Open AlwaysCompile opened 6 months ago
In addition to the above, it will also violate user privacy via improper handling of "Change Notes".
Reproduction:
This is a pretty nefarious privacy bug because it is very non-intuitive to the user. Not only was their privacy not respected via the leakage of the change amount, but the Shielded Pool was again not respected so the wallet changed the privacy properties of the users stored funds without asking them.
The fix is the same as above. Always reduce metadata leakages. That means do not automatically convert between shielded pools because that will leak metadata.
Shielded pools should always be respected when possible because violating shielded pool boundaries results in the leakage of amounts (de-anonymization). Currently, zingo does NOT respect shielded pool boundaries and puts users at risk as a result.
Reproduction:
Zingo should always be privacy-preserving as much as possible. That means that it should always use as many inputs from the shielded pool corresponding to the receiving address. In this case, the receiving address is a Sapling address. As a result as many inputs as possible should be selected from the Sapling pool so that user privacy is not violated.
Selecting from the Orchard pool violated user privacy and it simply just does not make sense.