econoalchemist on Nostr: If you could then you would have but you can't because you're out of your depth. None ...
If you could then you would have but you can't because you're out of your depth. None of your examples are the result of address re-use in the CoinJoin. Unlike Wasabi's systemic & symmetric address re-use vulnerabilities which both occur in the CoinJoin transaction.
To clarify further: in your first example above, the coordinator fee is provided during the tx0 transaction while the wallet is setting up for and prior to the CoinJoin transaction. Tx0 transactions have obvious on-chain fingerprints and I fail to see how identifying the address used by the coordinator to collect the fee has any bearing on the anonymity of the user.
In your second example, the re-used address was also re-used in a Wasabi CoinJoin tx so that doesn't help your case but more importantly, when it was re-used by Samourai, it was in the tx0 - not the CoinJoin transaction. Additionally, based on the comments in that thread, the wallet was imported to Samourai and admittedly wasn't fully synced.
Finally in your third example and like the others, this was not a case of address re-use in the CoinJoin transaction (unlike Wasabi) but rather limited occurrences of address re-use in post-mix spending tools like Stowaway, Stonewall, & Stonewallx2. As explained in Samourai Wallet's write up of their investigation into the reported issue: not nearly as many addresses were effected as originally claimed and for good measure Samourai Wallet introduced Strict Mode after this report to mitigate unintentional address re-use by the users when transacting with post-mix spending tools.
Despite your efforts to equate Wasabi's address re-use vulnerabilities to Samourai Wallet, you have come up short yet again.
Published at
2024-09-15 18:12:58Event JSON
{
"id": "3257d42cd793f0b0eb2c88ef165e4cc03912270a444820135cd308e133b8f51f",
"pubkey": "7ef5f1b156ea5e7e9f9b787f7951b2d101f77806167a8d44b11468a10e0fcd27",
"created_at": 1726423978,
"kind": 1,
"tags": [
[
"e",
"6206e63a13bc561ad50dd3d9c0d99c5ea5fa928ffe4d2329a9951ee48c08bf7b",
"",
"root"
],
[
"e",
"bd21b648ebd22d704fda7fba33589a5056af06013cba30cf0b137263d2da92b8"
],
[
"e",
"3a047e92ae58798f8f7fedf507f9816d5ab337d896d97fbd80f848ba32ba9b7d",
"",
"reply"
],
[
"p",
"0b9de7c5e82d26c285690a13cd164149a5a0ee3131b9912e1c0bb36c66b471ab"
],
[
"p",
"50054d07e2cdf32b1035777bd9cf73992a4ae22f91c14a762efdaa5bf61f4755"
],
[
"p",
"7ef5f1b156ea5e7e9f9b787f7951b2d101f77806167a8d44b11468a10e0fcd27"
]
],
"content": "If you could then you would have but you can't because you're out of your depth. None of your examples are the result of address re-use in the CoinJoin. Unlike Wasabi's systemic \u0026 symmetric address re-use vulnerabilities which both occur in the CoinJoin transaction. \n\nTo clarify further: in your first example above, the coordinator fee is provided during the tx0 transaction while the wallet is setting up for and prior to the CoinJoin transaction. Tx0 transactions have obvious on-chain fingerprints and I fail to see how identifying the address used by the coordinator to collect the fee has any bearing on the anonymity of the user.\n\nIn your second example, the re-used address was also re-used in a Wasabi CoinJoin tx so that doesn't help your case but more importantly, when it was re-used by Samourai, it was in the tx0 - not the CoinJoin transaction. Additionally, based on the comments in that thread, the wallet was imported to Samourai and admittedly wasn't fully synced. \n\nFinally in your third example and like the others, this was not a case of address re-use in the CoinJoin transaction (unlike Wasabi) but rather limited occurrences of address re-use in post-mix spending tools like Stowaway, Stonewall, \u0026 Stonewallx2. As explained in Samourai Wallet's write up of their investigation into the reported issue: not nearly as many addresses were effected as originally claimed and for good measure Samourai Wallet introduced Strict Mode after this report to mitigate unintentional address re-use by the users when transacting with post-mix spending tools.\n\nDespite your efforts to equate Wasabi's address re-use vulnerabilities to Samourai Wallet, you have come up short yet again. ",
"sig": "6716610894d83337a252f940200940ed1c9c5ff793b8bfdfeae2240e84956d360ba7fc819884e9c147c2e22f5b3a2f8b19979ab3864c6c705fd1272e11f7b6ec"
}