Open MWICA opened 2 years ago
undeath
commented
2 years ago FBs are used to sign a maker's offers (edit: offers is not quite correct, actually it's just their nickname), not their UTXOs.
Randomized nicks indeed are not helpful with FBs.
AdamISZ
commented
2 years ago See also #960. Agree on randomized nicks for FBs not really having value (though since you would want to randomize when you change the FB, it's still overall useful as a feature).
MWICA
commented
2 years ago FBs are used to sign a maker's offers (edit: offers is not quite correct, actually it's just their nickname), not their UTXOs.
But takers can see the UTXO from my understanding. My concern is though that a spy is able to link a post-mix UTXO with a pre-mix UTXO by seeing eventually (by being a taker at just at least one point later on) that both are associated with my FB identity. "I see this person's current UTXO that uses this FB, had this UTXO in the past before mix".
How is this not a concern?
They would not even have to be a sybil to correlate a post mix utxo with a premix because of the persistent FB identity
undeath
commented
2 years ago You are confusing two things: the coinjoin input UTXOs and the FB UTXO. The FB UTXO is not part of the coinjoin transaction.
MWICA
commented
2 years ago You are confusing two things: the coinjoin input UTXOs and the FB UTXO. The FB UTXO is not part of the coinjoin transaction.
No I'm not. I understand that the coinjoin input UTXO is different than the FB UTXO. But a taker is able to see the utxo, and then correlate a UTXO with a specific FB. My concern is this persistence of identity across mixes. Is this something that is not a concern, if not why?
chris-belcher
commented
2 years ago The FB utxos are not part of the resulting coinjoins. If an adversary sees a coinjoin on the blockchain they don't know which FBs or IRC nick are involved. If an adversary sees a FB utxo or IRC nick, they don't know which coinjoins they are involved in.
edit:
and then correlate a UTXO with a specific FB
Assuming you mean "a UTXO involved in a coinjoin". Then the reply is "no they cant"
The reason persistence of identity to makers isnt a concern is because that identity doesnt get linked so easily to anything else. Makers connect to the IRC via tor, so their IP address isnt linked. Their identity only gets linked to their coinjoins in a way unrelated to fidelity bonds; a taker doing a coinjoin could link a maker's identity to the coinjoin before fidelity bonds was a thing.
If I understand Fidelity Bonds correctly, the FB signs each IRC nick and utxo used by the maker?
What is the point of randomized nicks if all nick identities are tied together with the same FB?
This could also correlate utxos (signed by the same FB) from across identities and from different mixsdepths right?
Alot of people have recommended switching roles for higher obfuscation of transaction origin and destination. But with FBs that watermark each utxo across identities and mixdepths as belonging to the same entity then it is no longer safe to be a maker. Not only would FBs harm the privacy of makers but also degrade that of takers also. Am I wrong on this?