Is a "safely compliant" (semi-)centralized CoinJoin service possible?

[d5000]

I think everybody and their grandma has now already heard of the Samourai case.

I was thinking about if a service which could make CoinJoins easier would be possible in a totally compliant way, without any danger of it to be considered a "money transmitter" by any authority. (I still think the American authorities are wrong with Whirlpool being a "money transmitter", but I haven't seen the code, so I can't be sure.)

First, what do we need to build a CoinJoin facilitating service? First, some kind of storage for a pool of UTXOs which are available for CoinJoins. I guess Whirlpool did this in a centralized way on its server. But in theory this could be done by the users themselves: from the moment on they offer their own UTXO, they can get informations about other UTXOs which are available. (This is actually how JoinMarket seems to work afaik. But Joinmarket is not what I'm asking for - I'm thinking about a model to create a centralized service which could offer a fee but would be easier to use than JoinMarket.)

So the UTXOs would circulate in a P2P network completely independent from the centralized server.*

Second part would be the entity "building" the CoinJoin transactions. This could also happen in the P2P network. So basically, once an user sees enough UTXOs to form a CoinJoin, he uses let's say 5 or 10 UTXOs from this decentralized pool and builds his transaction, signs it and broadcasts it inside the P2P network, so all peers which have contributed UTXOs can sign it.

What can the centralized server do to make CoinJoins easy? As far as I have understood JoinMarket, you need a full node to participate there because otherwise there are security concerns, and thus it's limited to a relatively small and wealthy Bitcoin user group.

So the centralized server thus could simply offer you this service: a trusted Bitcoin Core node you can connect to and you can query as if it was your own Bitcoin Core node. So every user can always be sure that the UTXOs he uses for his CoinJoin transaction are really there.

Such a service would be able to charge a (low) fee, for example for a kind of API subscription, but would not be a money transmitter in any way as it's not at all involved in the creation of transactions.

This would make a JoinMarket-style CoinJoin network possible where users could participate with their SPV wallets (Electrum, Sparrow et al.).

Am I missing something? Does such a service perhaps already exist?


*Yes, chain analysis companies could of course use this P2P network too, but this would happen to all CoinJoin models.

[DaCryptoRaccoon]

I think something like a decentralized network where users could engage in privacy-enhancing transactions without the risk of running afoul of regulatory bodies is needed.  Given the situations with Samourai and Whirlpool and the scrutiny it faced it's crucial to brainstorm a structure that avoids being labeled as a money transmitter

The first challenge is managing the pool of UTXOs that users wish to mix.

Instead of a central server holding this info (which could draw legal and security concerns)why not let the users themselves manage their UTXOs in a peer-to-peer manner?

Distributed Hash Table? Utilize a DHT to store and retrieve UTXO information, each UTXO can be indexed by a hash derived from its attributeswhich could include the transaction ID and output index, masked with a privacy-preserving algorithm to prevent tracking

Adding a gossip protocol to propagate UTXO information across the network.  This ensures redundancy and availability of UTXO data without relying on a central server.  It would also be possible to use cryptographic commitment schemes to ensure that UTXO data remains confidential until participants are ready to reveal them. This can prevent premature exposure of UTXO details.

Apply homomorphic encryption to allow certain computations to be carried out on UTXOs, such as verification of amounts and eligibility, without revealing the underlying values.

Multi-Party Computation could be used for constructing the transaction where each participant computes a part of the transaction without revealing their inputs to others.  This can be crucial for maintaining the confidentiality of which inputs and outputs belong to whom.

Just some ideas 

[ABCbits]

This would make a JoinMarket-style CoinJoin network possible where users could participate with their SPV wallets (Electrum, Sparrow et al.).

Am I missing something? Does such a service perhaps already exist?

https://joinstr.xyz somewhat match idea you described.

[d5000]

https://joinstr.xyz somewhat match idea you described.

Looks really interesting, thank you! It seems however still not be ready for mainnet, but definitely a solution which is worthy to observe.

snip

Some good ideas here, thanks! Yes, what I had thought about was that users manage the UTXOs in a P2P manner. But my question was in reality if you could build a compliant business model with such an idea.

I don't know how many of those technologies you mentioned (DHT, gossip, homomorphic encryption/multiparty computation) are already implemented in JoinMarket and Joinstr. Specificly homomorphic encryption and multiparty computation could be a game-changer if that part is still lacking, because they would allow a similar level of privacy than a trusted centralized service.

My main doubt was about the need of a full node. JoinMarket requires it, Joinstr seems not, so it may already fit the idea of the service I had in mind. Possible business model could include to act as a market maker or even as a specialized Nostr relay maybe.