that range.  But this will limit usability and
complicate implementations --- and possibly for little benefit as the
users may still in practice hold the cash for days or weeks, especially
with withdrawals happening in the background (which is likely our
initial deployment model).

IMO, the only real safety there will be is safety in numbers, i.e. many
users, and putting additional delays on users is likely to reduce the
number of users of the system, thus doing more harm than good.

One interesting aspect here is that the mint provider will have the
ability to collect data about the anonymity set size (How many users
have outstanding coins of denomination X?), so an honest operator could
actually advise users about the size of the community. (But, as it
requires an honest operator, something like this does not belong into
the protocol.)

Anyway, my central conclusion has been: yes, we may want to try to
educate users about the importance of "carrying" a balance (don't
withdraw and spend immediately), but we shouldn't bother to enforce it.

On 10/14/2015 12:08 AM, Jeff Burdges wrote:
> On Tue, 2015-10-13 at 23:17 +0200, Jeff Burdges wrote:
> 
> 
>> Now the wallet should record
>> timestamps for recent withdrawal and spending events.  As the user
>> enters information, there should be javascript that updates an
>> estimate
>> of their anonymity set size based upon these recent events, maybe
>> colors it yellow or red if it's small.  There need not be a warning
>> dialog if a user wants to withdraw money after spending it or spends
>> it
>> after withdrawing it, just a little number that changes to red. 
> 
> I suppose that the user's actually want is simply to know if they
> should wait or not, so maybe a better user interface is simply a
> statement about whether they'd be significantly more anonymous if they
> waited 10 minutes or so.  This might actually be a much easier question
> to answer too, due to the shape of exponential distributions. 
> 
> Jeff
>

signature.asc
Description: OpenPGP digital signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Taler] minor changes, Jeff Burdges, 2015/10/13
- Re: [Taler] minor changes, Fabian Kirsch, 2015/10/13
  - Re: [Taler] minor changes, Jeff Burdges, 2015/10/13
    - Re: [Taler] minor changes, Jeff Burdges, 2015/10/13
    - Re: [Taler] minor changes, Christian Grothoff <=
    - Re: [Taler] minor changes, Jeff Burdges, 2015/10/15
    - Re: [Taler] minor changes, Marcello Stanisci, 2015/10/14
    - Re: [Taler] minor changes, Christian Grothoff, 2015/10/14
    - Re: [Taler] minor changes, Christian Grothoff, 2015/10/14
    - [Taler] anonymity set thoughts, Jeff Burdges, 2015/10/14
- Re: [Taler] minor changes, Christian Grothoff, 2015/10/13

Prev by Date: Re: [Taler] minor changes
Next by Date: [Taler] anonymity set thoughts
Previous by thread: Re: [Taler] minor changes
Next by thread: Re: [Taler] minor changes
Index(es):
- Date
- Thread