remove duplicate, unlisted countermeasures

[kristovatlas]

The following 2 countermeasures (CM17 & CM18) are currently unlisted in the threat model, left over from the previous version, and are now deprecated by criteria.

1. CM17 (d823f2dd9e93f8064d89e170ae95ae60743bf178825f7a14ae35dcdc9f4911aa): Only query one address at a time from a specific connection context
2. CM18 (3585e1d272b81ae6721123b112a977350b60d118d1394e5f01b94aaf13557cbc): Query multiple addresses at once using a technique that returns false positives

This was a 3-part countermeasure in the previous edition:

• Netowrk Observer attack: Link addresses belonging to a single user by observing information leaked by the wallet in the process of obtaining its balance information from the network
  • Countermeasure: Obtain balance information without making queries to other network participants OR
  • Countermeasure: Only query one address at a time from a specific connection context OR
  • Countermeasure: Query multiple addresses at once using a technique that returns false positives

It is now replaced by:

• Network Observer attack: Link addresses belonging to a single user by observing information leaked by the wallet in the process of obtaining its relevant blockchain data from the network
  • CM16: Obtain relevant blockchain data without making queries to other network participants
  • CM61: Perform multiple queries for blockchain data in a way that makes it difficult to correlate the queries with one another
  • CR26: Connection contexts are not reused when querying for blockchain data that corresponds to more than one address in a user's wallet
  • CR33: Any given network query for blockchain data does not correspond to addresses that belong to different identity containers within the user's wallet
  • CR27: Blockchain data is queried via a method that matches a fraction of the blockchain beyond the addresses belonging to the wallet

Basically these two countermeasures were turned into criteria.

[kristovatlas]

I'll make a PR for this, and then I just need 1 or more ACK's on the PR before merging since this is an obvious edit that is in line with our previous discussions.

[kristovatlas]

This is completely fulfilled by the merged PR.