Skip to content

Instantly share code, notes, and snippets.


Block or report user

Report or block chris-belcher

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
chris-belcher /
Last active Oct 7, 2019
Design for improving JoinMarket's resistance to sybil attacks using fidelity bonds

Design for improving JoinMarket's resistance to sybil attacks using fidelity bonds



JoinMarket can be sybil attacked today at relatively low cost which can destroy its privacy. Bitcoins can be sacrificed with burner outputs and time-locked addresses (also called fidelity bonds), and this can be used to greatly improve JoinMarket's resistance to sybil attacks.

With real-world data and realistic assumptions we calculate that under such a fidelity bond system an adversary would need to lock up 30,000-80,000 bitcoins for months, or send 45-120 bitcoins to burner addresses to have a good chance of sybil attacking the system if it were added to JoinMarket.

chris-belcher /
Created Jul 13, 2019
Sybil attack success probability
#! /usr/bin/python3
##this file calculates the success probability of a sybil attack on the
# orderbook with fidelity bonds used in joinmarket
# see
from scipy.optimize import brentq
from time import time
from datetime import timedelta
chris-belcher /
Last active Aug 23, 2019
Financial mathematics of joinmarket fidelity bonds

Financial mathematics of JoinMarket fidelity bonds


To read the context see the main document Design for improving joinmarket's resistance to sybil attacks using fidelity bonds.

Valuing fidelity bonds

We want to come up with a mathematical formula which gives the value of a fidelity bond. We want this function to be in the best interests of takers who use it. We aim for them to get the best possible sybil resistance.

chris-belcher /
Last active Mar 29, 2019
DSPV Security - Miner-resistant design of lightweight bitcoin wallets

edit: this scheme has serious problems, see the comments

DSPV security - Miner-Resistant Design of Lightweight Bitcoin Wallets


What are lightweight wallets

Lightweight wallets are ones which are not full nodes. Lots of people use them because full nodes are costly: they cost time to setup/synchronize, education, disk space, bandwidth, RAM and a few other resources.

chris-belcher /
Last active Nov 3, 2019
Plan to improve the privacy of JoinMarket's tumbler script

Plan to improve the privacy of JoinMarket's tumbler script


JoinMarket has a tumbler application which aims to send bitcoins in a way that delinks the origin and destination.

I have some thoughts on how and why to improve the tumbler algorithm.

Feel free to bikeshed some of these parameters (averages, counts, etc), as my important points are about other stuff.

chris-belcher /
Last active Mar 15, 2019
JoinMarket with off-chain fees

JoinMarket with off-chain fees


Problem: Single JoinMarket coinjoins aren't private enough

A single JoinMarket coinjoin often doesn't hide which inputs belong to the maker(s) and which belong to the taker. This is because the coinjoin fee is included on-chain.

To tell apart takers' inputs from makers' inputs, subset matching can be used. The taker's subset is

chris-belcher /
Last active Jul 9, 2019
Notes on paying for liquidity for privacy tech: regarding JoinMarket and Wasabi Wallet

Notes on paying for liquidity for privacy tech: regarding JoinMarket, Wasabi Wallet and P2EP

December 2018

Lots of privacy tech in bitcoin like coinjoin, coinswap, tumblebit and Lightning Network require many entities to come together to agree to make certain kinds of transactions. This creates a requirement that the right resources (coins) have to be in the right place, at the right time, in the right quantity. This isn't a software or tech problem, its an economic problem of liquidity.

View relaybot.config
#Can override these defaults per-section.
#Twisted's default is 30 seconds.
#A single channel to join, or a list of channels: #a-bridged-channel,#some-other-channel
#Can change to allow more specialized behavior.
chris-belcher /
Last active Dec 18, 2017
View from
#copyright # Copyright (C) 2013,2015 by Daniel Kraft <> and phelix /
import base64
import httplib
import json
class JsonRpcError(Exception):
def __init__(self, obj):
self.code = obj["code"]
You can’t perform that action at this time.