You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Problem: Single JoinMarket coinjoins aren't private enough
A single JoinMarket coinjoin often doesn't hide which inputs belong to the maker(s) and which belong
to the taker. This is because the coinjoin fee is included on-chain.
To tell apart takers' inputs from makers' inputs, subset matching can be used. The taker's subset is
DSPV Security - Miner-resistant design of lightweight bitcoin wallets
edit: this scheme has serious problems, see the comments
DSPV security - Miner-Resistant Design of Lightweight Bitcoin Wallets
2019/03/21
What are lightweight wallets
Lightweight wallets are ones which are not full nodes. Lots of people use them because full nodes are costly: they cost time to setup/synchronize, education, disk space, bandwidth, RAM and a few other resources.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
How Wasabi Wallet and Samourai Wallet slightly degrade the divisibility of bitcoin
How Wasabi Wallet and Samourai-Wallet-Whirlpool slightly degrade the divisibility of bitcoin
December 2018
I made this claim on twitter
recently and many people wanted me to go into more detail.
Lots of privacy tech in bitcoin like coinjoin, coinswap, tumblebit and Lightning Network
require many entities to come together to agree to make certain kinds of transactions.
This creates a requirement that the right resources (coins) have to be in the right place,
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Design for improving JoinMarket's resistance to sybil attacks using fidelity bonds
Design for improving JoinMarket's resistance to sybil attacks using fidelity bonds
13/7/2019
tl;dr
JoinMarket can be sybil attacked today at relatively low cost which can destroy its privacy. Bitcoins can be sacrificed with burner outputs and time-locked addresses (also called fidelity bonds), and this can be used to greatly improve JoinMarket's resistance to sybil attacks.
With real-world data and realistic assumptions we calculate that under such a fidelity bond system an adversary would need to lock up 30,000-80,000 bitcoins for months, or send 45-120 bitcoins to burner addresses to have a good chance of sybil attacking the system if it were added to JoinMarket.
JoinMarket release 0.2.0 ameliorates this snooping attack.
Edit 14/09/2016
JoinMarket release 0.2.0 ameliorates this snooping attack.
It is a protocol-breaking change so everyone must update which we anticipate may take some time.