Skip to content

Instantly share code, notes, and snippets.

Keybase proof

I hereby claim:

  • I am dangould on github.
  • I am nart (https://keybase.io/nart) on keybase.
  • I have a public key ASAuyI7eufmiPGgeNuQ-e2h6jpXlvLAOPoAl9pyrNMXdvAo

To claim this, I am signing this object:

@DanGould
DanGould / payjoin-mental-model-audit-0.7.0.md
Created May 23, 2023 02:12
payjoin-mental-model-audit-0.7.0

What is the Payjoin SDK and How does it work?

The Payjoin SDK/rust-payjoin is the most well-tested and flexible library for BIP 78 Payjoin and related privacy practices.

The primary crate, payjoin, is runtime-agnostic. Data persistence, chain interactions, and networking may be provided by custom implementations or copy the reference payjoin-client + bitcoind, nolooking + LND integration, or bitmask-core + BDK integrations.

The following is a breakdown of the existing documentation and its application to the payjoin-client reference implementation.

Send a Payjoin

@DanGould
DanGould / Serverless_Payjoin.mediawiki
Last active November 1, 2023 20:07
Serverless Payjoin - Receive surveillance-busting bitcoin transfers without hosting a secure endpoint


  BIP: ???
  Layer: Applications
  Title: Payjoin Version 2: Serverless Payjoin
  Author&#58; Dan Gould <d@ngould.dev>
  Status&#58; Draft
  Replaces&#58; 78
  Type&#58; Standards Track
  Created&#58; 2023&#45;08&#45;08
  License&#58; BSD&#45;2&#45;Clause

-----BEGIN PGP PUBLIC KEY BLOCK-----
mQGNBGUvDgsBDADCxJxC1u7Syo1JB85mT/St3S8moBssWFXr1TM/oUyKBY92lK/8
Y0hrUqlulYItK2V59HGrXZFiZIPc+1MlFhR747XhpX+g8un6OJxYC0tShA5OM8oj
eQrKcDyqtKyW8vsE8sjXYNDw5OvexsaiZMbaUiXsk5LS58cNQmF8gUp5twEOOQcV
xHj8ZaR9LLe37XR7eE+hcsOb7G8CHzr6DulSi1ARJRLcB++GlM20C8WpaT5CnetA
DmkxUgZKsRKn/NXazsjaJ407l46+H8uGvkvq72toCfk1foBFbScP6aR04W/zBFml
GM+pvX6gV8VH9Oh4imZ5NR5pZU/N7GiX6df1cteJR5FM11obNBnKPYFM2X0N7l93
SK2azir8hs5j+wfETmkit4d66QNBb3Dv4/CP+1IKv9Cx5ixyM6KyeSWCKO4uVlng
PBriQ8HUbc59Pj+jJ3MERT8+oU24NnMZQ1fopFEX8OQd0ETAKCG9MBijRavSu7HX
@DanGould
DanGould / quantify-payjoin-privacy.md
Last active February 28, 2024 19:49
Quantifying Payjoin Privacy

Quantifying Payjoin Privacy

Goals

  • bolster the assumption that bitcoin is fungible
  • escape Unnecessary Input Heuristic (UIH) & pre-tracked TXOs
  • avoid introducing new heuristics

Key

@DanGould
DanGould / uih-unnecessary-input-heuristic.md
Last active March 5, 2024 22:06
Uneccesary Input Heuristic (UIH) in Payjoin

Unneccesary Input Heuristic

PayJoins help bitcoin users preserve their privacy because they bring ambiguity into blockchain analysis. Today's PayJoins are blockchain entries that are many-input and 2-output transactions. So the fact that multiple users can contribute inputs to one transaction breaks [the oldest assumption in blockchain analysis]. Still, lesser known "unecessary input heuristics" identify potential PayJoins:

UIH 1: One output is smaller than any input; Assume that output is change

Today's PayJoin clients avoid creating transactions that conform to UIH 1. This heuristic assumption is usually right. The heuristic assumes wrong if the change output is of much higher value than the payment, which is unusual. BTCPayServer code will not create these types of transactions.

UIH 2: The largest output is funded without the smallest