- The identity and true addresses of the recipient are shielded.
- The sender’s identity is not shielded.
- The attacker could monitor the activities of both Alice’s and Bob’s public address and link them on transactions of the same amounts with the same timestamp.
1 Like
The amount is not shielded. 
1.) The two pieces of information shielded on Verge are IP addresses (through Tor IP obfuscation) and receiving-party addresses (dual-key stealth addressing).
2.) The information that is not shielded on Verge is the amount of the transaction being sent, as well as potential linkability to the sender.
3.) An attacker could link Alice and Bob together even using the privacy features mentioned above by taking Bob’s master public key and retracing it to Alice by transaction amount, who is the sender of the funds (which isn’t hidden anyways when using verge). Since the dual-key stealth addressing used by Verge only to hide receiver payments, if the receiver’s key is known, funds can be retraced to the sender’s already public sender key.
1 Like
What two pieces of information are shielded on Verge?
- Verge uses TOR for their wallets to shield user IP information from the network.
- Verge utilises dual-key stealth addresses to create an unlimited amount of one-time addresses to shield the receivers of transactions on the network.
What information is NOT shielded on Verge?
It appears as though the sender address, and transaction amounts are visible in Verge transactions.
Suppose Alice sends 15 XVG to Bob, and Alice’s and Bob’s ‘Master Public Keys’ are publicly known. Describe how an attacker could link Bob and Alice together, even using the privacy features mentioned above.
When Alice sends Bob 15 XVG, her address and the amount she sent is published to the blockchain, for anyone to view.
If someone were to sniff for transactions receiving 15 XVG at the same time Bob received 15 XVG - it would be fairly easy to deduce that Alice sent Bob these funds - and hence be able to connect the two.
Even though there are unlimited receiver-generated addresses, the amounts are not shuffled and timestamps are available to connect increases/decreases in balances for master public keys.
2 Likes
-
What two pieces of information are shielded on Verge ? : IP Address ; Tor IP obfuscation, and Dual-Key Stealth Addressing ; allows senders to create an unlimited number of one-time destinations addresses on behalf of the recipient without any interaction between the parties.
-
What information is NOT shielded on Verge ? : The Amount of the tx is visible and the on-chain information about the sender is visible.
-
Suppose Alice sends 15 XVG to Bob, and Alice’s and Bob’s ‘Master Public Keys’ are publicly known. Describe how an attacker could link Bob and Alice together, even using the privacy features mentioned above…? : An attacker could link when Alice sends Bob 15 XVG, her address and the amount she sent is published to the blockchain. An attacker sniffing for transactions receiving 15 XVG at the same time Bob received, would make it easy to conclude that Alice sent Bob funds.
1 Like
-
On Verge, the sender and receiver addresses are shielded, meaning that the identities of the parties involved in a transaction are not publicly visible.
-
However, the amount of the transaction is not shielded and is visible to anyone on the network.
-
An attacker could potentially link Bob and Alice together by using their publicly known Master Public Keys to track their financial activity on the blockchain. For example, if the attacker knows that Alice has sent 15 XVG to Bob and has access to both of their Master Public Keys, they could potentially use this information to deduce that the transaction was made by Alice and received by Bob. Alternatively, the attacker could potentially use other information, such as IP addresses or the timing of the transaction, to identify the parties involved in the transaction.
1 Like
TLDR: Verge ‘supports mining using 5 different hash functions:’ Scrypt, X17, Lyra2rev2, myr-groestl and blake2s, which they consider a way to democratize access to the network. Verge is not a private company funded by pre-mined coins or an ICO. They claim as part of their privacy tech/model: - Tor IP obfuscatio and Dual-Key Stealth Addressing, which grossly means allowing one-time-addresses created by the sender for the recepient without those having to interact with each other directly, added to stealth addresses that can receive txs from multiple users but appearing in the blockchain as multiple payments sent to different addresses.
So…assuming the model works (which needs more in-depth analysis),
1- The IP and sender and recipient addresses are suposelly shielded.
2-The amount -at least 'estimated 'is visible in the blockchain associated with an address, and seems like you can check some info about height and some block info…(the block explorer is giving error as far as I tried)
3- Intuitively there could be so many ways, since the master public key would be able to decrypt/give part of the necessary information to get at least part of the transaction contrusction/shared secrets btw sender and receiver…
1 Like
- What two pieces of information are shielded on Verge?
IP addresses via Tor IP obfuscation service which enables anonymous communication across a layered circuit-based network.
Dual-Key Stealth Addresses which allows senders to create an unlimited number of one-time destinations addresses on behalf of the recipient without any interaction between the parties.
-
What information is NOT shielded on Verge?
The transaction amount and senders public key address. -
Suppose Alice sends 15 XVG to Bob, and Alice’s and Bob’s ‘Master Public Keys’ are publicly known. Describe how an attacker could link Bob and Alice together, even using the privacy features mentioned above.
By linking Bob and Alice’s public address for a 15 XVG transaction on the blockchain which would’ve occurred at around the same time.