Oddbean new post about | logout
 It's great that you brought up the size of the UTXOs. When you send just 2 UTXOs to the wallet for a CoinJoin, you often end up with nearly 20 mixed UTXOs, most of which are of low value.

Consolidating all your coins after a CoinJoin can negate any benefits gained from the process. I suspect that many people are doing this.

Summary:

 - You obtain many small UTXOs.

 - Many users will consolidate their coins into a hardware wallet (HW).

 - When using the CoinJoin option directly on the HW, you don't know how much will obtain or how many UTXOs you will receive.

- You could always be mixing with the same users, as there is no need for new incoming liquidity to start a CoinJoin.

- Efficiency is low: sending two UTXOs can result in receiving almost 20, leading to higher future spending.

- Being a free service, you are not protected against Sybil attacks.


 
 > - You obtain many small UTXOs.
> - Efficiency is low: sending two UTXOs can result in receiving almost 20, leading to higher future spending.

The wallet targets 51 UTXOs as a total, if you have more than this you will usually see a reduction of UTXO set instead of an increase. 

Small UTXOs in fact are often useful to help avoiding change, which is by far the most privacy harming operation you can make as it links your transactions together. 

Additionally, during a coinjoin the outputs are chosen by trying to ensure 2 things:
- Have as few outputs as possible (so UTXOs as big as possible)
- Avoid as much as possible creating a non standard output, because this output would be at risk of privacy loss therefore client will consider its score to be really low.

In Wasabi, privacy loss means costs, because the client will detect that and try help you regaining the privacy you are losing by coinjoining the change again, starting by a score of 1, so it will be extremely expansive.

Therefore, and even if it's counter intuitive, having small UTXOs as a result of a coinjoin process in fact saves some money because otherwise you would have to coinjoin more, hence paying a lot of extra mining fees.

It is however true that Wasabi should have more features to handle post mixed coins and consolidate in a way that harms as less privacy as possible and is as cheap as possible.

> - When using the CoinJoin option directly on the HW, you don't know how much will obtain or how many UTXOs you will receive.

You can use the pay into coinjoin feature if you want to control the size of your UTXOs, it is currently only available through the RPC but building an UI is on our medium term roadmap

> - You could always be mixing with the same users, as there is no need for new incoming liquidity to start a CoinJoin.

This is accounted by the client. Privacy score used in Wasabi is not an AnonSet, but an AnonScore. It is based on AnonSet but lowered if privacy harming behavior is detected, such as remixing with the same participants. Coordinators could also introduce a minimum amount of fresh bitcoin per rounds

> - Being a free service, you are not protected against Sybil attacks.

First on bitcoin nothing is free, you have to pay for mining fees.

In fact Wasabi resists really well to sybil attacks for a simple reason: there is no strict limit to the size of a coinjoin transaction (after a threshold transactions are split). This makes it extremely hard to sybil and it will also be really easy to recognize that such attack is ongoing. 

The effect of a sybil attack would be to increase artificially the score of a coin, but the coin would still have a decent privacy thanks to the size of a transaction that is created.

However, this is only true with a high liquidity, and low liquidity coordinators are extremely easy to sybil