From: Ben Carman <benthecarman@live•com>
To: alicexbt <alicexbt@protonmail•com>,
Bitcoin Protocol Discussion
<bitcoin-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] Coinjoin with less steps using ALL|ANYONECANPAY
Date: Mon, 22 May 2023 22:51:49 +0000 [thread overview]
Message-ID: <SJ1P223MB0531D7D62140F0516A25897AA1439@SJ1P223MB0531.NAMP223.PROD.OUTLOOK.COM> (raw)
In-Reply-To: <EWAXAmgFlZ8XQJOYO8VTH7Zj0tTAftwy-ylaGvf3Giealz1FFb97CbcxjP0q-Zu85XoAzOG0ivdYIKa_kG77ooHqBvCP7YOZOkb6yHmX75s=@protonmail.com>
[-- Attachment #1: Type: text/plain, Size: 2217 bytes --]
The problem with using ALL|ANYONECANPAY is that you cannot verify beforehand that the other inputs are the inputs you want added to the transaction.
Some examples of bad things that could happen:
* Coordinator adds its own inputs, you still get your outputs but effectively paid fees for no privacy gain
* The inputs added could be paying at a lower fee rate than expected, causing the tx to take longer than what you paid for
* Different input types or amount are added so you no longer have the same uniformity across the inputs
* (if you care) An input from a sanctioned address is added, causing you to get "tainted" coins.
This is the code in ln-vortex that verifies the psbt on the client side if you are curious
https://github.com/ln-vortex/ln-vortex/blob/master/client/src/main/scala/com/lnvortex/client/VortexClient.scala#L616
Best,
benthecarman
________________________________
From: bitcoin-dev <bitcoin-dev-bounces@lists•linuxfoundation.org> on behalf of alicexbt via bitcoin-dev <bitcoin-dev@lists•linuxfoundation.org>
Sent: Monday, May 22, 2023 7:51 AM
To: Bitcoin Protocol Discussion <bitcoin-dev@lists•linuxfoundation.org>
Subject: [bitcoin-dev] Coinjoin with less steps using ALL|ANYONECANPAY
Hi Bitcoin Developers,
I recently experimented with different sighash flags, PSBTs and realized ALL|ANYONECANPAY could be used to reduce some steps in coinjoin.
Steps:
- Register outputs.
- One user creates a signed PSBT with 1 input, all registered outputs and ALL|ANYONECANPAY sighash flag. Other participants keep adding their inputs to PSBT.
- Finalize and broadcast the transaction.
Proof of Concept (Aice and Bob): https://gitlab.com/-/snippets/2542297
Tx: https://mempool.space/testnet/tx/c6dd626591dca7e25bbd516f01b23171eb0f2b623471fcf8e073c87c1179c492
I plan to use this in joinstr if there are no major drawbacks and it can even be implemented by other coinjoin implementations.
/dev/fd0
floppy disk guy
Sent with Proton Mail secure email.
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists•linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
[-- Attachment #2: Type: text/html, Size: 5474 bytes --]
next prev parent reply other threads:[~2023-05-22 22:51 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-05-22 12:51 alicexbt
2023-05-22 22:51 ` Ben Carman [this message]
2023-05-23 12:17 ` Lucas Ontivero
2023-05-23 12:48 ` alicexbt
2023-05-23 12:34 ` alicexbt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=SJ1P223MB0531D7D62140F0516A25897AA1439@SJ1P223MB0531.NAMP223.PROD.OUTLOOK.COM \
--to=benthecarman@live$(echo .)com \
--cc=alicexbt@protonmail$(echo .)com \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox