comments.txt

1 files changed, 571 insertions, 0 deletions

diff --git a/comments.txt b/comments.txt
new file mode 100644
index 0000000..8898e62
--- /dev/null
+++ b/comments.txt
@@ -0,0 +1,571 @@
+1. Grammar: p. 1, Consensus is a key . . .
+2. When you put the footnote at the end of a sentence, the superscript follows the period,
+rather than proceeds it. This was done incorrectly repeatedly, e.g., starting on p. 2,
+subsystem of the GNUnet framework 3 . should be subsystem of the GNUnet framework. 3 .
+Then “users. [LI16].” (p. 15), etc..
+3. Similarly, when a sentence or group of sentences gets a reference, the terminating period
+goes after the references. So, for example, on p. 6 you should not write . . . attract criminal
+activity. [Ric16]. but, instead, . . . attract criminal activity [Ric16].
+4. p. 7, provider 1.5. → provider (Figure 1.5).
+5. p. 7, single chapter → single chapters.
+6. p. 15, I appreciated the short and rather harsh critique of blockchains. How do you
+explain their meteoric rise (if you see it that way) despite these facts? An nonspecialist
+article that adequately explained this “paradox” would be cool, maybe targeted for The
+Atlantic.
+7. p. 20, instruct their wallet to create a reserve
+8. p. 20, from URLs or QR codes
+9. p. 22, do you not mean to write the merchant can specify a deadline before which the
+exchange must issue . . .?
+10. p. 23, to prevent “useless” operations . . . unattractive → to make “useless” operations . . .
+unattractive
+11. p. 23, Yet another type of fees → Yet another type of fee
+12. p. 24, might not even justified → might not be justified
+13. p. 25, A revoked coin cannot be spend (→ spent)
+14. p. 26, maximum number of D-coins not maximum amount of D-coins
+15. p. 26, The sentence beginning The payback protocol could use some copy editing.
+16. p. 28, would be abe to modify
+17. p. 29, by Cannard → by Cannard and Gouget
+18. p. 30, One of the earliest mentions.
+19. p. 33, of the block spend → of the block spent
+20. p. 41 and later. The wrong papers ([Poi05], [Sho04], [Cor00]) are being credited for
+4provable security, the notion of which is usually credited go [GM82/GM85] (although
+credit should arguably be shared more broadly with Blum and Yao, for example). Only
+one of the papers you’re siting here is even a survey.
+21. p. 41 and later. “i.e.” invariably needs a comma after it, “i.e.,”, which will also fix the
+spacing issue you are getting from missing L A TEXthinking you have ended the sentence
+22. p. 41:,extra period, and comma, in Q.”,
+23. p. 42. [Lin17] is not an appropriate reference of the idea of simulation-based definitions.
+The idea might be credited to GMR85/89 (zero-knowledge).
+24. p. 43, paragraph 3. I would not regard the use of oracles in game-based definitions as an
+extension of Turing machines. However you might formalize the adversary’s computation
+(in a RAM model, as a program in some programming language, whatever), we can no
+doubt embellish that model by adding oracles. Turing machines are perhaps the most
+awkward way of doing it!
+25. p. 43, paragraph beginning “While oracles”. I would, similarly, regard oracles as even
+less related to interactive protocols. At least the way that I use this term, interactive
+protocols are stylized two-party interactions used for defining the complexity class IP.
+They were originally defined, rather informally, with interactive Turing Machines. Better
+expositions eliminated that language.
+26. p. 45. I’m not sure the origins of the DDH or CDH assumptions, but it certainly precedes
+[Bon98]. That is a good exposition on the assumption, however. In general, make sure it
+is clear if you are crediting the originators of an idea or an exposition of it you are fond
+of. You can always signal that latter by saying something like “nicely described by Boneh
+[Bon98].”
+27. p. 45. [Bel+98] isn’t the right reference for IND-CPA unless you have narrowed the scope
+to the symmetric setting.
+28. p. 48–57. I think it would be a Herculian job to truly verify this syntax and these games,
+and I won’t really try to do so. Maybe you can tell me how these evolved and were
+debugged.
+29. pp. 57–58. Polynomial is with respect to λ + κ? Negligible in with respect to which in
+which games? Maybe adjust language so that this is explicit in the key definitions of this
+section. Also good to remind the reader of the different semantics of λ and κ.
+30. p. 57, extra slash in Def. 3.4.1.
+31. pp. 58–60. You describe the syntax for four primitives on which you base your construc-
+tion, but do you formalize the security properties you demand for each of these primitives?
+I wasn’t seeing it. Then,
+32. p. 64, your theorem on Anonymity (Theorem 1) omits the complexity assumptions that
+5are required for this to go through,
+33. p. 67, and the same holds for Theorems 3 and 4.
+34. p. 72, util
+35. p. 83, the the
+36. p. 82, the payment is [the] same as
+37. p. 82, an URL → a URL
+38. p. 84, is generally is
+39. p. 84–85, tipping is normally by a customer to a merchant, not the other way around ;-)
+40. p. 89, the the
+41. p. 98, To reduce the perceived performance — what you write is not what you mean :-)
+42. p. 101–113. The various protocols in section 4.7 — I am not really clear how these relate
+to the more abstractly described protocols of Chapter 3. It is not simply that you are
+instantiating earlier mechanisms with concrete primitives; much more seems to be going
+on. Are there concrete claims being made as to the security of these constructions?
+43. p. 114, happyiness → happiness.
+44. pp. 123–154. I liked this chapter, but it did feel somewhat out of place compared to the
+rest of the thesis. It still carried some vestiges of being a paper (for example, the chapter
+speaks a couple of time of its being a paper, rather than a chapter ), and read like one.
+The writing seemed to assume more of the user, and it was a bit disorganized compared
+to the rest of the presentation. Now I have never felt that a dissertation needed to be all
+that unified to be good (theses that amalgamate vaguely related papers are fine by me),
+so this this isn’t a big deal. But it might help to switch the order of Chapters 5 and 6,
+as it did feel jarring to go back to go back to GNU Taler with the BSC stuff intervening.
+And a little bit more of a transition to the current Chapter 5 would be good.
+45. p. 125. I felt confused why you weren’t making any requirement on the ṽ i values relative
+to the original v j values.
+46. pp. 131–132. I didn’t understand what the formal requirement on R is supposed to be.
+Is this any function where R(S) ⊆ S, R(R(S)) = R(S)? At the end of 5.3.1, I still wasn’t
+certain what precisely a BSC protocol was required to deliver. Being more formal would
+help.
+47. And where is the theorem that a specified protocol has achieved BSC? Theorem 5 is about
+graded broadcast.
+48. p. 152. It would probably good to return to the mention made earlier on the potential
+relationship between GNU Taler and BSU, if that was a serious possibility.
+649. p. 155-157. The Conclusion, and similar idea from the Introduction, are quite powerful.
+I would repeat the suggestion we could really use a nonspecialist article, in a venue like
+The Atlantic, on approaches for payment and their is socio-political implications.
+50. References. Don’t use et al. in the names of authors in a bibliography ([Gil17+], [Gue00+],
+etc.). The “+” is fine in a label, but in the actual biography, all authors deserve to be
+named.
+51. References. Proofread for capitalization and typos in titles—things like “byzantine”
+[ML14] or the quote marks in [KM07].
+52. A final pass over the thesis should deal with all the overfull hboxes.
+
+
+
+------------------------------------------------
+
+Batch 1:
+
+
+Global:
+s/Blockchain/blockchain/g # despite in titles
+s/Blockchains/blockchains/g # dito
+s/e.g. $text/e.g., $text/g # as redacted for RFCs
+s/i.e. $text/i.e., $text/g # dito
+s/free software/Free Software/g # consistency
+s/Web/web/ # ? (if not World Wide Web (WWW)
+s/proof-of-work/Proof-of-Work/g # consistency
+s/proof-of-stake/Proof-of-Stake/g # dito
+s/zero knowledge proof/Zero-Knowledge Proof/ig # dito
+s/denial of service attack/denial-of-service attack/ig # dito
+s/Website/website/ig # dito
+s/chosen plaintext attack/chosen-plaintext attack/ig # dito
+s/polynomial time algorithm/polynomial-time algorithm/ig # dito
+
+16:
+- s/the the/the/
+- s/merchant or customer/a merchant or a customer needs/
+
+17:
+- w/withdraw/withdrawal/
+- s/of coin/of a coin/
+
+18:
+- "deanyonmiza-" breaks blockquote
+
+19:
+- s/that allows/that allow/
+- s/that payee/that the payee/
+- s/would now requested/would now be requested/
+
+26:
+- s/(super)set/(super-)set/ # ?
+
+29:
+- s/An complete/A complete/
+
+31:
+- "We assume the contact information of the exchange is known to both
+customer
+and merchant from the start, including that the customer can
+authenticate the
+merchant, for example by using X.509 certificates [Yee13]."
+(Is there also something else than X.509 for auth?)
+
+32:
+s/Subsequently /Subsequently, / # ?
+s/from URLs or QR code/from a URL or a QR code/
+
+34:
+"A useful application for sharing are peer-to-peer payments between
+mutually trusting parties, such as families and friends." # 
+
+36:
+- s/withdraw private key/withdrawal private key/
+- s/GNU Taler what would/GNU Taler which would/
+
+40:
+- "The following modifications are made:" # blank line above?
+
+43:
+- s/to a different blind signature/to different blind signature/
+
+44:
+- s/preserved preserved/preserved/
+
+45:
+- "in a distributed and decentralized manner" # even though there's a
+centralization tendency (as you wrote earlier) towards actors in
+abundance of computational power and persistent memory (to hold the ledger)
+- s/block spend/block spent/ # ?
+- "While it was originally believed that PoW consensus
+process is resistant against attackers that have less than a 51% majority
+of computational power, closer analysis has shown that a 21% majority
+sufficies [ES18]." # You might want to add there was already a
+successful 51% attack from an hard fork of BTC, Bitcoin Gold (BTG):
+http://fortune.com/2018/05/29/bitcoin-gold-hack/
+
+47:
+- s/in a stack-based/in stack-based/
+
+49:
+- "As with card payment systems, these oligopolies are politically
+dangerous [Run11],
+and the lack of competition can result in excessive profit taking that
+may require
+political solutions [Jon15] to the resulting market failure." # 
+
+51:
+- "In this case,
+even if the financial damages are ultimately covered by the bank, the
+customer
+always has to deal with the procedure of notifying the bank in the first
+place. As
+a result, customers must remain wary about using their cards, which
+limits their
+online shopping [ibi14, p. 50]." # 
+
+53/54:
+- "Contrary to what the name might suggest, a protocol that is “provably
+secure”
+is not necessarily secure in practice [KM07; Dam07]." & "Furthermore a
+provably secure protocol does not always lend itself easily to a
+secure implementation [...]" # Like cybervoting ? :D
+
+58:
+- "Useful techniques for hops are, for example:" # add blank line above?
+- s/small failure events/small-failure events/ig # ?; check also globally
+
+59:
+- s/In practice this identifier/In practice, this identifier # ?
+
+
+
+
+------------------------------------------------
+Batch 2:
+
+Global:
+- s/polynomial time adversary/polynomial-time adversary/g # ?
+
+62:
+- "The customer only records the refresh operation identifier rid in
+refreshIds [ pkCustomer ] ," # breaking blockquote
+
+64:
+- s/the adversary/The adversary/ # new sentence; check the sentence,
+too: seems somewhat gramatically broken
+- "The customer and withdraw identifier wid are obtained from the
+WithdrawRequest
+transcript T ." # breaks blockquote
+
+65:
+- s/Additionally gives/Additionally, gives/ # ?
+
+66:
+- "We define a helper procedure" # add blank line above?
+
+69:
+- "game is negligibly close to 1/ for any polynomial time adversary A ."
+# is there something missing after "1/ "?
+
+71:
+- s/anunblinded/an unblinded/
+- s/blind signature protocols/blind-signature protocols/ # ?
+- "We require the following two security properties for BlindSign:" #
+blank line above?
+- s/and has been signed/has been signed/
+- s/game can defined/game can be defined/
+
+72:
+- "We require the following security properties to hold for CoinSignKx:"
+# blank line above?
+- s/random shared secret/random-shared secet/ # ?; or "randomly shared
+secret", otherwise?
+- "Using these primitives, we now instantiate the syntax of our
+income-transparent
+e-cash scheme:" # add blank live above?
+
+76:
+- "From the information theoretically secure blinding," # Lang broken?
+- s/completeness/completedness/ # check also globally
+
+78:
+- "In order to win the conservation game, the adversary must increase
+withdrawn [ pkCustomer ] # breaks blockquote
+- s/Similarly for/Similarly, for/ # ?
+- s/Thus only remaining option for the adversary to decrease v C or v S
+is with the O RefreshPickup and O Deposit oracles respectively./Thus,
+the only remaining option for the adversary is to decrease v C or v S
+with the
+O RefreshPickup and O Deposit oracles, respectively./ # commata, +"is",
+-"is"; check carefully
+- s/Thus the adversary/Thus, the adversary/
+
+79:
+- "We consider the directed forest" # semantics / words fine here?
+
+80:
+- "We shall prove" # blank line above?
+- s/Furthermore for an/Furthermore, for an/
+- s/exhibit different outcomes/exhibiting different outcomes/ # ?
+
+
+------------------------------------
+
+
+
+
+Global:
+-s/e-mail/email/g # In RFC contexts usually "email"
+-s/signalling/signaling/g # American English (as used otherwise, AFAICS)
+-s/, for example $text/, for example, $text/g # AFAICS as with "e.g."
+
+84:
+- s/util the reserve/until the reserve/
+
+86:
+- s/The later constraints is/The later constraints are/
+
+88:
+- "The exchange uses the master key to sign the following data offline:"
+# blank line above?
+- s/The denominations offered by the exchange, explained further in
+Section 4.1.3./The denominations offered by the exchange is explained
+further in Section 4.1.3./ # -comma, +"is"
+
+89:
+- s/with this coin respectively/with this coin, respectively/ # +comma
+
+90:
+- s/It is however unavoidable/It is, however, unavoidable/
+
+92:
+- s/Thus the merchant’s/Thus, the merchant’s/
+
+93:
+- "In order to settle the payment, the customer must sign a deposit
+permission for" # blank line above?
+
+94:
+- "The following steps illustrate a typical payment with the online shop
+alice-shop.  example.com." # break blockquote; and: blank line above?
+
+95:
+- URI vs. URL used in same context # unify; suggestion: use URL on this page
+
+96:
+- s/Furthermore current/Furthermore, current/
+- s/digital restriction management/digital restrictions management/ #
+plural 
+
+97:
+- s/Furthermore the merchant/Furthermore, the merchant/
+
+98:
+- s/the fulfillment_url, which identifies the resources that is being paid
+for/the fulfillment_url, which identifies the resources that is being paid
+for, / # +comma (list item)
+
+100:
+- "The merchant triggers giving a tip with an HTTP 402 response that has
+the" # Isn't that sentence part broken?
+- s/tip pickup URL/tip-pickup URL/ # ?
+
+
+---------------------------------------
+
+
+
+Global:
+- s/dataflow/data flow/ig # Acc. to dict.leo.org:
+https://dict.leo.org/german-english/dataflow
+s/wall clock time/wall-clock time/g
+
+101:
+- s/the the/the/
+
+102:
+- s/For demonstration purposes and integration testing we/For
+demonstration purposes and integration testing, we/ # +comma
+
+103:
+- "All three processes exchange data via the same database. Only
+taler-exchange-httpd" # breaking blockquote
+- "currently only PostgreSQL is supported as a database." # Is the API
+to access a DBMS abstracted or specific to PostgreSQL?
+- "wirewatch" # \emph{wirewatch}?
+
+105:
+- "The taler-auditor process generates a report with the following informa-
+tion:" # blank line above?
+
+106:
+- Figure 4.9: s/private backend/Private Backend/ # ?; consistency
+- Figure 4.9: s/public backend/Public Backend/ # ?; consistency
+- Figure 4.9: s/customer browser/Customber Browser/ # ?; consistency
+- "The backend API is divided into two types of HTTP endpoints:" # blank
+line above?
+
+107:
+- "http://flask.pocoo.org/" # \footnote{\url{http://flask.pocoo.org/}} ?
+
+109:
+- s/and backoffice respectively/and backoffice, respectively./
+
+110:
+- "Cryptographic operations run in an isolated process implemented as a Web-
+Worker 12 . This design allows the relatively slow cryptographic
+operations to run concurrently in the background in multiple threads.
+Since the crypto WebWorkers are started on-demand, the wallet only uses
+minimal resources when not actively used." # :D :D
+
+113:
+- s/Effectively /Effectively, /
+- s/Furthermore /Furthermore, /
+
+114:
+- "We use the following algorithms:" # blank line above?
+- s/full domain hash/full-domain hash/ # ?
+
+115:
+- "We use the following algorithms, defined informally here:" # blank
+line above?
+- s/existing, processed deposit/existing processed deposit/ # ?; -comma
+- "h. Returns the existing" # initial word missing?
+
+117:
+- s/naïve/naive/ # ? Check: https://dict.leo.org/german-english/naive
+- "We use the following algorithms, defined informally here:" # blank
+line above?
+
+118:
+- Figure 4.13: s/The customer can identify themselves/The customer can
+identify itself/
+
+124:
+- "We use the following algorithms, defined informally here:" # blank
+line above?
+- s/that were previously send/that were previously sent/ # past tense
+
+126:
+- s/Even on a low-end smartphone devices/Even on a low-end smartphone
+device/ # singular
+- s/operations remains/operations remain/
+
+127:
+- s/coins instead of transaction/coins instead of transactions/ # plural?
+- s/random value to be spend/random value to be spent/
+- s/5000/5,000/ # unify (in other parts of the text this notation was used)
+- s/10000/10,000/ # dito
+- s/1250/1,250/ # dito
+
+128:
+- s/Furthermore /Furthermore, /
+- s/10000/10,000/ # unify
+- s/exchange respectively/exchange, respectively/
+
+129:
+- Check numbers for notations, e.g., TBD: s/10000/10,000/
+-- 
+https://vecirex.net
+
+-------------------------------
+
+
+
+Global:
+- Check notations for numbers, e.g., s/1000/1,000/g # unify
+- s/internet/Internet/g # ?
+
+131:
+- "and exchanges an be operated securely even without TLS." # s/an/can/ ?
+
+132:
+- s/Furthermore /Furthermore, /
+
+133:
+- Figure 422: s/on exchange's latency/on an exchange's latency/ # ?
+- s/as we the user experience/as well as the user experience/
+
+134:
+- s/to be effectly/to be effective/
+
+135:
+- s/In practice /In practice, /
+
+136:
+- s/finite time bound/finite-time bound/ # ?
+- "In summary, we make the following contributions in this paper:" #
+blank line above?
+
+138:
+- s/this is problem is present/this is a problem present/
+
+140:
+- s/thus peers/thus, peers/
+
+141:
+- "Under the hood, an IBF of size n is an array of n buckets. Each
+bucket holds
+three values:" # blank line above?
+
+142:
+- s/can not/cannot/
+
+143:
+- "We now give a definition of set-union consensus that is motivated by
+practical applications to secure multiparty computation protocols such
+as electronic voting, which are discussed in more detail in Section
+5.7." # Wuaaaaaaaaaah! :D
+
+144:
+- s/For example /For example, /
+
+147:
+- "The Gradecast is adapted as follows:" # blank line above?
+
+148:
+- "We give a correctness proof that generalizes Feldman’s proof for
+Gradecast of
+single values [Fel88, Section 4.1]. # blank line above?
+-- 
+https://vecirex.net
+
+----------------------------
+
+
+
+
+ALLES GUTE HEUTE!
+
+* * *
+
+Global:
+- s/optimised/optimized/g # American English (as used otherwise, AFAICS)
+- s/Central Bank Issued Currencies/Central-Bank-Issued Currencies/ig # ?
+- s/centrally banked/centrally-banked/g #?
+
+151:
+- "Xeon E5-2630 CPU, and GNUnet SVN revision 36765. We used the
+gnunet-consensus-prof" # blockquote broken -- very hard
+
+159:
+- s/the leader the effect/the leader, the effect/
+
+162:
+- s/Typically the public key/Typically, the public key/
+
+167:
+- "Currencies serve three key functions in society: [Man10]" # blank
+line above?
+- s/anti money-laundering/anti-money-laundering/
+
+168:
+- "As GNU Taler is free software, even without backing by a central
+bank, Taler would not suffer from these drawbacks arising from the use
+of proprietary technology. Furthermore, Taler-style electronic cash
+comes with some unique benefits:" # blank line above?
+
+169:
+- "What we offer to society is an open and free (as in free speech)
+system with mechanisms to audit merchants’ income, instead of
+proprietary systems controlled by a few oligopoly companies." # :D
+
+189:
+- The Internet-Draft is marked expired, October 9, 2018; use newest
+version or just point to: https://datatracker.ietf.org/doc/draft-dold-payto/
+
+-- 
+https://vecirex.net
+
+
+