From: ZmnSCPxj <ZmnSCPxj@protonmail•com>
To: Chris Belcher <belcher@riseup•net>
Cc: bitcoin-dev <bitcoin-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] Hiding CoinSwap Makers Among Custodial Services
Date: Fri, 17 Jul 2020 06:02:03 +0000 [thread overview]
Message-ID: <vXSbIZMHm9WBKOy0WpUVrvZdF2RDVeAsqGNTGzwq4LJV8NWz00nAKi7nNT_gsMuLCxMiI6AZ2zGxq0B75-asNbsHKs6gdCMpDRiE_j9mGIo=@protonmail.com> (raw)
In-Reply-To: <c55d8195-fe1b-0b60-fee9-d3c69fec239c@riseup.net>
Good morning Chris,
> On 13/06/2020 15:06, ZmnSCPxj wrote:
>
> > Good morning Chris,
> >
> > > Would it be fair to summarize the idea in this way:
> > > CoinSwappers can slow down the CoinSwap process which will give an
> > > opportunity for makers to use batching.
> >
> > I think so.
> > Regards,
> > ZmnSCPxj
>
> It's definitely a good idea. As well as improving privacy by pretending
> to be a service provider which uses batching, it may also be practical
> just because CoinSwap takers will want to slow down the process for
> greater privacy so that an adversary would have to search more of the
> blockchain to attempt to deanonymize them. Also, by being prepared to
> wait longer the takers will also save miner fees.
Despite the subject title, I have realized belatedly that the same kind of batching can be done by the taker as well.
For example, the taker can contact two makers in parallel to setup separate CoinSwaps with them.
Then the taker produces a transaction spending its funds and sending them out to two outputs.
If the taker uses P2PKH for receiving and change, and we use (via 2p-ECDSA) P2PKH 2-of-2 to anchor the swaps, then if both CoinSwap operations are successful, the transaction looks exactly like an ordinary pay-to-someone-and-get-back-change transaction.
Indeed, each of the two makers contacted, if they are not themselves colluding with each other, cannot really differentiate this from somebody doing a CoinSwap only with them, since the other output is indistinguishable from change.
I am uncertain how much extra privacy (or cheapness) this buys the taker, however.
Regards,
ZmnSCPxj
prev parent reply other threads:[~2020-07-17 6:02 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-06-11 11:51 ZmnSCPxj
2020-06-13 13:38 ` Chris Belcher
2020-06-13 14:06 ` ZmnSCPxj
2020-06-13 23:25 ` Chris Belcher
2020-07-17 6:02 ` ZmnSCPxj [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='vXSbIZMHm9WBKOy0WpUVrvZdF2RDVeAsqGNTGzwq4LJV8NWz00nAKi7nNT_gsMuLCxMiI6AZ2zGxq0B75-asNbsHKs6gdCMpDRiE_j9mGIo=@protonmail.com' \
--to=zmnscpxj@protonmail$(echo .)com \
--cc=belcher@riseup$(echo .)net \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox