Oddbean new post about login | logout Why isn’t coinjoin the default for bitcoin transactions? Why aren’t miners the coordinators?
Ark protocol will do that I think.
🤔
It is the default when using Samourai wallet. Any tx by default will either use a Stonewall (fake 2 person coinjoin) or a Stonewallx2 (real 2 person coinjoin) auto coordinated by joinbot
why not at the protocol level?
Because this is bitcoin not monero
is that a real answer?
Yes, Bitcoin would need a hard fork to have Monero type privacy. If we could have more L2 options and copy everything Monero does, that would be very cool.
it leaves bitcoin open to attack via taint analysis, it’s time to change that
If you're interested in base layer privacy improvements, I recommend reading https://sethforprivacy.com/posts/proposed-bitcoin-privacy-improvements/
I think it is. This is more or less how monero works. It builds a fake blinded coinjoin for every transaction so blockchain observers can't tell who the tx originates from.
Pretty much. Ring signatures are the least interesting privacy tech Monero has imo. It's relatively weaker obfuscation and only applies to senders. Confidential Transactions and Stealth Addresses do the real heavy lifting. They hide amounts and recievers from the blockchain completely.
Btw every decoy used in a ring signature is from a real transaction that happened at some point on the blockchain so it isn't fake in the sense that they never happened Also has a lot of advantages over coinjoins like being default obviously, no central coordinators, not bound by a small subset of users wanting to coinjoin, privacy doesn't degrade over time as outputs are spent, and no fixed size inputs required
If by protocol you mean base layer, then yes. If by protocol you mean application level but interoperable, the Samourai's postmix tools already fit the bill since they are interoperable with Sparrow's. You can do a Stonewallx2 between Samourai and Sparrow today. No central coordinatot
what’s the advantage of not having privacy on the protocol layer? why rely on applications that are not part of the bitcoin protocol?
* You needs hard forks * there's a tradeoff where the transactions are largee. An average monero transaction is 3x the size of a bitcoin tx
I think you mean payjoin? Coinjoin requires a central coordinator which introduces a point of failure when compared to plain old single-wallet transactions. Payjoin is better from this perspective b/c there is no central party but the sender and recipient still have to interact to construct the transaction, which does not work for offline receive. You want your cold storage keys to always be offline. I don't see this ever changing. Getting miners in on the coinjoin is very interesting. You don't even really need to coinjoin, just charge a premium for a coinbase output. But it makes the miners a target for the state. They are already a target, do we want them to be an even bigger target? This invites a network level attack. I think we need decentralized mining pools first. @Luke Dashjr is working in this direction with Ocean, his new pool.
i meant coinjoin, with lots of participants, every block should be mixing transactions by the miner that builds it