Okay, here's all the payments that can be tracked from the two new participants of the Whirlpool coinjoin transaction:
Entrant 1: bc1q03c0443ausjjdxl2h6ud5m8c0dux0zyg3dqdj7 created 0.00170417 BTC in unmixed change sent to bc1q3fduld0l3r8nclyt5p3r7ak675tekurstn55tl. Since this UTXO is not private, the sats were marked as unspendable and have not been recovered by the wallet owner
Entrant 2: bc1qzc8zku26ej337huw5dlt390cy2r9kgnq7dhtys created 0.00191247 BTC in unmixed change sent to bc1qjlltxr443uy236wl4xhpxlr6dgsu0zltlv3m44. This UTXO was used in a second tx0 transaction, creating a huge trail of transactions that could be traced to each other
The 2nd tx0 transaction created 0.00076348 BTC unmixed change which was sent to bc1qehd7gy8rza9mnzm9wnfjhgw82rp47wmqt7vpgy
Since this unmixed change is below the .001 pool minimum, it was consolidated in a 3rd tx0 with 3 other addresses owned by the same wallet:31x8GPqrhzdaxiBJa9N5UisuoxbX1rAnHa
16Gw5WKjbxZmg1zhZQs19Sf61fbV2xGujx
3LZtsJfUjiV5EZkkG1fwGEpTe2QEa7CNeY
The 3rd tx0 transaction created .00200317 in unmixed change which was sent to bc1q2p7gdtyahct8rdjs2khwf0sffl64qe896ya2y5
This was spent in a 0.00190000 payment to 3B8cRYc3W5jHeS3pkepwDePUmePBoEwyp1 (a reused address)
That payment left .00008553 in change that was tracked to 3Dh7R7xoKMVfLCcAtVDyhJ66se82twyZSn and consolidated with two other inputs in a 4th tx0 transaction:
bc1qeuh6sds8exm54yscrupdk03jxphw8qwzdtxgde
3ByChGBFshzGUE5oip8YYVEZDaCP2bcBmZ
This 4th tx0 created .00533406 in unmixed change which was sent to bc1qzh699s75smwukg9jcanwnlkmkn38r79ataagd9 which was consolidated with 3 more addresses into a 5th tx0:
3F2qiWQJKQjF7XFjEo8FUYP3AU5AC6RqX8
3HAYYVKUpYbr2ARMdZJr9yVu8xi8UcxtPz
3GQtwwRK31wwCc22q6WS5sCgixUHsG5KaT
The 5th tx0 created 0.00058494 BTC in unmixed change that was sent to bc1qvh2zjcwwkj9y70xulla2semvlav3lty0p3l3w3
This was spent in a .00047290 payment to bc1qvzg8jq6wqtr5navn4e3ps4qrkk9r6n4h98gjck
That payment left .00008411 in change that was tracked to bc1qg6j0f0wfhpktt2l8uzdn48ct3um2xyur40eyzd and consolidated with another input into a 6th tx0 transaction:
31iZLXWfoywhuMZTPGxTkpzphzh2NXshpP
The 6th tx0 created .00753775 in unmixed change that was tracked to bc1qgfll2apc27yct6h2c8r8wq4kqhxjsfrudhhn5q
This was spent in a .00737000 payment to bc1q5emzer2t0sq5dez0zsrqgh6scvwn0n24xsladp (a reused address)
This payment left 0.00010896 BTC in change which has not been spent yet, but the payment only took place 11 days ago, so I assume it will eventually be spent, allowing the Whirlpool user to be tracked even further.
Why would you assume it is likely that most users would change all their default settings in their wallet that are required to become private?... Since Whirlpool coinjoins are only 5 inputs, 4 users who used the default settings will automatically deanonymize the remaining user who customized his settings to turn his client private.
Why would you assume users interested in privacy would not be running their own node?
I assume Samourai users aren't running their own node because Samourai is a mobile phone wallet application.
I can just leave my UTXOs in the pool for unlimited free remixes.
That's a critical design flaw:
Sybil attackers can get UNLIMITED FREE ATTACKS from just paying a one time fee.This is, once again, why WabiSabi coinjoins are strictly superior to Whirlpool coinjoins since you don't have to worry about honest users being used as unknowing and unwilling spies against you.
You can instead just rest safe in the knowledge that your coordinator is willingly being used to spy against you, and you are paying for the privilege. Lol.
How can the coordinator spy on you if all of your addresses are never linked to each other and your IP address is never revealed?
Again, this is a lie: No one knows that addresses and UTXOs belong to any single user because Wasabi masks this information with client side block filters and Tor by default.
Cool, I never said that. What I said that Wasabi "hands your addresses and UTXOs straight to a blockchain analysis surveillance company for investigation and approval."
Wasabi cannot hand your addresses and UTXOs to a blockchain analysis surveillance company because they do not have your xpub or IP address. Only Samourai collects this personal information about their users, so only Samourai can hand this information to blockchain analysis surveillance companies.
There's nothing you can do to stop someone from sending two transactions to the same address.
Can you make up your mind? First you say Wasabi doesn't reuse addresses, but then it's not your fault when Wasabi does reuse addresses?
You don't understand at all: Since Wasabi is
non custodial, that means
it would require a consensus fork on the entire Bitcoin network to prevent users from sending to an address twice.Here's the Bitcoin whitepaper again since you seemed to miss it the first time I posted it:
Everyone already knows you shouldn't reuse addresses, it's in the Bitcoin whitepaper:
As an additional firewall, a new key pair should be used for each transaction to keep them from being linked to a common owner. Some linking is still unavoidable with multi-input transactions, which necessarily reveal that their inputs were owned by the same owner. The risk is that if the owner of a key is revealed, linking could reveal other transactions that belonged to the same owner.
The transaction you linked isn't even a WabiSabi coinjoin and doesn't have a 4.39250624 BTC output.
Perhaps try reading what I wrote again before just blurting out your sound bites.
Perhaps link the correct transaction ID if you want anyone to analyze it.
You said you could trace users who were not the whale:
you don't need to be a "whale" at all in order to receive absolutely zero privacy from a Wasabi coinjoin.
4.39250624 is the largest output of the transaction, which is the whale
You are just posting nonsense trying to distract from the fact I proved you wrong by posting a non whale non matching output that you were not able to trace: bc1qrmmypw3g2ds4aqgh3nqc59qhdp9qk779x2zlru
So your argument boils down to "I can show you some examples which cannot be deanonymized, therefore all your examples of Wasabi coinjoins failing spectacularly are moot". Seriously?
Hey guys, only 5% of our cars randomly explode and kill the driver, so they are perfectly safe!
Okay then, I'll call your bluff again- Here's 20 non whale non matching outputs from WabiSabi coinjoins, try to identify the inputs owned by
even a single one of the 20 outputs (which would be 5%):
01 bc1q032caguldmlrrztmrwhv5wqveyywdu2rtmd740
02 bc1q6vgwhsfkg343mmh27vc6prg3clsd4xu3p68vyd
03 bc1qre8jjpu8p9taw8j44r39z56vfr4sw64d4wyaj4
04 bc1qarharg76gfcrvskfw46f67vtqzd6hxa9pnspp5
05 bc1q4sexgt2p96x3ytnjjttp59w6mkj00kedal3xze
06 bc1qwrf50wpjws5mhdg2rhdu5hy7nqdtl8z94lp75n
07 bc1qz0tal2udfpr20x793fdw6v8lzp2qze7z5zje64
08 bc1qqw2h7fa3n8vyxgqru664fmft2trl9sqh9kz3fp
09 bc1qsud748whmum4gpt2qu52z8gqlgzcjyvhd5w2a5
10 bc1qctvxddyvxupjj8w82m8w5grzn59arstlrnaauw
11 bc1qq2fl05cmmhkr3pzg8elyr859v2fpcltynrk2j5
12 bc1qvwkrd3aecrvql5j8mqkmketvw6g6qwzt4juprq
13 bc1qhc2565fac4lrgyfq6n0mzc0l86jeptfnv2um9x
14 bc1qat6445gutyl3qdz3zhmdng9cdt92mevjlvaljs
15 bc1qk5f3mz0fetccey4nyyjedlrmqstkz2hmun96ha
16 bc1q4tpvm378a9d4n0xcnjtwfwujtr8eatjzvru8dx
17 bc1qd5epyjpj6vuejdppj24wew5n4n5rzepjx2xnay
18 bc1qgafud63me5mffn00g90ch08jjn5h20umzwxd62
19 bc1q5u3f2ldrtqa7ea79a8hcd8kssgw2gmalk4uej9
20 bc1qa6n7g7r4j3nv78gzgzmuvg56em4guppckqpz7r