witcher_sense
Legendary
 Online
Activity: 2338
Merit: 4336
🔐BitcoinMessage.Tools🔑
|
 |
May 10, 2022, 09:49:30 AM |
|
With Samourai, you can avoid this by running your own Dojo server. I'm not sure yet how it works with Sparrow. witcher_sense has said above that you can point Sparrow to your own Bitcoin Core instance, but I'm still not sure how it then communicates with the coinjoin coordinator and if it does so privately. If I had a real need to use Sparrow then I would look in to all of this, but at the moment I don't so I haven't bothered.
To retrieve UTXO information, you connect Sparrow Wallet directly to your bitcoin full node. No privacy leak here, except that all addresses of your hot wallet are stored in plain text on your computer. Unless malicious Samourai devs get access to your computer, they aren't going to determine which addresses are yours. But what about Whirlpool itself? Don't we need to share some information with a CoinJoin coordinator, which is known to be run by Samourai devs? Yes, we still need to give them inputs and outputs because this is how CoinJoin works. How much information can they collect about us? Actually, not so much. Like in the case of Wasabi wallet, they can learn that certain inputs belong to the same Tor-identity, that is, the same user. They still can't learn your IP address, and they still can't map inputs and outputs. Craig Raw, founder of Sparrow Wallet:
If you start to CoinJoin, all of the UTXO information is coming from the same source that it always did. Nothing goes to Samourai’s servers. The only UTXO information you send is to the coordinator, and that’s done according to the ZeroLink protocol, which basically ensures that your identity changes in the middle of the mix. In other words, the coordinator doesn’t know the identity of the client for the final mix transaction that goes out because the identity will actually change via Tor. We created a new Tor circuit in the middle of the mix to ensure that there’s a break in the way that the coordinator can see things. And that’s been well-researched and well understood. That’s a very important part of things is to ensure that the privacy of your UTXOs remains the same.
|
|
|
|
|
|
|
"You Asked For Change, We Gave You Coins" -- casascius
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
tomt1664
Newbie
 Offline
Activity: 11
Merit: 15
|
The thing about Mercury is that it doesn't obfuscate the history of the coins you receive, but rather swaps your history for someone else's history, and leaves no traces on the blockchain that this has happened.
Now that makes sense. This is both good and bad. As witcher said, it would help to make Bitcoin's transparency a less reiable source of information. Ideally. But realistically, if I swap my 'clean' history for a 'tainted' one, I may now be falling under other kind of trouble I would not have previously expected. Just imagine you used Mercury and all of the sudden you own the coin of which history is a large hack like Bitfinex. Now that is a BIG red flag on your back you have to get rid of. To me, Coin Joining and Mixing is definitely superior. While swapping history helps turning transparency into a less reliable source of information, Mixing and Coin Joining does much more than that. With any type of coinswap (mercury included), the users themselves will always have proof they they have been involved in a swap - which can be selectively revealed in order to deny ownership of the history - e.g. to law enforcement. The problem is that as the technique is under the radar and not well used, the 'transaction graph heuristic' is still used by chainanalysis, and people want to avoid suspicion attached to any coin history not theirs. But in the current mercury, withdrawal transactions are actually identifiable as mercury withdrawals on-chain (due to the withdrawal fee output). Therefore the anonymity set (on-chain) is all mercury withdrawals of a specific amount. Off-chain, the mercury server will know which coins have been swapped, but will not be able to link the transfer of ownership within swaps due to the blinded zero-link style swap protocol. This blog explains some of this in more detail: https://blog.commerceblock.com/bitcoin-privacy-and-tainting-coinjoins-and-coinswaps-meet-statechains-b0d6c1146a24 |
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18512
|
|
May 10, 2022, 07:37:41 PM |
|
-snip- Thanks. If all that is accurate, then it does indeed look good, and maybe comparable to running Samourai with your own Dojo server. I would still want to verify all that myself before I used it though. But in the current mercury, withdrawal transactions are actually identifiable as mercury withdrawals on-chain (due to the withdrawal fee output). I remember we discussed this before. What exactly is the fee that you charge? Can you link to a few examples of Mercury withdrawal transactions so we can see what exactly they look like? |
|
|
|
|
Pmalek
Legendary
Offline
Activity: 2758
Merit: 7137
|
|
May 11, 2022, 09:07:46 AM |
|
If every transaction in the blockchain is broadly known to be the result of a swap, it will be harder for a potential observer to find out who owns what, and who makes transactions with whom. If a robber is not sure you really have those coins, he is unlikely to make you a target. That would require a serious attitude change of the entire Bitcoin userbase and I am sure that is never going to happen. But even if it does at one point in the future, I don't see robbers going that deep into research to consider if their potential victim has or doesn't have the coins that their history shows they should possess. |
.
.BLACKJACK ♠ FUN. | | | ███▄██████
██████████████▀
████████████
█████████████████
████████████████▄▄
░█████████████▀░▀▀
██████████████████
░██████████████
█████████████████▄
░██████████████▀
████████████
███████████████░██
██████████ | | CRYPTO CASINO &
SPORTS BETTING | | │ | | │ | ▄▄███████▄▄
▄███████████████▄
███████████████████
█████████████████████
███████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
███████████████████████
█████████████████████
███████████████████
▀███████████████▀
███████████████████ | | .
|
|
|
|
ABCbits
Legendary
Offline
Activity: 2870
Merit: 7492
Crypto Swap Exchange
|
|
May 11, 2022, 11:45:23 AM |
|
If every transaction in the blockchain is broadly known to be the result of a swap, it will be harder for a potential observer to find out who owns what, and who makes transactions with whom. If a robber is not sure you really have those coins, he is unlikely to make you a target. That would require a serious attitude change of the entire Bitcoin userbase and I am sure that is never going to happen. The protocol (PayJoin[1]) already exist though. If more merchant use it as default option and more wallet support it[2], i expect some users will use it and some of them might not even realize their transaction use PayJoin. But even if it does at one point in the future, I don't see robbers going that deep into research to consider if their potential victim has or doesn't have the coins that their history shows they should possess.
I agree, it's more likely the robber use another means to obtain reliable information or simply seek more vulnerable target. [1] https://github.com/bitcoin/bips/blob/master/bip-0078.mediawiki[2] https://en.bitcoin.it/wiki/PayJoin_adoption#Software_Wallets |
|
|
|
|
|
PrimeNumber7
Copper Member
Legendary
Offline
Activity: 1624
Merit: 1899
Amazon Prime Member #7
|
|
May 12, 2022, 03:29:11 PM |
|
It is possible to trace CJ transactions and has been for quite some time. That might be true, but there is no denying that Wasabi coinjoins will be under much greater scrutiny than other coinjoins, since Wasabi are actively paying a blockchain analysis company to monitor their coinjoins and tell them if they have to censor any specific inputs. Are you sure they are giving a list of inputs to a blockchain analysis company, as opposed to getting a list of addresses/inputs that should be blacklisted that they can compare proposed inputs to? Even if it is the former, it would be unusual for a company to use data from their paying customers for other commercial purposes. The broad use of such tools as Mercury wallet or coin swap may help to make blockchain's transparency a less reliable source of information for undesirable observers. I completely agree, and I've said as much before - if everyone just started mixing their coins as their standard practice, then the concept of taint would disappear overnight and bitcoin would be completely fungible. Every centralized service would either have to accept any and all bitcoin, or go bankrupt. Bitcoin would be completely fungible, no one would end up with accounts being locked for arbitrary reasons, blockchain analysis companies would be useless, everyone would regain so much lost privacy, and the whole ecosystem would be far better off for it. Not necessarily. With the exception of CM, researchers have been able to trace inputs to outputs from all major mixers, and have published their results. CM uses countermeasures that would prevent inputs from being linked to outputs using methods described in public research, however, in theory, the inputs may be linked to outputs (assuming of course CM is not actively keeping track of inputs/outputs pairs and/or is some kind of honeypot). |
|
|
|
|
o_e_l_e_o
In memoriam
Legendary
Offline
Activity: 2268
Merit: 18512
|
|
May 12, 2022, 07:58:18 PM |
|
We are working on a new feature where the fee can be paid upfront before deposit, either via a LN payment or separate bitcoin tx, enabling users to have no on-chain link to mercury. Interesting indeed. So users will have the option to either hide the fact they are using Mercury if they don't want someone knowing that their coins haves been mixed/swapped, but can also make it obvious they have used Mercury if they don't want to be linked to the other user's history. Cool feature. I'll definitely check it out again sometime. Are you sure they are giving a list of inputs to a blockchain analysis company, as opposed to getting a list of addresses/inputs that should be blacklisted that they can compare proposed inputs to? No idea, and given how shady Wasabi have been about this whole thing, don't expect them to be honest and tell us. Any "privacy" firm coordinating with blockchain analysis firms is not to be trusted though, and especially not one which is actively using your coinjoin fees to pay blockchain analysis firms. Even if it is the former, it would be unusual for a company to use data from their paying customers for other commercial purposes. Lol what? Not sure if I've misunderstood you here or you are being incredibly naive? Pretty much every big business is monetizing your data, from Coinbase to Coinmarketcap, from Facebook to Google, from your health insurance provider to your streaming content provider. |
|
|
|
|
PrimeNumber7
Copper Member
Legendary
Offline
Activity: 1624
Merit: 1899
Amazon Prime Member #7
|
|
May 15, 2022, 12:53:24 PM |
|
Even if it is the former, it would be unusual for a company to use data from their paying customers for other commercial purposes. Lol what? Not sure if I've misunderstood you here or you are being incredibly naive? Pretty much every big business is monetizing your data, from Coinbase to Coinmarketcap, from Facebook to Google, from your health insurance provider to your streaming content provider. Not many people pay to use CMC, Facebook, nor Google. I am not sure how you think health insurance companies or Netflex are monetizing customer data. Netflix makes suggestions based on your viewing history, in part in an effort to get you to use their platform more, but that is hardly "monetizing" data. I am sure that health insurance companies use analytics to try to improve health outcomes, detect fraud, and find efficiencies. |
|
|
|
|
|
|
|
