path: root/comments-original.txt

1. Grammar: p. 1, Consensus is a key . . .
2. When you put the footnote at the end of a sentence, the superscript follows the period,
rather than proceeds it. This was done incorrectly repeatedly, e.g., starting on p. 2,
subsystem of the GNUnet framework 3 . should be subsystem of the GNUnet framework. 3 .
Then “users. [LI16].” (p. 15), etc..
3. Similarly, when a sentence or group of sentences gets a reference, the terminating period
goes after the references. So, for example, on p. 6 you should not write . . . attract criminal
activity. [Ric16]. but, instead, . . . attract criminal activity [Ric16].
4. p. 7, provider 1.5. → provider (Figure 1.5).
5. p. 7, single chapter → single chapters.
6. p. 15, I appreciated the short and rather harsh critique of blockchains. How do you
explain their meteoric rise (if you see it that way) despite these facts? An nonspecialist
article that adequately explained this “paradox” would be cool, maybe targeted for The
Atlantic.
7. p. 20, instruct their wallet to create a reserve
8. p. 20, from URLs or QR codes
9. p. 22, do you not mean to write the merchant can specify a deadline before which the
exchange must issue . . .?
10. p. 23, to prevent “useless” operations . . . unattractive → to make “useless” operations . . .
unattractive
11. p. 23, Yet another type of fees → Yet another type of fee
12. p. 24, might not even justified → might not be justified
13. p. 25, A revoked coin cannot be spend (→ spent)
14. p. 26, maximum number of D-coins not maximum amount of D-coins
15. p. 26, The sentence beginning The payback protocol could use some copy editing.
16. p. 28, would be abe to modify
17. p. 29, by Cannard → by Cannard and Gouget
18. p. 30, One of the earliest mentions.
19. p. 33, of the block spend → of the block spent
20. p. 41 and later. The wrong papers ([Poi05], [Sho04], [Cor00]) are being credited for
4provable security, the notion of which is usually credited go [GM82/GM85] (although
credit should arguably be shared more broadly with Blum and Yao, for example). Only
one of the papers you’re siting here is even a survey.
21. p. 41 and later. “i.e.” invariably needs a comma after it, “i.e.,”, which will also fix the
spacing issue you are getting from missing L A TEXthinking you have ended the sentence
22. p. 41:,extra period, and comma, in Q.”,
23. p. 42. [Lin17] is not an appropriate reference of the idea of simulation-based definitions.
The idea might be credited to GMR85/89 (zero-knowledge).
24. p. 43, paragraph 3. I would not regard the use of oracles in game-based definitions as an
extension of Turing machines. However you might formalize the adversary’s computation
(in a RAM model, as a program in some programming language, whatever), we can no
doubt embellish that model by adding oracles. Turing machines are perhaps the most
awkward way of doing it!
25. p. 43, paragraph beginning “While oracles”. I would, similarly, regard oracles as even
less related to interactive protocols. At least the way that I use this term, interactive
protocols are stylized two-party interactions used for defining the complexity class IP.
They were originally defined, rather informally, with interactive Turing Machines. Better
expositions eliminated that language.
26. p. 45. I’m not sure the origins of the DDH or CDH assumptions, but it certainly precedes
[Bon98]. That is a good exposition on the assumption, however. In general, make sure it
is clear if you are crediting the originators of an idea or an exposition of it you are fond
of. You can always signal that latter by saying something like “nicely described by Boneh
[Bon98].”
27. p. 45. [Bel+98] isn’t the right reference for IND-CPA unless you have narrowed the scope
to the symmetric setting.
28. p. 48–57. I think it would be a Herculian job to truly verify this syntax and these games,
and I won’t really try to do so. Maybe you can tell me how these evolved and were
debugged.
29. pp. 57–58. Polynomial is with respect to λ + κ? Negligible in with respect to which in
which games? Maybe adjust language so that this is explicit in the key definitions of this
section. Also good to remind the reader of the different semantics of λ and κ.
30. p. 57, extra slash in Def. 3.4.1.
31. pp. 58–60. You describe the syntax for four primitives on which you base your construc-
tion, but do you formalize the security properties you demand for each of these primitives?
I wasn’t seeing it. Then,
32. p. 64, your theorem on Anonymity (Theorem 1) omits the complexity assumptions that
5are required for this to go through,
33. p. 67, and the same holds for Theorems 3 and 4.
34. p. 72, util
35. p. 83, the the
36. p. 82, the payment is [the] same as
37. p. 82, an URL → a URL
38. p. 84, is generally is
39. p. 84–85, tipping is normally by a customer to a merchant, not the other way around ;-)
40. p. 89, the the
41. p. 98, To reduce the perceived performance — what you write is not what you mean :-)
42. p. 101–113. The various protocols in section 4.7 — I am not really clear how these relate
to the more abstractly described protocols of Chapter 3. It is not simply that you are
instantiating earlier mechanisms with concrete primitives; much more seems to be going
on. Are there concrete claims being made as to the security of these constructions?
43. p. 114, happyiness → happiness.
44. pp. 123–154. I liked this chapter, but it did feel somewhat out of place compared to the
rest of the thesis. It still carried some vestiges of being a paper (for example, the chapter
speaks a couple of time of its being a paper, rather than a chapter ), and read like one.
The writing seemed to assume more of the user, and it was a bit disorganized compared
to the rest of the presentation. Now I have never felt that a dissertation needed to be all
that unified to be good (theses that amalgamate vaguely related papers are fine by me),
so this this isn’t a big deal. But it might help to switch the order of Chapters 5 and 6,
as it did feel jarring to go back to go back to GNU Taler with the BSC stuff intervening.
And a little bit more of a transition to the current Chapter 5 would be good.
45. p. 125. I felt confused why you weren’t making any requirement on the ṽ i values relative
to the original v j values.
46. pp. 131–132. I didn’t understand what the formal requirement on R is supposed to be.
Is this any function where R(S) ⊆ S, R(R(S)) = R(S)? At the end of 5.3.1, I still wasn’t
certain what precisely a BSC protocol was required to deliver. Being more formal would
help.
47. And where is the theorem that a specified protocol has achieved BSC? Theorem 5 is about
graded broadcast.
48. p. 152. It would probably good to return to the mention made earlier on the potential
relationship between GNU Taler and BSU, if that was a serious possibility.
649. p. 155-157. The Conclusion, and similar idea from the Introduction, are quite powerful.
I would repeat the suggestion we could really use a nonspecialist article, in a venue like
The Atlantic, on approaches for payment and their is socio-political implications.
50. References. Don’t use et al. in the names of authors in a bibliography ([Gil17+], [Gue00+],
etc.). The “+” is fine in a label, but in the actual biography, all authors deserve to be
named.
51. References. Proofread for capitalization and typos in titles—things like “byzantine”
[ML14] or the quote marks in [KM07].
52. A final pass over the thesis should deal with all the overfull hboxes.



------------------------------------------------

Batch 1:


Global:
s/Blockchain/blockchain/g # despite in titles
s/Blockchains/blockchains/g # dito
s/e.g. $text/e.g., $text/g # as redacted for RFCs
s/i.e. $text/i.e., $text/g # dito
s/free software/Free Software/g # consistency
s/Web/web/ # ? (if not World Wide Web (WWW)
s/proof-of-work/Proof-of-Work/g # consistency
s/proof-of-stake/Proof-of-Stake/g # dito
s/zero knowledge proof/Zero-Knowledge Proof/ig # dito
s/denial of service attack/denial-of-service attack/ig # dito
s/Website/website/ig # dito
s/chosen plaintext attack/chosen-plaintext attack/ig # dito
s/polynomial time algorithm/polynomial-time algorithm/ig # dito

16:
- s/the the/the/
- s/merchant or customer/a merchant or a customer needs/

17:
- w/withdraw/withdrawal/
- s/of coin/of a coin/

18:
- "deanyonmiza-" breaks blockquote

19:
- s/that allows/that allow/
- s/that payee/that the payee/
- s/would now requested/would now be requested/

26:
- s/(super)set/(super-)set/ # ?

29:
- s/An complete/A complete/

31:
- "We assume the contact information of the exchange is known to both
customer
and merchant from the start, including that the customer can
authenticate the
merchant, for example by using X.509 certificates [Yee13]."
(Is there also something else than X.509 for auth?)

32:
s/Subsequently /Subsequently, / # ?
s/from URLs or QR code/from a URL or a QR code/

34:
"A useful application for sharing are peer-to-peer payments between
mutually trusting parties, such as families and friends." # 

36:
- s/withdraw private key/withdrawal private key/
- s/GNU Taler what would/GNU Taler which would/

40:
- "The following modifications are made:" # blank line above?

43:
- s/to a different blind signature/to different blind signature/

44:
- s/preserved preserved/preserved/

45:
- "in a distributed and decentralized manner" # even though there's a
centralization tendency (as you wrote earlier) towards actors in
abundance of computational power and persistent memory (to hold the ledger)
- s/block spend/block spent/ # ?
- "While it was originally believed that PoW consensus
process is resistant against attackers that have less than a 51% majority
of computational power, closer analysis has shown that a 21% majority
sufficies [ES18]." # You might want to add there was already a
successful 51% attack from an hard fork of BTC, Bitcoin Gold (BTG):
http://fortune.com/2018/05/29/bitcoin-gold-hack/

47:
- s/in a stack-based/in stack-based/

49:
- "As with card payment systems, these oligopolies are politically
dangerous [Run11],
and the lack of competition can result in excessive profit taking that
may require
political solutions [Jon15] to the resulting market failure." # 

51:
- "In this case,
even if the financial damages are ultimately covered by the bank, the
customer
always has to deal with the procedure of notifying the bank in the first
place. As
a result, customers must remain wary about using their cards, which
limits their
online shopping [ibi14, p. 50]." # 

53/54:
- "Contrary to what the name might suggest, a protocol that is “provably
secure”
is not necessarily secure in practice [KM07; Dam07]." & "Furthermore a
provably secure protocol does not always lend itself easily to a
secure implementation [...]" # Like cybervoting ? :D

58:
- "Useful techniques for hops are, for example:" # add blank line above?
- s/small failure events/small-failure events/ig # ?; check also globally

59:
- s/In practice this identifier/In practice, this identifier # ?




------------------------------------------------
Batch 2:

Global:
- s/polynomial time adversary/polynomial-time adversary/g # ?

62:
- "The customer only records the refresh operation identifier rid in
refreshIds [ pkCustomer ] ," # breaking blockquote

64:
- s/the adversary/The adversary/ # new sentence; check the sentence,
too: seems somewhat gramatically broken
- "The customer and withdraw identifier wid are obtained from the
WithdrawRequest
transcript T ." # breaks blockquote

65:
- s/Additionally gives/Additionally, gives/ # ?

66:
- "We define a helper procedure" # add blank line above?

69:
- "game is negligibly close to 1/ for any polynomial time adversary A ."
# is there something missing after "1/ "?

71:
- s/anunblinded/an unblinded/
- s/blind signature protocols/blind-signature protocols/ # ?
- "We require the following two security properties for BlindSign:" #
blank line above?
- s/and has been signed/has been signed/
- s/game can defined/game can be defined/

72:
- "We require the following security properties to hold for CoinSignKx:"
# blank line above?
- s/random shared secret/random-shared secet/ # ?; or "randomly shared
secret", otherwise?
- "Using these primitives, we now instantiate the syntax of our
income-transparent
e-cash scheme:" # add blank live above?

76:
- "From the information theoretically secure blinding," # Lang broken?
- s/completeness/completedness/ # check also globally

78:
- "In order to win the conservation game, the adversary must increase
withdrawn [ pkCustomer ] # breaks blockquote
- s/Similarly for/Similarly, for/ # ?
- s/Thus only remaining option for the adversary to decrease v C or v S
is with the O RefreshPickup and O Deposit oracles respectively./Thus,
the only remaining option for the adversary is to decrease v C or v S
with the
O RefreshPickup and O Deposit oracles, respectively./ # commata, +"is",
-"is"; check carefully
- s/Thus the adversary/Thus, the adversary/

79:
- "We consider the directed forest" # semantics / words fine here?

80:
- "We shall prove" # blank line above?
- s/Furthermore for an/Furthermore, for an/
- s/exhibit different outcomes/exhibiting different outcomes/ # ?


------------------------------------




Global:
-s/e-mail/email/g # In RFC contexts usually "email"
-s/signalling/signaling/g # American English (as used otherwise, AFAICS)
-s/, for example $text/, for example, $text/g # AFAICS as with "e.g."

84:
- s/util the reserve/until the reserve/

86:
- s/The later constraints is/The later constraints are/

88:
- "The exchange uses the master key to sign the following data offline:"
# blank line above?
- s/The denominations offered by the exchange, explained further in
Section 4.1.3./The denominations offered by the exchange is explained
further in Section 4.1.3./ # -comma, +"is"

89:
- s/with this coin respectively/with this coin, respectively/ # +comma

90:
- s/It is however unavoidable/It is, however, unavoidable/

92:
- s/Thus the merchant’s/Thus, the merchant’s/

93:
- "In order to settle the payment, the customer must sign a deposit
permission for" # blank line above?

94:
- "The following steps illustrate a typical payment with the online shop
alice-shop.  example.com." # break blockquote; and: blank line above?

95:
- URI vs. URL used in same context # unify; suggestion: use URL on this page

96:
- s/Furthermore current/Furthermore, current/
- s/digital restriction management/digital restrictions management/ #
plural 

97:
- s/Furthermore the merchant/Furthermore, the merchant/

98:
- s/the fulfillment_url, which identifies the resources that is being paid
for/the fulfillment_url, which identifies the resources that is being paid
for, / # +comma (list item)

100:
- "The merchant triggers giving a tip with an HTTP 402 response that has
the" # Isn't that sentence part broken?
- s/tip pickup URL/tip-pickup URL/ # ?


---------------------------------------



Global:
- s/dataflow/data flow/ig # Acc. to dict.leo.org:
https://dict.leo.org/german-english/dataflow
s/wall clock time/wall-clock time/g

101:
- s/the the/the/

102:
- s/For demonstration purposes and integration testing we/For
demonstration purposes and integration testing, we/ # +comma

103:
- "All three processes exchange data via the same database. Only
taler-exchange-httpd" # breaking blockquote
- "currently only PostgreSQL is supported as a database." # Is the API
to access a DBMS abstracted or specific to PostgreSQL?
- "wirewatch" # \emph{wirewatch}?

105:
- "The taler-auditor process generates a report with the following informa-
tion:" # blank line above?

106:
- Figure 4.9: s/private backend/Private Backend/ # ?; consistency
- Figure 4.9: s/public backend/Public Backend/ # ?; consistency
- Figure 4.9: s/customer browser/Customber Browser/ # ?; consistency
- "The backend API is divided into two types of HTTP endpoints:" # blank
line above?

107:
- "http://flask.pocoo.org/" # \footnote{\url{http://flask.pocoo.org/}} ?

109:
- s/and backoffice respectively/and backoffice, respectively./

110:
- "Cryptographic operations run in an isolated process implemented as a Web-
Worker 12 . This design allows the relatively slow cryptographic
operations to run concurrently in the background in multiple threads.
Since the crypto WebWorkers are started on-demand, the wallet only uses
minimal resources when not actively used." # :D :D

113:
- s/Effectively /Effectively, /
- s/Furthermore /Furthermore, /

114:
- "We use the following algorithms:" # blank line above?
- s/full domain hash/full-domain hash/ # ?

115:
- "We use the following algorithms, defined informally here:" # blank
line above?
- s/existing, processed deposit/existing processed deposit/ # ?; -comma
- "h. Returns the existing" # initial word missing?

117:
- s/naïve/naive/ # ? Check: https://dict.leo.org/german-english/naive
- "We use the following algorithms, defined informally here:" # blank
line above?

118:
- Figure 4.13: s/The customer can identify themselves/The customer can
identify itself/

124:
- "We use the following algorithms, defined informally here:" # blank
line above?
- s/that were previously send/that were previously sent/ # past tense

126:
- s/Even on a low-end smartphone devices/Even on a low-end smartphone
device/ # singular
- s/operations remains/operations remain/

127:
- s/coins instead of transaction/coins instead of transactions/ # plural?
- s/random value to be spend/random value to be spent/
- s/5000/5,000/ # unify (in other parts of the text this notation was used)
- s/10000/10,000/ # dito
- s/1250/1,250/ # dito

128:
- s/Furthermore /Furthermore, /
- s/10000/10,000/ # unify
- s/exchange respectively/exchange, respectively/

129:
- Check numbers for notations, e.g., TBD: s/10000/10,000/
-- 
https://vecirex.net

-------------------------------



Global:
- Check notations for numbers, e.g., s/1000/1,000/g # unify
- s/internet/Internet/g # ?

131:
- "and exchanges an be operated securely even without TLS." # s/an/can/ ?

132:
- s/Furthermore /Furthermore, /

133:
- Figure 422: s/on exchange's latency/on an exchange's latency/ # ?
- s/as we the user experience/as well as the user experience/

134:
- s/to be effectly/to be effective/

135:
- s/In practice /In practice, /

136:
- s/finite time bound/finite-time bound/ # ?
- "In summary, we make the following contributions in this paper:" #
blank line above?

138:
- s/this is problem is present/this is a problem present/

140:
- s/thus peers/thus, peers/

141:
- "Under the hood, an IBF of size n is an array of n buckets. Each
bucket holds
three values:" # blank line above?

142:
- s/can not/cannot/

143:
- "We now give a definition of set-union consensus that is motivated by
practical applications to secure multiparty computation protocols such
as electronic voting, which are discussed in more detail in Section
5.7." # Wuaaaaaaaaaah! :D

144:
- s/For example /For example, /

147:
- "The Gradecast is adapted as follows:" # blank line above?

148:
- "We give a correctness proof that generalizes Feldman’s proof for
Gradecast of
single values [Fel88, Section 4.1]. # blank line above?
-- 
https://vecirex.net

----------------------------




ALLES GUTE HEUTE!

* * *

Global:
- s/optimised/optimized/g # American English (as used otherwise, AFAICS)
- s/Central Bank Issued Currencies/Central-Bank-Issued Currencies/ig # ?
- s/centrally banked/centrally-banked/g #?

151:
- "Xeon E5-2630 CPU, and GNUnet SVN revision 36765. We used the
gnunet-consensus-prof" # blockquote broken -- very hard

159:
- s/the leader the effect/the leader, the effect/

162:
- s/Typically the public key/Typically, the public key/

167:
- "Currencies serve three key functions in society: [Man10]" # blank
line above?
- s/anti money-laundering/anti-money-laundering/

168:
- "As GNU Taler is free software, even without backing by a central
bank, Taler would not suffer from these drawbacks arising from the use
of proprietary technology. Furthermore, Taler-style electronic cash
comes with some unique benefits:" # blank line above?

169:
- "What we offer to society is an open and free (as in free speech)
system with mechanisms to audit merchants’ income, instead of
proprietary systems controlled by a few oligopoly companies." # :D

189:
- The Internet-Draft is marked expired, October 9, 2018; use newest
version or just point to: https://datatracker.ietf.org/doc/draft-dold-payto/

-- 
https://vecirex.net