Would it be wise to implement "stronger" anonymity in bitcoin ?
This has been asked before— and I think it's an important question. We shouldn't just assume that any feature is good.
After extensive consideration, I think I can answer this with an emphatic "Yes". Without good anonymity the fungibility of Bitcoin can be substantially degraded. The road to fungibility loss is paved with good intentions, but the end result makes Bitcoin less useful as money. "We're really sure that _this_ bitcoin was stolen" ... "We're quite confident that this person is bad" ... but if Bitcoin is to be trustworthy you must never have reason to feel that you'll wake up on the wrong side of a kafkaesq heuristic, or that you'll have to fight for what is rightfully yours even if there is due process, having to defend yourself means you already lost.
I believe that the ultimate social good that comes out of weaker anonymity for Bitcoin like activity is fairly limited: Bad-guys will generally figure out good ways around the lack of transaction anonymity, but still get caught based on their other activities even when transactions are strongly private. The harms from not having good anonymity— the losses of privacy, the danger to fungibility— hurt everyone.
Then there is the question of should it be in the system or outside of it. If we ignore the implementation cost, I think here again the answer is emphatically that it should be inside the system: Putting it outside greatly reduces its effectiveness. But right now implementation costs are non-trivial and so I don't think there is much of a question of including it in the system— and, if people build it outside of the system: we can't stop them even if we were to agree that it were a bad thing.
1) I think that in vivo experiment known as the Silk Road demonstrates, convincingly, that "properly used Bitcoin" has very strong anonymity.
Yes, it is not perfect, but so far, a motivated and resourceful attacker appears to be unable to "dox" a major, publicly known pseudonymous player.
2) If your concern is fungibility, then Zerocoin-like systems - not just this particular implementation with massive proofs and pruning issues, but basically any system that requires formation of "fixed-denomination" non-fungible "tokens" with fixed BTC value - would not appear to be acceptable solutions.
Since they outright
break fungibility
Besides, any system that involves special "anonymize me this 1.00 BTC" transaction types could hurt fungibility along the same lines as you describe (a cautious vendor might not accept a coin that is less than N transactions away from an obvious "anonymizing event")
Me?
I think that the problem of "banned coins" is more of a legal and social issue rather than a technological one.
And so far, bitcoin "ecosystem" has been handling this problem rather well, so perhaps it would be wise to refrain from fixing something that is, from available evidence, not broken.
So far, bitcoin has been choosing its fights fairly well, and gained a modicum of mainstream acceptance, including acceptance by regulatory authorities.
I am not convinced a "100% hardcore anon-coin" could enjoy such (even cash is relatively traceable,
one doesn't even have to be a government to track a paper note)
Also, there is the issue of current investors and supporters (miners, merchants, service providers) - many of them may suffer various degrees of inconvenience if bitcoin announces a "full anonymity protocol extension" since that might prompt their local authorities to take a much closer look at their business, which is something they might not entirely appreciate.
I am all for the world having a "full-anon decentralized cryptographic payment system".
But since I think such a system would have a harder time gaining mainstream acceptance, I am
not convinced that bitcoin should be this system.
Perhaps bitcoin should stay strongly pseudonymous, to facilitate... how to put it... backwards compatibility with various regulatory bodies ?
