Bitcoin Forum
June 13, 2021, 06:50:40 PM *
News: Latest Bitcoin Core release: 0.21.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 [31] 32 33 34 35 36 37 38 »
  Print  
Author Topic: CoinJoin: Bitcoin privacy for the real world  (Read 293622 times)
belcher
Sr. Member
****
Offline Offline

Activity: 261
Merit: 329


View Profile
May 08, 2015, 12:11:26 AM
Last edit: June 15, 2015, 06:11:35 PM by belcher
 #601

I'm pleased to announce the mainnet version of JoinMarket.

Expect glitches and a command line interface. But it works.

Here's some CoinJoins people have already done
https://blockchain.info/tx/601d9c15bc1edd2fe3e5c853ed111d11e9c0a5fb66c75571c7f10fa0d8ab23bb 5-party coinjoin
https://blockchain.info/tx/b85a3b563474ca98ba1809460e61a50053899c21f9869afb6a3a6d4b4cb00b7c 4-party coinjoin
https://blockchain.info/tx/e8b793b3464641df9404993c3101f81208b2d774f51a1ec748a608fbc9e22629 3-party coinjoin
https://blockchain.info/tx/665a9d7848cc0d28869ef866ca9a1117f20358e1e372dbbb01f1b75054584e70 3-party coinjoin

Only pocket change amounts for now, if anyone found an exploit bug they could theoretically clean out your wallet. My yield generator bot is running happily right now, I've already earned about 25000 satoshi.

I will be working on an Electrum plugin to make it easy to use. Electrum doesn't have a testnet version which is one reason we've moved to the mainnet now.

1HZBd22eQLgbwxjwbCtSjhoPFWxQg8rBd9
JoinMarket - CoinJoin that people will actually use.
PGP fingerprint: 0A8B 038F 5E10 CC27 89BF CFFF EF73 4EA6 77F3 1129
1623610240
Hero Member
*
Offline Offline

Posts: 1623610240

View Profile Personal Message (Offline)

Ignore
1623610240
Reply with quote  #2

1623610240
Report to moderator
1623610240
Hero Member
*
Offline Offline

Posts: 1623610240

View Profile Personal Message (Offline)

Ignore
1623610240
Reply with quote  #2

1623610240
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Mixles
Member
**
Offline Offline

Activity: 63
Merit: 10


View Profile
June 12, 2015, 12:13:32 PM
Last edit: June 14, 2015, 10:01:05 AM by Mixles
 #602

In order to further incentivize work in this space there is now a multisignature escrow bounty fund:

   3M8XGFBKwkf7miBzpkU3x2DoWwAVrD1mhk
                    (yes, Bitcoin addresses can also start with a 3)

This is a two-of-three multisignature escrow with myself, Theymos, and Pieter Wuille as signers. To release any coin sent to this address at least two of these people must sign the transaction.

The bounty fund will pay out as funds are available according to the signers best judgment for completed work proposed in this thread that furthers the goal of making improved transaction privacy a practical reality for Bitcoin users.

Please feel free to contribute to the above address to support work on this infrastructure.

I would like to make a claim on this fund for work done on Compact Confidential Transactions (subject to the ongoing peer review).

https://bitcointalk.org/index.php?topic=1085436.msg11597427

CoinJoin should 'just work' in this scheme, and has a similar interface to gmaxwell's Confidential Transactions for keeping participant's balances hidden from other participants.

Participants generate some random inputs, and same number of random outputs, to themselves with a zero sum, and ensure that they do not introduce any fuzz over/underflow, so the fee is fixed.

An alternative approach, is to let participants share only their fee delta, guaranteeing that everyone makes the same fee adjustment, in which case the number of outputs can also differ to the number of inputs for each participant.

If anyone puts in too much or too little, their sum, and the whole transaction sum, won't come out as zero and the transaction will be invalid.

Donations to 1SumKArxoEJ1HoGibmj8ygw1DZWYBvjmM
belcher
Sr. Member
****
Offline Offline

Activity: 261
Merit: 329


View Profile
June 16, 2015, 01:28:04 PM
 #603

In order to further incentivize work in this space there is now a multisignature escrow bounty fund:

   3M8XGFBKwkf7miBzpkU3x2DoWwAVrD1mhk
                    (yes, Bitcoin addresses can also start with a 3)

This is a two-of-three multisignature escrow with myself, Theymos, and Pieter Wuille as signers. To release any coin sent to this address at least two of these people must sign the transaction.

The bounty fund will pay out as funds are available according to the signers best judgment for completed work proposed in this thread that furthers the goal of making improved transaction privacy a practical reality for Bitcoin users.

Please feel free to contribute to the above address to support work on this infrastructure.

I would like to make a claim on this fund for work done on Compact Confidential Transactions (subject to the ongoing peer review).

https://bitcointalk.org/index.php?topic=1085436.msg11597427

CoinJoin should 'just work' in this scheme, and has a similar interface to gmaxwell's Confidential Transactions for keeping participant's balances hidden from other participants.

Participants generate some random inputs, and same number of random outputs, to themselves with a zero sum, and ensure that they do not introduce any fuzz over/underflow, so the fee is fixed.

An alternative approach, is to let participants share only their fee delta, guaranteeing that everyone makes the same fee adjustment, in which case the number of outputs can also differ to the number of inputs for each participant.

If anyone puts in too much or too little, their sum, and the whole transaction sum, won't come out as zero and the transaction will be invalid.


It looks like you might need to write some code, as the post says "for completed work proposed in this thread that furthers the goal of making improved transaction privacy a practical reality for Bitcoin users."

1HZBd22eQLgbwxjwbCtSjhoPFWxQg8rBd9
JoinMarket - CoinJoin that people will actually use.
PGP fingerprint: 0A8B 038F 5E10 CC27 89BF CFFF EF73 4EA6 77F3 1129
Mixles
Member
**
Offline Offline

Activity: 63
Merit: 10


View Profile
June 17, 2015, 02:36:34 AM
Last edit: June 17, 2015, 02:54:09 AM by Mixles
 #604

It looks like you might need to write some code, as the post says "for completed work proposed in this thread that furthers the goal of making improved transaction privacy a practical reality for Bitcoin users."

Just as well that it does not say "for completed code". Otherwise I would be going against the thing. In a knowledge economy, new knowledge (and new code) takes a lot of completed works. Anyway, the review is not complete yet so my claim might not be valid. And even if it is valid or invalid logically, the fund is ultimately at the discretion of two individuals. If they want to encourage or discourage this kind of research is up to them.

Donations to 1SumKArxoEJ1HoGibmj8ygw1DZWYBvjmM
phelix
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
October 29, 2015, 05:19:29 PM
 #605

In order to further incentivize work in this space there is now a multisignature escrow bounty fund:

   3M8XGFBKwkf7miBzpkU3x2DoWwAVrD1mhk
                    (yes, Bitcoin addresses can also start with a 3)

This is a two-of-three multisignature escrow with myself, Theymos, and Pieter Wuille as signers. To release any coin sent to this address at least two of these people must sign the transaction.

The bounty fund will pay out as funds are available according to the signers best judgment for completed work proposed in this thread that furthers the goal of making improved transaction privacy a practical reality for Bitcoin users.

Please feel free to contribute to the above address to support work on this infrastructure.

Multisig address construction details:
Code:
Key from Theymos:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Here is a public key of mine, usable for the CoinJoin bounty fund:
02d5f2b9c68b22006161dfe58a78b37dc2b577e8bb4e4522940830264eb3b3a38b
-----BEGIN PGP SIGNATURE-----

iF4EAREIAAYFAlISs5MACgkQxlVWk9q1kednkgD/WvE3F1hSoKHIr+y7q3O6xbGp
FM+P/lVbi/nZugrlNKABALMhYih2Ov80OS1PLMX9UpONn2eE2Xu+ZkxZ2SkQFfCU
=lFI0
-----END PGP SIGNATURE-----

Key from Gmaxwell:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Here is a public key of mine, usable for the CoinJoin bounty fund:
027b48575c15712867a8a1e6c9f52f510946130bbdf3b1e2feb344b8b68232ffb1
-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAlIbCV4ACgkQrIWTYrBBO/ooAgCdG9twTEFH5q+5Pip9qDOGsoww
a7YAoLfVP4CBaxk5mnpMXVHpQXqgVwxL
=k1JR
-----END PGP SIGNATURE-----

Key from Pieter:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
 
Here is a public key of mine, usable for the CoinJoin bounty fund:
0292782efcb08d621c360d055f407c8e75ffbbd06f6b7009c1432ca9eaa6732592
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
 
iQGcBAEBCAAGBQJSpLf6AAoJEI9lMlXIeZLgtRkL/3ufWgLyhTKM9T30JqA0a/Xh
5KUMD0csuxTMYraVOy9x7tRVZh+fETt4Y3clhErZj8g6VraC5ku+4pyHxtFztWor
N6QadkAvwuCAqmBxbAmb7hTq41eXjptzwqyUWh/z6YecBKeRIxIi/8LGqX/+gODd
GlKj66Ex27wgp9gJp/1Ot+hrTmmasxXAEjXYJTKr4LjJeajH/HJJQeCI6jTy4fdm
TsplX7rUgzhdZQ60malyn1MCmtdXRviWyWuAvKgpIaEMaZsFCSMfvNzUtKHiMv3n
HPxe9OAv1V2rdwU9oa7gxHLSvF7BER1XpWcA0UKTeD1w2/vzPZj3exDDHT8A35Ro
nhK6cJPYTdnzXLavpFqRD85R1G9W3rl4IzqfflXwWB2rRByyLROvrMfVG8iLMYP0
JcaB+8kttzqTa0vBiaosCvSbFZAfw2seyXxxF5anH4Q0ueMJKglLp6rE/51s1bQa
Hz6rsSAAdvx/OSCitKp1+JMzSKA/SwNMRUy4VqKQ4g==
=70Dh
-----END PGP SIGNATURE-----

2-of-3 Address construction:
$ bitcoind createmultisig 2 '["02d5f2b9c68b22006161dfe58a78b37dc2b577e8bb4e4522940830264eb3b3a38b","027b48575c15712867a8a1e6c9f52f510946130bbdf3b1e2feb344b8b68232ffb1","0292782efcb08d621c360d055f407c8e75ffbbd06f6b7009c1432ca9eaa6732592"]'
{
    "address" : "3M8XGFBKwkf7miBzpkU3x2DoWwAVrD1mhk",
    "redeemScript" : "522102d5f2b9c68b22006161dfe58a78b37dc2b577e8bb4e4522940830264eb3b3a38b21027b48575c15712867a8a1e6c9f52f510946130bbdf3b1e2feb344b8b68232ffb1210292782efcb08d621c360d055f407c8e75ffbbd06f6b7009c1432ca9eaa673259253ae"
}

Would this suite Joinmarket? https://bitcointalk.org/index.php?topic=919116
dooglus
Legendary
*
Offline Offline

Activity: 2926
Merit: 1310



View Profile
October 29, 2015, 05:26:45 PM
 #606

The bounty fund will pay out [...] for completed work proposed in this thread that furthers the goal of making improved transaction privacy a practical reality for Bitcoin users.

Would this suite Joinmarket? https://bitcointalk.org/index.php?topic=919116

Was the work proposed in this thread?

If so, JoinMarket definitely qualifies.

Just-Dice                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   Play or Invest                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   1% House Edge
phelix
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
October 29, 2015, 05:39:56 PM
 #607

The bounty fund will pay out [...] for completed work proposed in this thread that furthers the goal of making improved transaction privacy a practical reality for Bitcoin users.

Would this suite Joinmarket? https://bitcointalk.org/index.php?topic=919116

Was the work proposed in this thread?
I guess only gmaxwell knows the answer to this question. In my eyes Joinmarket is going further than what has been suggested in this thread as it adds the incentive necessary for CoinJoin to actually go somewhere.

tommorisonwebdesign
Sr. Member
****
Offline Offline

Activity: 448
Merit: 250



View Profile
October 30, 2015, 08:24:30 PM
 #608

It is definitely an interesting idea. I would definitely like to see am implementation of the concept coded and implemented.

Signatures? How about learning a skill... I don't care either way. Everybody has to make a living somehow.
dooglus
Legendary
*
Offline Offline

Activity: 2926
Merit: 1310



View Profile
October 30, 2015, 11:17:57 PM
 #609

It is definitely an interesting idea. I would definitely like to see am implementation of the concept coded and implemented.

Check out JoinMarket.

It's an implementation of the concept coded and implemented.

Just-Dice                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   Play or Invest                 ██             
          ██████████         
      ██████████████████     
  ██████████████████████████ 
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
██████████████████████████████
    ██████████████████████   
        ██████████████       
            ██████           
   1% House Edge
tailsjoin
Newbie
*
Offline Offline

Activity: 12
Merit: 0


View Profile WWW
October 31, 2015, 02:55:26 AM
 #610

I can't see any reason for why JoinMarket development shouldn't be give some or all of this fund.
bassmaster
Copper Member
Newbie
*
Offline Offline

Activity: 21
Merit: 3


View Profile
November 16, 2015, 01:22:50 AM
 #611

+1 for JoinMarket (and perhaps TailsJoin getting a small percentage as well)

Would love to have gmaxwell take a look at the implementation and provide feedback.
ABISprotocol
Sr. Member
****
Offline Offline

Activity: 278
Merit: 250

ABISprotocol on Gist


View Profile WWW
January 07, 2016, 02:46:02 AM
 #612

Probably nobody will care, but....

1) https://github.com/bitcoin/bitcoin/issues/3226#issuecomment-164755098

2) https://github.com/bitcoin-dot-org/bitcoin.org/pull/1129#issuecomment-155241130

Cheers

ABISprotocol (Github/Gist)
http://abis.io
ABISprotocol
Sr. Member
****
Offline Offline

Activity: 278
Merit: 250

ABISprotocol on Gist


View Profile WWW
January 25, 2016, 06:18:15 AM
 #613

I'm pleased to announce the mainnet version of JoinMarket.

Expect glitches and a command line interface. But it works.

(...)

I will be working on an Electrum plugin to make it easy to use. Electrum doesn't have a testnet version which is one reason we've moved to the mainnet now.

At this point, do you have an Electrum plugin?  If so, where to go to find it?
Am assuming at this point, it's probably here..
https://github.com/JoinMarket-Org/joinmarket/issues/44
and also
https://github.com/JoinMarket-Org/joinmarket/tree/electrum-plugin
If there's a particular file that needs attention/work pls. advise.

ABISprotocol (Github/Gist)
http://abis.io
belcher
Sr. Member
****
Offline Offline

Activity: 261
Merit: 329


View Profile
January 25, 2016, 11:08:56 AM
 #614

The electrum plugin would work by having a sidecar daemon that the plugin sends transaction information to and obtains an unsigned coinjoin transaction. The files are electrum-plugin-daemon.py and electrum-plugin.py, although that branch is probably quite stale.

1HZBd22eQLgbwxjwbCtSjhoPFWxQg8rBd9
JoinMarket - CoinJoin that people will actually use.
PGP fingerprint: 0A8B 038F 5E10 CC27 89BF CFFF EF73 4EA6 77F3 1129
mamadmankan
Member
**
Offline Offline

Activity: 73
Merit: 10


View Profile
January 25, 2016, 04:26:26 PM
 #615

IMHO, it could be used as a load balancing device for a system with a fixed block size limit. CoinJoins happen automatically to help compress more transactions into the available block space. This could provide a good argument against a scheme with a continuously variable block size, or to a scheme with no limit at all (although I don't think anyone has yet made any serious proposal for the latter). It also illustrates that CoinJoin really is just that, joining inputs and outputs into single transactions, regardless of the utility you're seeking from doing so.
marcus_of_augustus
Legendary
*
Offline Offline

Activity: 3570
Merit: 1755



View Profile
January 25, 2016, 11:12:12 PM
 #616

IMHO, it could be used as a load balancing device for a system with a fixed block size limit. CoinJoins happen automatically to help compress more transactions into the available block space. This could provide a good argument against a scheme with a continuously variable block size, or to a scheme with no limit at all (although I don't think anyone has yet made any serious proposal for the latter). It also illustrates that CoinJoin really is just that, joining inputs and outputs into single transactions, regardless of the utility you're seeking from doing so.

Interesting. What is the effective 'compression' of doing several individual TX versus a single CoinJoin containing the same TXs?

Carlton Banks
Legendary
*
Offline Offline

Activity: 3108
Merit: 2479



View Profile
January 25, 2016, 11:50:37 PM
 #617

IMHO, it could be used as a load balancing device for a system with a fixed block size limit. CoinJoins happen automatically to help compress more transactions into the available block space. This could provide a good argument against a scheme with a continuously variable block size, or to a scheme with no limit at all (although I don't think anyone has yet made any serious proposal for the latter). It also illustrates that CoinJoin really is just that, joining inputs and outputs into single transactions, regardless of the utility you're seeking from doing so.

Interesting. What is the effective 'compression' of doing several individual TX versus a single CoinJoin containing the same TXs?

There's a fair proportion of header/data for single output -> pair of outputs, but mamadmankan is only identifying the first steps in the line of thinking that led to stuff like SegWit and Lightning.

Vires in numeris
Dabs
Legendary
*
Offline Offline

Activity: 2982
Merit: 1622


The Concierge of Crypto


View Profile
May 15, 2016, 03:41:21 AM
 #618

Sorry for bumping this thread ... I'm just curious.

...

3M8XGFBKwkf7miBzpkU3x2DoWwAVrD1mhk

...

The bounty fund will pay out as funds are available according to the signers best judgment for completed work proposed in this thread that furthers the goal of making improved transaction privacy a practical reality for Bitcoin users.

If JoinMarket did not qualify, and CoinShuffle (or ShuffleCoin?) did not also qualify, what would do it? Does it have to be completely decentralized? Can it be something that relies on a "super-node" or even a third party website, bot or api? (Someone collects possible transactions and makes everyone sign it once a day or once an hour or something.)

How do you define "practical reality for Bitcoin users"?

Did I miss any other attempts at implementing this aside from CoinShuffle and JoinMarket?

waxwing
Sr. Member
****
Offline Offline

Activity: 469
Merit: 250


View Profile
May 15, 2016, 05:23:14 AM
 #619

Sorry for bumping this thread ... I'm just curious.

...

3M8XGFBKwkf7miBzpkU3x2DoWwAVrD1mhk

...

The bounty fund will pay out as funds are available according to the signers best judgment for completed work proposed in this thread that furthers the goal of making improved transaction privacy a practical reality for Bitcoin users.

If JoinMarket did not qualify, and CoinShuffle (or ShuffleCoin?) did not also qualify, what would do it? Does it have to be completely decentralized? Can it be something that relies on a "super-node" or even a third party website, bot or api? (Someone collects possible transactions and makes everyone sign it once a day or once an hour or something.)

How do you define "practical reality for Bitcoin users"?

Did I miss any other attempts at implementing this aside from CoinShuffle and JoinMarket?

Coinshuffle is really an enhancement protocol on top of any coinjoin implementation, it's not a coinjoin implementation itself. There hasn't as yet been an implementation using it (correct me if I'm wrong), so from that point of view the question doesn't apply to coinshuffle, although Mycelium are currently working on one.

PGP fingerprint 2B6FC204D9BF332D062B 461A141001A1AF77F20B (use email to contact)
schnuber
Member
**
Offline Offline

Activity: 96
Merit: 10


View Profile
May 20, 2016, 04:18:13 PM
 #620

I have a question:
When I am doing a transaction and I send my signed tx to the network. Could someone else take that transaction and add a additional signed input to the tx. So this would mean that my tx gets coinjoined without my approval, would that be accepted by the network?

Greets
Pages: « 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 [31] 32 33 34 35 36 37 38 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!