1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
|
Return-Path: <ZmnSCPxj@protonmail.com>
Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])
by lists.linuxfoundation.org (Postfix) with ESMTP id D38FAC016F
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 10 Jun 2020 07:09:12 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by whitealder.osuosl.org (Postfix) with ESMTP id C2F6E81F27
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 10 Jun 2020 07:09:12 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from whitealder.osuosl.org ([127.0.0.1])
by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id c2z4uuXKQKcV
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 10 Jun 2020 07:09:10 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from mail-40132.protonmail.ch (mail-40132.protonmail.ch
[185.70.40.132])
by whitealder.osuosl.org (Postfix) with ESMTPS id 766038060A
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 10 Jun 2020 07:09:10 +0000 (UTC)
Date: Wed, 10 Jun 2020 07:09:04 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com;
s=protonmail; t=1591772948;
bh=0DLcaw7jPbNOG2W5n61XY17qtVOoLcaQd4IBv4uwnto=;
h=Date:To:From:Cc:Reply-To:Subject:In-Reply-To:References:From;
b=YQ69oaSxwlz8uzeHkdWADtfU0ukeBlsGjYOeP/jCPqUMyE2EBVvBUT03NMtkZ7V8b
wsyFGZCzsKA1wV4INGHKcyu8W0/00+h8eC/S8+q5BWz34foM3cemMnh2T6BRIzqmuA
pndUZf1v5ZhjVZh8jHDV/ts2fk1WyfqRENKzoERk=
To: "Mr. Lee Chiffre" <lee.chiffre@secmail.pro>,
Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
From: ZmnSCPxj <ZmnSCPxj@protonmail.com>
Reply-To: ZmnSCPxj <ZmnSCPxj@protonmail.com>
Message-ID: <V-w3Jx5ssSZ1Ch5GEiJJjI12U1qmnlyCsET6JjsDAkl2yC6iJ7DK52mshe0F7wOAjK8vrbSeqRijC3QFRyl1FuGe41xcmYfgC6s7e7H_AQg=@protonmail.com>
In-Reply-To: <5b77933071fa02e900183d8d5e24d866.squirrel@giyzk7o6dcunb2ry.onion>
References: <82d90d57-ad07-fc7d-4aca-2b227ac2068d@riseup.net>
<5b77933071fa02e900183d8d5e24d866.squirrel@giyzk7o6dcunb2ry.onion>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Subject: Re: [bitcoin-dev] Design for a CoinSwap implementation for
massively improving Bitcoin privacy and fungibility
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Jun 2020 07:09:12 -0000
Good morning Mr. Lee,
> > =3D=3D=3D Combining multi-transaction with routing =3D=3D=3D
> > Routing and multi-transaction must be combined to get both benefits. If
> > Alice owns multiple UTXOs (of value 6 BTC, 8 BTC and 1 BTC) then this i=
s
> > easy with this configuration:
> >
> > Alice
> > (6 BTC) (8 BTC) (1 BTC)
> > | | |
> > | | |
> > v v v
> > Bob
> > (5 BTC) (5 BTC) (5 BTC)
> > | | |
> > | | |
> > v v v
> > Charlie
> > (9 BTC) (5 BTC) (1 BTC)
> > | | |
> > | | |
> > v v v
> > Dennis
> > (7 BTC) (4 BTC) (4 BTC)
> > | | |
> > | | |
> > v v v
> > Alice
> >
>
> Great work Chris and you have my respects for your contributions to
> Bitcoin. A concern I have with bitcoin is scalability and privacy. Both
> are important. The reasons people bash on Monero is also the same issue
> Bitcoin has. The very large transaction size to achieve acceptable privac=
y
> on a distributed financial network. Im not shilling Monero here. I am onl=
y
> saying that bitcoin transactions with similar privacy properties are at
> least equally as large as Monero transactions. Coinjoin on Monero can be
> compared to ring signatures in Monero from the view of using decoys to
> help conceal the source. From this proposal is this to say that
> transactions will be at least 12 times larger in size to achieve the
> property of privacy that bitcoin is currently missing?
CoinSwap lets you buy privacy at whatever rate is manageable for you.
You can buy a simple non-routed non-multitransaction CoinSwap, for example,=
instead of larger sections like the above, depending on your privacy needs=
.
Even doing a non-routed non-multitransaction CoinSwap would help fungibilit=
y of those doing more complex setups, because the tiny CoinSwaps you make a=
re made of "the same things" that the more complex CoinSwaps are made of.
>
> Another thing to consider is that if coinswaps cannot be sent as a paymen=
t
> then a coinswap needs to take place after every transaction to keep the
> privacy and unlinkability from your other bitcoin transactions.
>
> I always thought that CoinSwap would be and is a very much needed thing
> that needs developed. The ability to swap coins with other people in a
> trustless way and way that is not linkable to the public blockchain. But
> how can this be scalable at all with the multiple branches and layers?
> This is a good idea in theory but my concern would be the scalability
> issues this creates.
>
> Do you have any comments on this?
> Thank you
Overall, multiple mixing techniques cover a wide range of cost and privacy.
* PayJoins are cheap and almost free (you are coordinating with only one ot=
her participant who is strongly incentivized to cooperate with you, and mak=
ing a single overall tx) but buys you only a small dollop of privacy (trans=
action can be misinterpreted by chain analysis, but probabilistic analysis =
can be "reasonably accurate" for a few transactions).
* Equal-valued CoinJoins are slightly more expensive than PayJoins but give=
a good amount of privacy (you are coordinating with multiple participants,=
and probably paying coordination/participation fees, but *which* output is=
yours will give probabilistic analysis a run for its money, although it is=
obvious that you *did* participate in a CoinJoin).
* CoinSwaps are a good bit more expensive than equal-valud CoinJoins but gi=
ve a significant amount of privacy for their cost (you are coordinating wit=
h multiple participants and paying coordination/participation fees *and* yo=
u run the risk of getting your funds timelocked in case of network communic=
ations problems or active hacking attempts, but it is hard for chain analys=
is to even *realize* that a CoinSwap even occurred, i.e. it is steganograph=
ic).
Chris argues that CoinSwap gives better privacy:cost ratios than equal-valu=
ed CoinJoins, you can wait and see if he gives more supporting arguments re=
garding this, but overall the various mixing tech exists to give choice on =
how much privacy you buy.
Regards,
ZmnSCPxj
|