Oddbean new post about | logout
Kanzan | 5 days ago (raw) | root | parent | reply | flag 
 All my utxos have whirlpool history bro
so why would I need LN?

and frankly
thats a cop out
OT | 5 days ago (raw) | root | parent | reply | flag 
 Lol
Kanzan | 5 days ago (raw) | root | parent | reply | flag +2 
 I know it's crazy but If you're not a religious bigot about things you can actually experiment with different technologies

Unfortunately you have to stop being self-righteous all the time

Maybe try it and see?
OT | 5 days ago (raw) | root | parent | reply | flag 
 I heard that the whirlpool maxi's moved to monero. No wonder you hate lightning
Kanzan | 5 days ago (raw) | root | parent | reply | flag +3 
 You're doing a pretty shitty job of showing any other alternatives

I never said I hate lightning. LN is cool, I'm just realistic about the lack of privacy guarantees

As opposed to you Maxis who are trying to sell it as a completed privacy solution.
When it ain't.
OT | 5 days ago (raw) | root | parent | reply | flag 
 Look, if the FBI or other 3 letter agencies want to find out all your financial activity they'll probably be able to no matter the source of money you're using. What I'm saying is that LN is good enough and its getting better. There's unannounced channels, multi part payment and trampoline routing. More recently (and yet to be fully rolled out) are bolt12 and blinded paths. Then there's also all the ecash mints which give an anonymity set of all the users in the mint.

There are other tools too. Coin joins like join market and wasabi (joinstr also in testing phase). There are state chains and UTXO swaps. There's liquid, there's silent payments and there is payjoin.

There will be more too. I'll admit that it is slow but eventually there will be privacy focused wallets that do a lot of this in the background giving the user the "landing" your meme suggests. For now there's some hoops to jump through.

I don't really have a problem if people want to hold bitcoin and whenever they need to spend they swap into XMR for the payment. I just don't think its necessary and you definitely don't want to be holding it for too long. It also doesn't guarantee absolute privacy (especially for noobs).
Kanzan | 5 days ago (raw) | root | parent | reply | flag +2 
 This all started because you were saying that there's no reason anyone should want to jump from LN to XMR

I think we've thoroughly answered that question at this point

Monero provides good privacy guarantees for anyone right out of the box with good ux. Noobs included.

As opposed to the Rube Goldberg machines you're proposing and the Coming Soon™️ privacy features I've been hearing about since I came into Bitcoin like 8 years ago

So yeah there's plenty of good reasons somebody might want use XMR. It's good money that protects users. I suggest you accept that fact.
OT | 5 days ago (raw) | root | parent | reply | flag 
 Right out of the box? Not running a node? Straight from the exchange?
Kanzan | 5 days ago (raw) | root | parent | reply | flag +3 
 Obviously buying kyc from an exchange exposes you to the exchange.
However unlike Bitcoin they have no idea where you send the XMR afterwards.

Connecting to 3rd party node does NOT expose your transaction history or anything about your wallet.
Your wallet *will tell the node the last time it synced, ie from what block it wants information. not really a big deal.

The biggest issue can be that if you broadcast a tx to a malicious (customized for chain surveillance) node it can know the true input(s) to that tx.
Which could be a problem if you *did buy KYC from a CEX and turned right around and spent using that malicious node and the node runners were coordinating with that CEX.
They wouldn't know where the transaction went, but they would be able to see that it was you that sent it.
If that makes sense
And it wouldn't work if you had moved the coins between the CeX and spending them with the adversary's node.

So yeah there are edge cases where its possible to screw up your privacy if do very specific things and happen to be unlucky 

nothing is completely drool-proof
Kanzan | 4 days ago (raw) | root | parent | reply | flag +2 
 Realizing that I screwed up this explanation

The Eve-> Alice -> Eve attack I describe is always possible and has nothing to do with a malicious node>
That is to say
if the person you receive the Monero from and the person you send it to are colluding
they can eliminate the decoys in the ring signatures and see the true outputs

The danger with a malicious node is just that if you connect to broadcast a tx without hiding your IP somehow they can see that IP sent that transaction.
Which is usually true with other chains anyway
but Monero uses dandelion which prevents knowing what node broadcasted what transaction in most cases

🙇
SaberhagenTheNameless | 5 days ago (raw) | root | parent | reply | flag +2 
 >"if the FBI or other 3 letter agencies want to find out all your financial activity they'll probably be able to no matter the source of money you're using."

Then why are you trying to attain privacy at all if you believe this?
Unnannounced channesl ironically gives up plausible deniability and doesn't offer you privacy from your counter party
Ecash anonset is fractured between mints and is custodial, so you introduce the ability to get rugged, fractionally reserved, or shotgun KYC'd
Everything else you listed like Silent Payments only solve part of the problem (receiver privacy - and is less effective without the others). It's a mishmash with no comprehensive solution.
OT | 5 days ago (raw) | root | parent | reply | flag +1 
 I think they have bigger fish to fry. There's still a cost to take someone down.

If you don't do anything like KYC'D base layer bitcoin it exposes you to $5 wrench attacks and social engineering attacks too. You have to do something to at least stop this.

I meant the individual mint. You have an anonymity set of everyone in that particular mint. Yes, its custodial so that's the trade off. There is apparently a way to pay a LN invoice from various mints but I think it isn't released yet.
SaberhagenTheNameless | 5 days ago (raw) | root | parent | reply | flag +1 
 Then wouldn't it make sense to increase the cost/difficulty via the best possible privacy so that further shrinks the pool of users they can realistically go after?

I think ecash is neat, it's the best form of custodial so far, and use it too for zaps on here, but it gives away one of the core attributes of Bitcoin (doesn't remove trusted third parties) so I don't think it's usecase replaces Monero. Even Calle the creator of Cashu has said the same thing.

What I meant was Monero has a global anonset of all users it's users, while ecash will always be smaller since it fractures by the nature of being split among many different mints. Additionally, the anonset is further split inside each mint since token values have their own anonset buckets (1,2,4,8,16,32, etc). Yes, I believe its called multi-mint payments. I don't think it's out yet either. Definitely another improvement.
Kanzan | 4 days ago (raw) | root | parent | reply | flag +1 
 whats this now?

why do individual mints split up the anonset internally?

i think i saw Calle messing around with multimint payments...
extremely alpha implementation of course.
SaberhagenTheNameless | 4 days ago (raw) | root | parent | reply | flag +1 
 "Larger amounts most likely have less good privacy properties, due to their token denominations being rare. Cashu uses fixed (power-of-2) token denominations to create a hide-in-the-crowd effect. But the larger a token gets, the more likely it is that fewer and fewer of them exists, and at some point there is no crowd to hide anymore. If there is only one token of a specific denomination, it can always be linked back to its creation."

https://docs.cashu.space/faq
SaberhagenTheNameless | 4 days ago (raw) | root | parent | reply | flag +2 
 I should also correct myself for anyone reading this. Monero anonymity set of all it's users only applies to receivers right now. But FCMP will put sender privacy at the same level eventually.