sparrowwallet / sparrow

Desktop Bitcoin Wallet focused on security and privacy. Free and open source.
https://sparrowwallet.com/
Apache License 2.0
1.35k stars 190 forks source link

[Feature] Add abilitiy for Bitcoin <-> Monero swaps #1128

Open RequestPrivacy opened 1 year ago

RequestPrivacy commented 1 year ago

I guess you also have picked up the chatter about BTC <-> XMR atomic swaps on X, I wonder if you are keen to implement a feature where Sparrow is a client on the BTC side of the swap (not a XMR wallet).

I consider this one of the single most interesting developments in the space. Potential benefits:

Although this will be viewed negatively by many "maxis" I see no future for bitcoin as freedom tech without an ability to leverage benefits of other chains, particularly XMR. If there is a time to introduce swapping as "status quo" it is now, and I fear the (legal) window for creating such a thing is closing rather fast.

nostitos commented 1 year ago

Seems like overthinking, toxic change should be somewhat small amounts, Why not just donate them to Sparrow or to one of the dev funds like Opensat?

Worst case just send you small toxic change to the many no-kyc swapping service. https://swapspace.co/exchange/step1?to=xmr&toNetwork=xmr&from=btc&fromNetwork=btc&amount=0.001

RequestPrivacy commented 1 year ago

For small toxic change it might seem overkill. But just think of the case of having multiple, not yet linked utxos you want to whirlpool. You'd need to construct separate Tx0's, pay multiple pool entry fees and you'd still end up with many whirlpooled utxos.

Now consider swapping said outputs first into monero, consolidate safely there and after some time swap back to bitcoin and all of this in a self sovereign way. Now you can enter with 1x Tx0 and therefore pay only one pool entry fee.

It's like becoming water: hard to grab, hard to censor. So the real question shouldn't be "why" rather "why not"...I think.

Centralized swapping services are no solutions, just crutches (and can & will be pressured to implement KYC and swap limits at some point). Furthermore you give up self custody, even for a small amount of time.

nostitos commented 1 year ago

I already do something similar, I send my small toxic change to Wasabi CJ and I complete my amount to match the pool size with a transaction from Wasabi. I basically use alternative CJ implementation that has different tradeoffs.

I guess the main take away is that this should be solvable without being exposed to another coin.

Hopefully we might soon be able to swap the change toward a private sidechain.

RequestPrivacy commented 1 year ago

So you see the problem but your solution is to use a service that takes customer fees to surveil its users (chainanalysis), use centralized swapping services or rather wait for a "private" sidechain (is there one around the corner? And please don't LN me, in a couple of years all LN node runners will be classified as money transmitters and there will be no privacy on LN).

nostitos commented 1 year ago

Do you think zksnacks has created more privacy than they funded to reveal? I also pay a small amount monthly to a "private block explorer" that tries to provide me analysis. Because I'm curious to review my own privacy. Are they really surveilling their own customers if there's zero link left after it's been mixed?

They only manage to LARP cleaning the CJ inputs to earn kuck points. I disagree with this strategy, it's trying to play into regulators cards even if it's achieving near nothing.

Do you ask for full transparency of where every fee paid to whirpool coordinator goes toward?

I didn't bring up LN, but thanks for your insight.

RequestPrivacy commented 1 year ago

Are they really surveilling their own customers if there's zero link left after it's been mixed?

I won't go into the CJ wars and spam this issue but you might want to do more research. Maybe start here.

nostitos commented 1 year ago

Are they really surveilling their own customers if there's zero link left after it's been mixed?

I won't go into the CJ wars and spam this issue but you might want to do more research. Maybe start here.

Yeah the address reuse look really bad BUT what do you think the anonscore of those 6 consolidated UTXO was and what is the default private setting for Wasabi? Default is 53 anonset, I doubt it was more than 5 for some of these UTXO.

The guy basically steals 50 BTC, mix them for less than two days then consolidate them... Wasabi could have done better, but It'd take about 50x longer for whirlpool to make that many BTC private.

checkuon commented 11 months ago

The guy basically steals 50 BTC, mix them for less than two days then consolidate them

The issue was not that he consolidated them but that the wasabi coordinator allowed for address reuse. That was what allowed the funds to be traced.

nostitos commented 11 months ago

The coordinator doesn't need to enforce that the client does, what if he ran two client at once to speed things up? Not normal usage and yes he'd have also been found by other means if he didn't mix until he had the recomended anon score and consolidated a large sum.

On Sat, Nov 25, 2023, 11:59 checkuon @.***> wrote:

The guy basically steals 50 BTC, mix them for less than two days then consolidate them

The issue was not that he consolidated them but that the wasabi coordinator allowed for address reuse. That was what allowed the funds to be traced.

— Reply to this email directly, view it on GitHub https://github.com/sparrowwallet/sparrow/issues/1128#issuecomment-1826377077, or unsubscribe https://github.com/notifications/unsubscribe-auth/ALSB6MES4KQHT23QZQPJGCTYGIPVZAVCNFSM6AAAAAA53RCR32VHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTQMRWGM3TOMBXG4 . You are receiving this because you commented.Message ID: @.***>

checkuon commented 10 months ago

The coordinator should absolutely check to see if an address has been used before and if that is the case refuse to send coinjoined funds to it.

RequestPrivacy commented 10 months ago

@craigraw FYI: Comi-swaps-java