Author: Yuval Kogman 2019-12-29 03:31:48
Published on: 2019-12-29T03:31:48+00:00
In a bitcoin-dev email thread, nopara73 responded to the combinatorics and proof sections of a document about CoinJoin-based privacy called "The Breaking of Mixing Secrets". Nopara73 questions the premises and implications of the document, particularly regarding the difficulty of deanonymization, stating that the quantitative framing is potentially misleading due to various computational strategies, heuristics, etc. which can make this more efficient than brute force. Additionally, they express concern about perspectives that focus on linkability information revealed by a single coinjoin transaction in isolation, arguing that analyzing exposure is complicated by unequal amounts. Nopara73 mentions Cash Fusion, which extends obfuscation further by allowing players to bring many inputs and outputs, but still has the problem of "toxic waste". They express cautious optimism about multiple inputs/outputs per user with small popcounts/Hamming weights and mention how overhead could potentially be mitigated with OP_CHECKTEMPLATEVERIFY and Taproot. Finally, Nopara73 questions the proof and its applicability, as it involves trusting the server, and expresses doubt about the privacy of mixing based on a dubious hardness assumption and a computationally bounded adversary.
Updated on: 2023-06-13T22:57:36.736238+00:00