Published on: 2022-09-10T10:17:37+00:00
A developer named alicexbt has created a proof-of-concept python script to implement coinjoin using nostr, a decentralized network based on cryptographic keypairs. This implementation utilizes several Bitcoin Core wallet and RPC commands and requires the python-nostr library for coordination between peers. The process involves 5 peers coordinating to create, sign, and broadcast a coinjoin transaction. Each step of the process is published as an event using a nostr relay, and users can use multiple relays simultaneously to avoid trusting a single relay. However, there is a vulnerability of denial of service in the implementation, where a malicious user can register multiple outputs with the same secret, causing an ongoing free denial of service attack without attribution or defense.To address this issue, PR #24058 (basic support BIP-322) can be implemented to add proof of ownership. Instead of clients sending descriptors to the relay and then verifying them using `scantxoutset`, they can send `txid:out` with a message signed with the address, verify using `verifymessage`, and then use `gettxout` to retrieve the value. That way, only the owner can send the UTXO. The cryptographic scheme mentioned as an alternative to blind signatures isn't implemented yet, as it requires a NIP and at least one relay using it.The author plans to continue developing coinjoin transactions on signet for a few weeks until there is a stable release with no bugs. Custom relays are supported by Nostr, examples include paying a fee to register for a round, subscribing with a time limit, or using invite-only relays. The author will run a free and open nostr relay for this project and try to fix the DoS issues before a mainnet version is released for the python script (for nerds) and android app (for all users).The email is sent using Proton Mail secure email, and the author invites opinions on the experiment. The email thread is part of the bitcoin-dev mailing list hosted by lists.linuxfoundation.org. The author credits Fiatjaf, Andrew Chow, Jeff Thibault, and existing coinjoin implementations for their contributions. The author also mentions the creation of an Android app for joinstr in the coming week.Overall, the developer's message provides insights into a coinjoin implementation using Nostr, the challenges and limitations of the current system, and potential improvements to make it more secure. The email includes relevant links to GitHub repositories and provides event IDs and a Coinjoin transaction ID for reference.
Updated on: 2023-08-02T07:18:10.724897+00:00