benediamond
commented
3 years ago actually, this was a difficult problem even before EIP-1559—I realize now it's become even harder.
- you can always sign using a regular account, and pay gas. but WARNING this method can ruin your privacy. the whole point is that we don't want to reveal the sender. if you pay gas using an ethereum account you've funded, then anyone can try to look at that account's history, to learn who you are.
- In the bottom paragraph of the README, look at the section that says "Anonymous Zether also supports native transaction fees." This is the approach suggested in the original zether paper. The idea here was that you use a gas price of 0, BUT ALSO pay a fee in Zether to some designed miner's account (either a hard-coded account, or the 0 account). You then have to convince the miner to look for these transactions, and to accept payment in Zether, instead of in gas. But I now realize that this scheme has become essentially impossible, because of EIP-1559, right? You're no longer allowed by the protocol to use a gas price of 0.
- the third option is to use a relaying service. you convince some other party to pay the gas for you, in exchange for some kind of compensation. I think tornado.cash offers this kind of thing.
There is not any straightforward solution to this. it's a consequence of the fact that Anonymous Zether lives within Ethereum, but Ethereum doesn't support privacy. It will be a hard challenge for any implementer to come up with a solution to this.
make sense? let me know.
ghost
Hey, in client.js:
const throwaway = web3.eth.accounts.create();And this new acc sign transfer transaction then (as i understand because "gas linkability"):web3.eth.accounts.signTransaction(tx, throwaway.privateKey)But in real network, where gasPrice != 0, how it can be?