- More scalable/faster than a blockchain (not enough utxos)
- Much better privacy security model than a blockchain
- Same or better theft security model than TTP but much worse than a blockchain
If it's so great, why hasn't it been done yet?
If it's so great, why hasn't it been done yet?
The goal of this protocol is for Bob to get Alice to perform a Diffie-Hellman key exchange blindly, such that when the unblinded value is returned, Alice recognizes it as her own, but can’t distinguish it from others (i.e. similar to a blind signature).
Alice:
A = a*G
return A
Bob:
Y = hash_to_curve(secret_message)
r = random blinding factor
# from target repo clone directory | |
# make sure you're in sync with origin | |
git checkout master | |
git fetch --all | |
git pull upstream master | |
# fetch PR to FETCH_HEAD | |
git fetch upstream pull/<PR#>/head | |
# double check the changes | |
git diff master FETCH_HEAD | |
# merge to master and push to upstream (github) |
Context | |
This third part is about known and potential attacks against the privacy provided by tools like coinjoin. | |
Known attacks & weaknesses | |
- Linkability of inputs and outputs | |
A good illustration of this attack is Coinjoin Sudoku (see (1) for details). |
L1 cache reference ......................... 0.5 ns
Branch mispredict ............................ 5 ns
L2 cache reference ........................... 7 ns
Mutex lock/unlock ........................... 25 ns
Main memory reference ...................... 100 ns
Compress 1K bytes with Zippy ............. 3,000 ns = 3 µs
Send 2K bytes over 1 Gbps network ....... 20,000 ns = 20 µs
SSD random read ........................ 150,000 ns = 150 µs
Read 1 MB sequentially from memory ..... 250,000 ns = 250 µs