nopara73
commented
2 years ago This issue could be considered being the continuation of the Anonymity Calculation VS Coin Selection dilemma after in https://github.com/zkSNACKs/WalletWasabi/pull/8025 the opposite compromise was made.
The purpose of the anonymity score calculation is to help the wallet answer the question "when is it time to stop the mixing process?" Unfortunately, the previous, "intuitive" anonymity score calculation did a poor job at that: it only worked for 1.0, but not for 2.0 coinjoins. In 2.0 it seemed to somewhat work, but even that was just an illusion because we had to ruin the coin selection algorithm to satisfy it: the previous anonscore calculation forced us to tailormade the coin selection algorithm to select coins with similar anonymity scores, which prevented any other factor like amounts, randomness and tx graph interconnectedness to matter, thus the selections were low-quality, resulting in subpar coinjoins those did not only had significantly worse privacy, but as well in various - non-edge case - configurations of the software it made coinjoins completely unusable.
See Goodhart's Law: When a measure becomes a target, it ceases to be a good measure.
How to resolve the issue the example demonstrates? I think you're thinking too small. Pun intended :) Literally, the transaction is too small. That's why we can assume common ownership heuristic there. The larger the transaction is the less we can assume common input ownership heuristic, thus the less counterintuitive the weighted averaging is, and that's the default case for WW2 coinjoins on mainnet, so that's how it's becoming intuitive to default to. And in fact, I think we could even resolve all the conflicts if we'd start out with exponential punishment for small coinjoins and as the coinjoins become larger and larger we could slog our way back to weighted averaging?
onvej-sl
Please, see this test, that demonstrate counterintuitivity of anonymity computation after https://github.com/zkSNACKs/WalletWasabi/pull/8025 was merged.