Author: Sergio Lerner 2014-08-09 13:10:50
Published on: 2014-08-09T13:10:50+00:00
In an email exchange between Sergio and Tim Ruffing, the issue of decentralization in a shuffle protocol was discussed. One possible solution is to use direct connections to a randomly elected leader who is also responsible for broadcasts. Another possibility is to use overlay networks like distributed hash tables or Bitmessage. The issue of Sybil attacks was also raised, and it was noted that the attacker could create many identities to participate in CoinJoins. However, there are ways to make it hard for the attacker to put an honest user together only with malicious users. One way is to divide users into individual groups, i.e., CoinJoin runs, and ensure that the assignment cannot be influenced by the attacker. This can be achieved using the hash of all users' public keys in the pool to determine the assignment. For the initial setup step, a "bulletin board" is needed, and one possibility is to use an underlying peer-to-peer network like Bitmessage or distributed hash tables. Alternatively, a lot of servers acting as bulletin boards can be used, but this approach is not really decentralized anymore. It is also possible to include announcement messages in the Bitcoin blockchain at the cost of an additional transaction. Finally, combining several pools and using information from friends were suggested as possible solutions. Although there is no perfect solution, there are several that work well enough in practice if they are implemented correctly.
Updated on: 2023-06-09T01:55:31.146736+00:00