Author: Max Hillebrand 2022-03-30 11:57:47
Published on: 2022-03-30T11:57:47+00:00
The WabiSabi coinjoin allows users to pay arbitrary amounts of bitcoin so that the sender doesn't learn the receiver's address/output and the receiver doesn't learn the input of the sender. Users who are both online and have a direct communication channel can use this method. The sender registers an input with a third-party WabiSabi coordinator in exchange for a keyed-verified-anonymous-credential (KVAC). The sender can present the credential and request a reissuance of two new credentials worth different amounts, which the coordinator does not learn.After giving the credential to the receiver, the sender can no longer present it, and the coordinator ensures double spending protection. During output registration, the sender registers his "payment change outputs," which can be decomposed into multiple outputs by the client side. The receiver presents his KVACs and registers his desired output addresses directly with the coordinator. After output registration, the coordinator aggregates the PSBT with all registered inputs and outputs and presents the unsigned coinjoin transaction to all Alices. If the response is ACK, then the sender signs for his inputs and registers the signatures with the coordinator.The sender never learns the address of the receiver, and the receiver never learns the inputs or change outputs of the sender. The coordinator cannot differentiate users who make self-spends from those who do payments; this is entirely client-side. The sender still knows the amount of bitcoin of the credential that he passed on to the receiver. However, the receiver can likewise register inputs with the coordinator in the same round, providing the desired anonymity set.A blinded coinjoin coordinator is a PSBT whiteboard where users purchase eCash tokens by registering inputs, and users spend eCash tokens to register outputs. Users can self-spend the eCash to increase anonymity set of those access rights. The user can make an actual eCash "payment" to someone else, effectively abdicating the right to register outputs. If the final coinjoin has a sufficient number of inputs and outputs to provide effective blockchain ambiguity, then the resulting payment has breathtaking privacy guarantees.
Updated on: 2023-05-22T18:42:12.429911+00:00