Assume you're a stack duo user. You want to pay a paynym. You send the notification transaction to the paynym. You then use the change UTXO from the notification transaction to make the payment to the paynym. A presumably common flow if you intend to pay a paynym. The world sees the notification transaction and then sees the change UTXO spent in a subsequent tx.
Assume 2 other people do this same thing.
Now assume the recipient is another stack duo user who has posted their paynym somewhere. The recipient then consolidates those 3 payments in a subsequent tx.
This is strong evidence that anyone can use to form a lower bound on the amount the paynym received. Without a strong holistic privacy toolkit, leakages like this are bound to happen.
naruto / Naruto
npub1w2…c7tte
2023-04-05 18:10:02
in reply to nevent1q…nsju
Author Public Key
npub1w2rfg6swqzjgv84h23lwp2vdga4w90wntxejmf4zfhrwl0kuzqpqvc7ttePublished at
2023-04-05 18:10:02Event JSON
{
"id": "81943d0193648b40b1b62a544831cf157e3eef71cdfe4b4d97710234e98a7f23",
"pubkey": "7286946a0e00a4861eb7547ee0a98d476ae2bdd359b32da6a24dc6efbedc1002",
"created_at": 1680718202,
"kind": 1,
"tags": [
[
"e",
"3387976d3a3122fa43ed16d4689c9b9f9703855758ca62ce0fd55d729b61397c"
],
[
"e",
"84fd1ca27799eda20dc95ae872ee1ed1eb480a22064d74cd66c1558a8fa7cedb"
],
[
"e",
"0000039507c7fcbeff231cc4dc4bbe0248aee05b6d75a59a205a53b1bf7cce8b"
],
[
"p",
"7286946a0e00a4861eb7547ee0a98d476ae2bdd359b32da6a24dc6efbedc1002"
],
[
"p",
"27154fb873badf69c3ea83a0da6e65d6a150d2bf8f7320fc3314248d74645c64"
],
[
"p",
"e5177ebf513530c2d0924083b64b7eadd7fb85efcc3e4dfb55c73a924c901ca7"
]
],
"content": "Assume you're a stack duo user. You want to pay a paynym. You send the notification transaction to the paynym. You then use the change UTXO from the notification transaction to make the payment to the paynym. A presumably common flow if you intend to pay a paynym. The world sees the notification transaction and then sees the change UTXO spent in a subsequent tx.\n\nAssume 2 other people do this same thing.\n\nNow assume the recipient is another stack duo user who has posted their paynym somewhere. The recipient then consolidates those 3 payments in a subsequent tx.\n\nThis is strong evidence that anyone can use to form a lower bound on the amount the paynym received. Without a strong holistic privacy toolkit, leakages like this are bound to happen. ",
"sig": "0f4ee43900453b873f098b82da93e464ae91437513db6805200f3a87b34b5c6119e8ba43d947d4b000d3ae570c973ae75dd95709f020f42bcc28d59a0edf9302"
}