I feel like JoinMarket might be a dead end precisely due to what CoinShuffle claims to solve.
That is remarkably inexplicable to me. JM is very actively developed by a community of developers. It was created with basically no anti-DOS mechanisms, though the original CJ post (technically the "appendix" post I made right below it) went over several different anti-DOS mechanisms, because it's perfectly reasonable to get something working before making it strong-- especially since JM's main motivation is gumming up automated analysis more than itself providing strong privacy.
But it's quite straight-forward to add in strong anti-DOS and better privacy, on top of a working and vibrant system; doubly so in that the coinshuffle description provides no special structural immunity to those dos attacks: the same anti-dos mechanisms are needed. You shouldn't let that fact that a single person in the JM space is advocating one anti-dos method that would harm casual usage as at all indicative of ... well, anything.
Hi gmaxwell,
you and the joinmarket team helped me a lot to get this far with my joinmarket proxy and I feel bad for "betraying" you by saying negative things about JM maybe blind to CS having the same problems but as far as I understand it, JM does not aim to avoid the taker from learning the matching, which is at best a short cut to achieve some degree of mixing and at worst makes the whole endeavor of mixing pointless, as interested parties will inevitably outbid others just to get a glimpse at the matching. And they can do this under the radar, as knowing some UTXOs will help them to know a lot of the mixing without constantly probing every maker actively.
As far as I understand, in CS there is no obvious way to learn any matching as long as there are fair players at all. It allows you to single out the DOS players and that leaves the disruptors to spying, where they can only decrease the privacy probabilistically, to the point of learning one user's matching if they totally eclipse attack him. But as all would pay their share of the fee and makers can't earn from it, this would force attackers to provide activity that others would take for legit activity and use this great tool, which in turn would make the attacker fail to single out all honest players all the time.
In JM with its asymmetric structure with makers not actually caring about their privacy and having an incentive to share data among them, I also see the incentives aligned against anonymity.