Welcome!

Hello guys, hope you will like this proposal.  The Dash.org forum comments and discussion are here: https://www.dash.org/forum/threads/proposal-investigation-into-using-masternodes-for-anonymous-web.9771/

I reworked this proposal with suggestions given to me by the DASH community and core team. Included you will see an introduction on who I am, some thoughts so far on how to proceed, as well as a rough timeline of what to expect.

Who I am

To start off I'm a developer with 10 years of professional experience, and 16 years if you count university and self learning in high school. Some notable achievements to give people an idea of my abilities are that I rebuilt a RSA program at 16 (public/private keys based on prime numbers). By 21 I was working in the summer at a very prestigious computer research center on a project that was funded by NASA. A paper I contributed to was published which involved auto updating intelligent distributed nodes. After getting a masters in project management I worked in Asia for a while, first as a developer, then senior, then lead, then head of engineering, then CTO.

I have built many projects including a voice recognition system and a augmented reality engine (which could have powered a game like pokemon go (I built it 5 years ago, but because of a legal dispute the code had to be thrown away)).

I got into Bitcoin quite a while ago and now have contacts with a lot of the top bitcoin players. I don't use them at all, and have not yet tried to endorse DASH mainly because I want to make that push when I think we are ready, and I haven't felt that yet.

I joined the DASH community about 2 years ago because I saw it as the most innovative project out there. I see a lot of other projects as hot air, and when I dive into them I just find they just target overzealous investors and have very little to offer. DASH is different. It delivers over and over. As an analogy I see DASH as a developer who gets things done contrary to developers who like to talk a lot in meetings and do nothing.

I joined the core team roughly in August 2015 while working on the iOS app. After completion, the iOS app was rejected again and again by apple which left me very frustrated, demoralized, and made me take a break from working on DASH, as I didn't see how I could contribute. I was eventually removed from the core team as well.

For iOS I had worked a lot on the x11 hashes, so when I found out that the community was looking for someone to do the x11 hash I finally had something I knew I could do well to contribute.  The x11 hash is now completed and will be a core foundation block of evolution.

And here I am now, contributing to evolution when needed, and iOS when needed. But I would like to do more, hence this proposal.

Idea

Because of our system of incentivized nodes we have a truly global network that can be put to multiple uses. Quite some time ago Evan talked about the many different uses we could make out of this network and discussed it being used as a sort of Tor like system. This resonated with me. The more I thought about it the more excited I was too. Notably because I saw in it a way to improve upon tor, give quick anonymity (think VPNs) but also a way tomonetize the existing Masternode network.

Very recently a new paper was published from MIT called Riffle. It explores a novel way to fix the problems with Tor. While it might not work well for us (probably not) it got me interested in making a proposal to the community.

Proposal

My proposal has two sides. The first is that I would work to figure out how to add various types of anonymity usages to our system. These would include VPNs, anonymous browsing, hidden apps and IP blinding among possibly other use cases I haven't even thought of yet.

The end result of this would be a white paper explaining how such systems could work, as well as a plan to implement each feature. Inside you can expect mathematical and cryptological proofs ensuring the security and robustness of the system as well as the pros and cons of the various choices we will need to make when implementing these solutions.

The second side to my proposal is that I would figure out how to monetize such systems and have them work well for us. There are millions upon millions of VPN users, Dash could potentially be amazing for these users since we have nodes all around the world. And same thing for Tor.

Thoughts so far on how this could/might work :

From a user perspective the core client would have a button that would turn it into a VPN/autonomous gateway. When this happened it would choose a number N of masternodes deterministically based on the hash of the last block. It would then encrypt the outgoing message with N layers as is common with onion routing, laying out the route of the message and would encrypt the last layer in a PGP type style in order to ensure that the entry masternode does not know that it is an entry masternode, this would therefore make the entry anonymous to your system hiding your IP. Then after N hops the exit node will get your message, it will go request the content in clearnet. When it did it could either encrypt the data back or send it clearly (something to think about).

This is basic onion routing with some small extra stuff for us preventing government snooping in between you and the first node. What makes our system better is that the client will only select nodes that are verified to have 1000 DASH, hence it would be almost impossible to have N "malicious" nodes if N>8.

There are some problems here though, the masternodes know who have 1000 DASH, and your client doesn't most likely hence the entry node would know your IP. You would therefore have to have 1000 DASH in your wallet to hide your IP from the original Masternode and prevent it from knowing you are the originator of a message. The problem here is if someone controlled the entry and exit nodes there could be a statistical analysis attack to break the system since with the entry node would know your IP, and the exit node would know the request. The 2 nodes of course do not know each other, but someone doing the attack and owning both nodes could maybe figure out with a certain degree of probability what you where doing. A problem to be researched in depth.

Now that was the easy part, here comes the hard part. How to get people to pay for the service without compromising the system? This is where there is no other system I can base myself off. Ideally we would need to find a solution where people pay for bandwidth and not by month/ day etc. My thoughts were to create a secondary currency on the masternode network, that is not divisible, let's call it ash (or gas, not yet sure on the name) . Each packet would then add some ash to each packet.

The system of course needs to be trustless and the ash can not be allowed to be traced back to the dash address who bought it or else there could be another weakness in the system. I'll be honest that the problems here are monumental to overcome and would require a completely novel type of blockchain system. Hence why I need to do months of research on it.

If we don't go the bandwidth route things can become simpler yet still very complicated. Here we wouldn't need ash, but just a verification by each node that the originator has paid for the day/week/month. How would you verify this without knowing the originator DASH address? You would have to go off an anonymous transaction. I haven't dived further than this yet.

VPN is a lot easier than this because VPN wouldn't need a trustless system to operate. Hence you can just pay any N nodes for N hops. The nodes know what you are doing. A VPN system like this would work very well for china for example. The first HOP could be towards a node inside china, then the second hop would be again a peer outside of china. The great firewall people, knowing our system could be used for this could ban the IP addresses of all nodes outside of china as a response. Here we could come up with a system of having 2 network interfaces per masternode (with the second being IPV6 only). One that would cycle IP addresses (IP V6), one that wouldn't (main masternode IP). This would make systems like china GFW (great firewall) to have a really hard time blocking us, as I think their blacklist is manual. For them to block us they would need to integrate with our system. Further research would be needed to figure out ways to outsmart them if this became a problem.

These are the majority of my thoughts for now. I didn't want to post them before because I wanted to come up with very sturdy ideas before they were released to the public.

You can also expect the following :

- I will assume some Masternodes might want to opt-out. I will keep this in mind.
- I hope to find a way to remunerate nodes that opt-in (as they are paying for bandwidth). I will try to explain different payment models we could have for the network. I will also try to figure out how much money this could make each node depending on usage.
- I will try to explain all the possible use cases and drawbacks of each system as well as how they could potentially be exploited. (As an example VPNs could be used for torrenting which could cause legal issues for the end nodes if they are in certain countries). However if all our end nodes are in countries with no such legal restrictions, there would be no problem.
- Even though I won't published code I will go over the tor code base to try to find elements that could be directly reused to save us time.

After this whitepaper is completed, and also after the community has had time to review it and have their say, I will try to get a team together and build this.

Costs :

For costs I will be asking for 750 Dash (+5 for reimbursement of proposal). Even though the majority of this will go back to me I also plan to use some of this money to incentivize people into helping me, mainly people that work in tor and anonymity systems so that they can validate and review my work to make sure there are no flaws in my designs. If more money is needed to incentivize other people or if I've worked many months but not covered all anonymity issues I will make more proposals.

I'd like to add the following for an open discussion:

From comments I received recently I would like to add that the average computer science salary in the place where I live for my level is around 10000-15000$ a month. I'm not trying to boast, but I just want to be clear that I am not working on DASH for the money. When I factor in costs for my proposal I basically just add up what I spend on rent/food/insurance and ask for that amount. It really frustrates me when people think I'm trying to cheat the system

I must admit that this isn't great for me money wise. In the future voting masternode operators have to realize that the best computer scientists in the USA make ~ 120K-300K USD a year depending on their field. It's really hard to people who make far less than that to understand this. As such drawing them in monetarily is almost impossible with our current budgets.

There's something to be said here as to why my first proposal was maybe a little bland. If I do do this I lose at least 5K USD during this time compared to if I was working for a company doing freelance. That's why if this is downvoted I won't feel too bad because I can work on other stuff that's a lot less difficult for more money. I wanted to do this to improve upon DASH and because I wanted to contribute something meaningful to society, and that's my sole reason for making this proposal.

Timeline :

The project would start in early August to early September, depending on whether my latest submission to the iOS app store goes through. I will report back every 3-4 weeks of work with a deliverable and have a weekly meeting with kot (or another project manager in Dash that wishes to help me with this).

The order of deliverables will be the following:

System for onion routing (18 days work).

Systems for consideration for onion routing payment (20 days work).

VPN solutions (15 days work).

Systems for consideration for VPN payment (5 days work).

Note: I can't provide a perfect timeline since I might be needed on evolution or iOS. If I have to pause this for evolution or iOS I will do so, notify the community, and the PM who is leading me.

Thank you for your consideration, QuantumExplorer

Last thoughts :

There are at least 2 reasons to vote no on this proposal. Either you don't think I can/should do it or you don't like the idea in itself. I'm no longer interested in talking about my capabilities to do this project after this second proposal. I believe I can do it, and would not have made this proposal if I thought I couldn't.

However discussing whether this should be built is another idea in itself, and I would really like to debate that some more. I believe no matter what we should first figure out how to build it. Then depending on the findings discuss if it should be implemented.

So far though most people have told me they love the idea, and I hope you do as well.