Oddbean new post about | logout
 SIX MONTHS BEFORE THAT:

https://m.primal.net/HUOO.png

https://m.primal.net/HUOP.png

https://m.primal.net/HUOV.png

https://m.primal.net/HUOX.png

https://m.primal.net/HUOZ.png 
 Glad we can finally have this open conversation:

"Both Samourai & Wasabi attempt to make this type of attack expensive by incorporating a coinjoin fee."

This is incorrect.  In Samourai’s Whirlpool, the attack victims pay the fees for the block space consumed by attackers since the attacker only pays in their the initial round.  In Wasabi, attackers must ALWAYS pay for their own block space.

"Wasabi actually has a reverse incentive that rewards them with higher fee revenue if they attempt to sybil or pump liquidity into the system since fees by users scale up with the number of utxos in a round."

This is an implementation detail that is no longer the case in Wasabi 2.0.  Instead, there’s a flat 0.3% fee (only charged on inputs over 1 million sats) and never any coordinator fee for remixing.

"Wasabi is also setup in a way that allows participants to choose which rounds they participate in which can allow an external sybil attacker to pick and choose which rounds to attack based on their desired target. This reduces the cost of an attempted sybil attack. Samourai on the other hand does not allow users to choose their rounds. Round selection is random."

This is incorrect, in Samourai, round selection is not random, it is performed by a trusted third party.

"Furthermore, if you attempt to run multiple clients simultaneously - which is what an attacker would do - you pay a higher effective fee then if you run a single client."

This is incorrect.  If you split into more UTXOs to enter a smaller pool instead of a larger pool, Samourai charges a lower coordinator fee percentage.  This gives Sybil attackers who want to flood the queue an economic advantage over users who are trying to gain privacy.

"Another important piece of information is that the more coinjoin rounds you do, the more difficult it is to be the victim of a sybil attack since the attacker will need to be in every round. Samourai provides an incentive to remix while remixing in wasabi costs more in fees."

As mentioned before, Whirlpool is uniquely vulnerable to Sybil attacks because the attack victims pay for the block space used by the attackers.  In Wasabi, block space is always paid for by the user who consumes it, fixing this misaligned incentive.

"There are two types of samourai users. Those who use their own node and those who trust samourai's node. If you don't use your own node then you trust samourai with your transaction history but not IP address(es) since the wallet defaults to Tor."

This is incorrect, Samourai has Tor off by default. 
 HOLY SHIT WALL OF TEXT - OBVIOUSLY THE THREAD ABOVE WAS ABOUT WASABI 1.O SINCE IT WAS FROM 2020 BUT YOU DECIDED TO START OFF THE CONVERSATION THAT WAY SO HERE WE ARE

AT THE END OF THE DAY WASABI BROS GAS LIGHT ME, SAID MY CONCERNS WERE NOT AN ISSUE, ATTACKED MY CHARACTER, THEN REWROTE THEIR ENTIRE STACK TO FIX SAID ISSUES WITHOUT EVER ADMITTING FAULT

MEANWHILE THE WASABI COORDINATOR NOW SENDS ALL INPUTS TO A CHAIN SURVEILLANCE CO, FUNDING AND LEGITIMIZING A PREDATORY BUSINESS - THERE HAS BEEN A LOT OF TALK ABOUT USERS BEING ABLE TO CHOOSE A DIFFERENT COORDINATOR BUT THEY HAVE YET TO MAKE THAT EASY IN THE UI - TALK IS CHEAP

ON TOP OF THAT, OUTPUTS SEEM TO BE GETTING GROUND INTO DUST, AND IT IS NOT CLEAR TO USERS HOW QUICKLY ANONSET DEGRADES DUE TO OTHER USER BEHAVIOUR 
 You sent me a "wall of text" about Sybil attacks that has nothing to do with tx0 needlessly wasting block space.  Tx0 even HARMS user privacy in edge cases:

https://image.nostr.build/14026e01cbbd0981d24e2b4866265f026b92bc584d9e2dc16acf1d641a4b69ef.jpg#m=image%2Fjpeg&dim=1544x1491&blurhash=%7C8SF%40R%25M%7EqMy%25hgLogt8wgtRM_D%25xvR%24xv-qV%40oNxbbakCoLR*aejZWUj%5Bxuj%5D%25MWURQWANFoMW-%3FcMxIU%25gNFWExuRjRkM%7BX7xbnQR%2BbEWBX7spf%2CxakBIonjazWBxHNssEt7kCRPtQV%5BM%7BxuRjIUof%25LRkV%40oeWCWAog&x=3226e49be19cf5640fddfd6ca3bccf5b980d5202c66abdcbe16ee69572319df1

Much like the Keynesians are not able to formulate an answer as to "How does printing more paper make society richer", Whirlpoolers are not able to answer "How does premixing make privacy better?"

https://youtu.be/QJwmMu15Exc 
 TX0 IMPROVES SYBIL RESISTANCE - MALICIOUS ATTACKERS WOULD HAVE TO PAY SIGNIFICANTLY MORE TO FLOOD ROUNDS THAN HONEST PARTICIPANTS

https://m.primal.net/HUZZ.png 
 This claim is easily defeated by using the same line of reasoning that frustrates the Keynesian inflators:  If printing 1 trillion is good for the economy, then printing 10 trillion must be EVEN BETTER for the economy, right?  If $15 minimum wage is good solves poverty, then a $100 minimum wage is EVEN BETTER, right?

So, if premixing with tx0 "improves Sybil resistance", then premixing 5 times with tx0, tx1, tx2, tx3, and tx4 is even BETTER, right? 
 Haha Matt, if you really feel that way, 
 I'll oblige your test and reply to every one of your posts until you finally address Whirlpool's vulnerabilities to Sybil attacks, and how Whirlpool's tx0 needlessly wastes block space while damaging the privacy of coinjoin participants:

nostr:nevent1qqsxs2suyds3uagurs6y537syplpq97ltk58dcx9x6tdscll26cdkaqpz3mhxue69uhkummnw3ezummcw3ezuer9wcpzqzuaulz7stfxc2zkjzsne5tyzjd95rhrzvdejyhpczand3ntgudtqvzqqqqqqydpqr0t 
 I ALREADY ANSWERED YOU. IT IS UNDER THE NOTE YOU LINKED.

FORTUNATELY YOU WILL NOT BE ABLE TO DELETE THOSE POSTS SO I WONT HAVE TO KEEP ON ANSWERING YOU. 
 What's the note ID?  I don't see it. 
 TX0 IMPROVES SYBIL RESISTANCE - MALICIOUS ATTACKERS WOULD HAVE TO PAY SIGNIFICANTLY MORE TO FLOOD ROUNDS THAN HONEST PARTICIPANTS.

note1ax97krq0a7cfm9l9t7xhg2fvep654hetsqmy2y2jmqchllh8c49skjp2t9

 
 That's the note ABOVE my reply (which remains unaddressed), not a note BELOW it:

nostr:nevent1qqsxs2suyds3uagurs6y537syplpq97ltk58dcx9x6tdscll26cdkaqpz3mhxue69uhkummnw3ezummcw3ezuer9wcpzqzuaulz7stfxc2zkjzsne5tyzjd95rhrzvdejyhpczand3ntgudtqvzqqqqqqydpqr0t

Coordinator fees do not protect you at all against a Sybil attacker if the coordinator is part of your threat model 🙄

Mining fees are protect you against a Sybil attacker, and Whirlpool is especially vulnerable to Sbil attacks because THE ATTACK VICTIMS PAY THE MINING FEES FOR THE BLOCK SPACE USED BY ATTACKERS.

The coordinator fee incentives of tx0 give Sybil attackers an advantage over regular users because they get a DISCOUNTED COORDINATOR FEE for splitting their coins and participating in more rounds compared to consolidating into bigger pools.

The worst part is, none of this Sybil attack discussion even remotely touches the original point, which is how premixing is HARMING privacy while WASTING block space:

https://image.nostr.build/14026e01cbbd0981d24e2b4866265f026b92bc584d9e2dc16acf1d641a4b69ef.jpg#m=image%2Fjpeg&dim=1544x1491&blurhash=%7C8SF%40R%25M%7EqMy%25hgLogt8wgtRM_D%25xvR%24xv-qV%40oNxbbakCoLR*aejZWUj%5Bxuj%5D%25MWURQWANFoMW-%3FcMxIU%25gNFWExuRjRkM%7BX7xbnQR%2BbEWBX7spf%2CxakBIonjazWBxHNssEt7kCRPtQV%5BM%7BxuRjIUof%25LRkV%40oeWCWAog&x=3226e49be19cf5640fddfd6ca3bccf5b980d5202c66abdcbe16ee69572319df1 
 > Coordinator fees do not protect you at all against a Sybil attacker if the coordinator is part of your threat model

I AM AWARE AND HAVE STATED THIS MANY TIMES. INCLUDING THE THREAD YOU LINKED. THIS IS TRUE FOR ALL CENTRALIZED COORDINATOR MODELS.

TX0 IMPROVES SYBIL RESISTANCE AGAINST MALICIOUS ATTACKERS THAT ARE NOT THE COORDINATOR. WOULD HAVE TO PAY SIGNIFICANTLY MORE TO FLOOD ROUNDS THAN HONEST PARTICIPANTS.

I NEVER RESPONDED TO YOUR LAST COMMENT BECAUSE IT WAS PURE GIBBERISH.

https://m.primal.net/HWtf.png 
 YOU HAVE IT LITERALLY BACKWARDS.  FLOODING COSTS LESS IN COORDINATOR FEES THAN CONSOLIDATING, GIVING SYBIL ATTACKERS AN UPPER HAND OVER HONEST USERS:

Let's say you have 10 million sats.  If you flood the 1 million sat pool with 10 UTXOs, you pay 100k sats to the coordinator.  If you only create 2 UTXOs and participate in the 5 million sat pool, you pay 175k sats to the coordinator.  THE FLOODER PAYS LESS TO THE COORDINATOR THAN THE HONEST USER.

You still haven't even made an attempt to address the main issue which has nothing to do with Whirlpool's backward coordinator fee incentives - the REAL issue is how premixing needlessly consumes block space while HARMING the privacy gains of coinjoin participants:

https://image.nostr.build/14026e01cbbd0981d24e2b4866265f026b92bc584d9e2dc16acf1d641a4b69ef.jpg#m=image%2Fjpeg&dim=1544x1491&blurhash=%7C8SF%40R%25M%7EqMy%25hgLogt8wgtRM_D%25xvR%24xv-qV%40oNxbbakCoLR*aejZWUj%5Bxuj%5D%25MWURQWANFoMW-%3FcMxIU%25gNFWExuRjRkM%7BX7xbnQR%2BbEWBX7spf%2CxakBIonjazWBxHNssEt7kCRPtQV%5BM%7BxuRjIUof%25LRkV%40oeWCWAog&x=3226e49be19cf5640fddfd6ca3bccf5b980d5202c66abdcbe16ee69572319df1 
 YOU SHOULD ACTUALLY TEST WHIRLPOOL BECAUSE YOU FUNDAMENTALLY DO NOT UNDERSTAND HOW IT WORKS.

UTXOS IN THE SAME TXO ARE FORCED INTO DIFFERENT ROUNDS.

MEANWHILE YOU ARE ADVOCATING FOR A COORDINATOR THAT ACTIVELY COOPERATES WITH SURVEILLANCE FIRMS AND A PROTOCOL THAT GRINDS UTXOS INTO DUST. 
 A Sybil attacker is not limited to using a single client, they can tx0 with multiple clients in order to participate in the same round.  YOU APPARENTLY DO NOT FUNDAMENTALLY UNDERSTAND HOW IT WORKS SINCE YOU THOUGHT FLOODING PAYS LESS IN COORDINATOR FEES COMPARED TO CONSOLIDATING.

I've never "advocated for a coordinator", I'm pointing out technical flaws that waste block space and harm privacy and create unbalanced incentives that subsidize Sybil attacks and all you do is VIRTUE SIGNAL TO DEFLECT FROM REAL ARGUMENTS.  If you really gave a shit about "censorship", you would just check the "run coordinator" box on your BTCPay Server coinjoin plugin.  Do you have the balls?

Let's talk about dust grinding! Whirlpool is paying 369 sats in fees to create a non private output for 305 sats??? https://mempool.space/address/bc1qp25y8kfywz88myuh7ed3dmx3vv2z2dwuxhjnlv 
 > A Sybil attacker is not limited to using a single client, they can tx0 with multiple clients in order to participate in the same round.

YES, AND THEY WOULD PAY MORE IN FEES THAN AN HONEST PARTICIPANT. THAT IS THE POINT. 
 NO, THEY WOULD PAY LESS IN FEES, AS I CALCULATED ABOVE:

nostr:nevent1qqsxy0jpyte535k6x734v33d87ksdafst27qc9ta2aqnpzew6kn43pgppamhxue69uhkummnw3ezumt0d5pzqzuaulz7stfxc2zkjzsne5tyzjd95rhrzvdejyhpczand3ntgudtqvzqqqqqqyq40ye3

THIS FLOODING DISCOUNT FOR SYBIL ATTACKERS DOESN'T EVEN STOP AT 10 UTXOS, IT GOES TO 70 UTXOS IN THE 1M-50M SAT POOLS! 
 THEY CLEARLY PAY MORE IF THEY DO MULTIPLE TXOS INSTEAD OF ONE.

WE ARE AT A STANDSTILL HERE. NOT WORTH CONTINUING. USE WHATEVER TOOL YOU WANT. I DONT CARE. 
 A DISCUSSION ABOUT BITCOIN PRIVACY IS NEVER "NOT WORTH CONTINUING".

YOU'VE SPENT 20 POSTS ARGUING ABOUT SYBIL ATTACKS (that don't apply whatsoever if the coordinator is part of your threat model) WITHOUT EVER ADDRESSING HOW TX0 PREMIXING WASTES BLOCK SPACE AND HARMS PRIVACY COMPARED TO DOING A CUTHROUGH TRANSACTION:

https://image.nostr.build/14026e01cbbd0981d24e2b4866265f026b92bc584d9e2dc16acf1d641a4b69ef.jpg#m=image%2Fjpeg&dim=1544x1491&blurhash=%7C8SF%40R%25M%7EqMy%25hgLogt8wgtRM_D%25xvR%24xv-qV%40oNxbbakCoLR*aejZWUj%5Bxuj%5D%25MWURQWANFoMW-%3FcMxIU%25gNFWExuRjRkM%7BX7xbnQR%2BbEWBX7spf%2CxakBIonjazWBxHNssEt7kCRPtQV%5BM%7BxuRjIUof%25LRkV%40oeWCWAog&x=3226e49be19cf5640fddfd6ca3bccf5b980d5202c66abdcbe16ee69572319df1 
 WE HAD THE CONVERSATION. PEOPLE CAN READ IT NOW AND MAKE THEIR OWN CONCLUSIONS.

TXO IS NOT A WASTE.

I ALSO HAD A THREE HOUR CONVERSATION WITH THE FOUNDER OF WASABI. UNEDITED. LIVE.

https://www.podpage.com/citadeldispatch/citadel-dispatch-e015-bitcoin/ 
 will do when i has enough that i don't need to spend in 3 months or less 
 Try BTCPay Server's coinjoin plugin instead of Whirlpool.  It's uses an upgraded protocol that's MASSIVELY cheaper, and you can make EVERY spend a coinjoin, without revealing common input ownership or creating toxic change -
 nostr:nevent1qqs2lypcwr8d2rjcawh5a534pfq3marffrt5eqawdlurcgt0cqqh27gppamhxue69uhkummnw3ezumt0d5pzpywf5hs6jazpznr0uttp4ex7sf3fa24qldf0fq5gpy78ulsrd7pjqvzqqqqqqyvu22vn 
 i met one of the guys behind btcpay so i'm keeping that on my radar 
 So that the meaning of this conversation an ad. 

 On question : if people are smart enough to see that coinjoin or btcpay server are not for privacy is that ok ?



https://image.nostr.build/39d3bc7574ebc0848420ebfc92544a471a70d56d46f721d1a448aa48e5323602.jpg