š
Original date posted:2022-05-13
š Original message:Good morning Chris,
> Hello waxwing,
>
> > A user sacrifices X amount of time-value-of-money (henceforth TVOM)
>
> by committing in Joinmarket with FB1. He then uses the same FB1 in
> Teleport, let's say. If he gets benefit Y from using FB1 in Joinmarket,
> and benefit Z in Teleport, then presumably he'll only do it if
> (probabilistically) he thinks Y+Z > X.
>
> > But as an assessor of FB1 in Joinmarket, I don't know if it's also
>
> being used for Teleport, and more importantly, if it's being used
> somewhere else I'm not even aware of. Now I'm not an economist I admit,
> so I might not be intuit-ing this situation right, but it fees to me
> like the right answer is "It's fine for a closed system, but not an open
> one." (i.e. if the set of possible usages is not something that all
> participants have fixed in advance, then there is an effective Sybilling
> problem, like I'm, as an assessor, thinking that sacrificed value 100 is
> there, whereas actually it's only 15, or whatever.)
>
>
> I don't entirely agree with this. The value of the sacrifice doesn't
> change if the fidelity bond owner starts using it for Teleport as well
> as Joinmarket. The sacrifice is still 100. Even if the owner doesn't run
> any maker at all the sacrifice would still be 100, because it only
> depends on the bitcoin value and locktime. In your equation Y+Z > X,
>
> using a fidelity bond for more applications increases the
> left-hand-side, while the right-hand-side X remains the same. As
> protection from a sybil attack is calculated using only X, it makes no
> difference what Y and Z are, the takers can still always calculate that
> "to sybil attack the coinjoin I'm about to make, it costs A btc locked
> up for B time".
I think another perspective here is that a maker with a single fidelity bond between both Teleport and Joinmarket has a single identity in both systems.
Recall that not only makers can be secretly surveillors, but takers can also be secretly surveillors.
Ideally, the maker should not tie its identity in one system to its identity in another system, as that degrades the privacy of the maker as well.
And the privacy of the maker is the basis of the privacy of its takers.
It is the privacy of the coins the maker offers, that is being purchased by the takers.
A taker can be a surveillor as well, and because the identity between JoinMarket and Teleport is tied via the single shared fidelity bond, a taker can perform partial-protocol attacks (i.e. aborting at the last step) to identify UTXOs of particular makers.
And it can perform attacks on both systems to identify the ownership of maker coins in both systems.
Since the coins in one system are tied to that system, this increases the information available to the surveillor: it is now able to associate coins in JoinMarket with coins in Teleport, via the shared fidelity bond identity.
It would be acceptable for both systems to share an identity if coins were shared between the JoinMarket and Teleport maker clients, but at that point they would arguably be a single system, not two separate systems, and that is what you should work towards.
Regards,
ZmnSCPxj
ZmnSCPxj [ARCHIVE] /
npub1g5ā¦3ms3l
2023-06-07 23:08:51
in reply to nevent1qā¦m95c
Author Public Key
npub1g5zswf6y48f7fy90jf3tlcuwdmjn8znhzaa4vkmtxaeskca8hpss23ms3lPublished at
2023-06-07 23:08:51Event JSON
{
"id": "4e44a2570f52565ecc3c2957dc220e893ea53b6d24b6829177221db012282d93",
"pubkey": "4505072744a9d3e490af9262bfe38e6ee5338a77177b565b6b37730b63a7b861",
"created_at": 1686179331,
"kind": 1,
"tags": [
[
"e",
"ed87b4a661b1ec563ef35bba3e76c69fedd4dee29f9239e792212ae30f6447d4",
"",
"root"
],
[
"e",
"ff33581aea997d69abf3214eb2412f1971d4adf3ec2bb0b5c1c49e68e6d0eaac",
"",
"reply"
],
[
"p",
"cd99305dce8f7a8772455d28d44a8451787c19b2ffd2c8b1010acecc3c5f95c7"
]
],
"content": "š
Original date posted:2022-05-13\nš Original message:Good morning Chris,\n\n\u003e Hello waxwing,\n\u003e\n\u003e \u003e A user sacrifices X amount of time-value-of-money (henceforth TVOM)\n\u003e\n\u003e by committing in Joinmarket with FB1. He then uses the same FB1 in\n\u003e Teleport, let's say. If he gets benefit Y from using FB1 in Joinmarket,\n\u003e and benefit Z in Teleport, then presumably he'll only do it if\n\u003e (probabilistically) he thinks Y+Z \u003e X.\n\u003e\n\u003e \u003e But as an assessor of FB1 in Joinmarket, I don't know if it's also\n\u003e\n\u003e being used for Teleport, and more importantly, if it's being used\n\u003e somewhere else I'm not even aware of. Now I'm not an economist I admit,\n\u003e so I might not be intuit-ing this situation right, but it fees to me\n\u003e like the right answer is \"It's fine for a closed system, but not an open\n\u003e one.\" (i.e. if the set of possible usages is not something that all\n\u003e participants have fixed in advance, then there is an effective Sybilling\n\u003e problem, like I'm, as an assessor, thinking that sacrificed value 100 is\n\u003e there, whereas actually it's only 15, or whatever.)\n\u003e\n\u003e\n\u003e I don't entirely agree with this. The value of the sacrifice doesn't\n\u003e change if the fidelity bond owner starts using it for Teleport as well\n\u003e as Joinmarket. The sacrifice is still 100. Even if the owner doesn't run\n\u003e any maker at all the sacrifice would still be 100, because it only\n\u003e depends on the bitcoin value and locktime. In your equation Y+Z \u003e X,\n\u003e\n\u003e using a fidelity bond for more applications increases the\n\u003e left-hand-side, while the right-hand-side X remains the same. As\n\u003e protection from a sybil attack is calculated using only X, it makes no\n\u003e difference what Y and Z are, the takers can still always calculate that\n\u003e \"to sybil attack the coinjoin I'm about to make, it costs A btc locked\n\u003e up for B time\".\n\nI think another perspective here is that a maker with a single fidelity bond between both Teleport and Joinmarket has a single identity in both systems.\n\nRecall that not only makers can be secretly surveillors, but takers can also be secretly surveillors.\n\nIdeally, the maker should not tie its identity in one system to its identity in another system, as that degrades the privacy of the maker as well.\n\nAnd the privacy of the maker is the basis of the privacy of its takers.\nIt is the privacy of the coins the maker offers, that is being purchased by the takers.\n\n\nA taker can be a surveillor as well, and because the identity between JoinMarket and Teleport is tied via the single shared fidelity bond, a taker can perform partial-protocol attacks (i.e. aborting at the last step) to identify UTXOs of particular makers.\nAnd it can perform attacks on both systems to identify the ownership of maker coins in both systems.\n\nSince the coins in one system are tied to that system, this increases the information available to the surveillor: it is now able to associate coins in JoinMarket with coins in Teleport, via the shared fidelity bond identity.\nIt would be acceptable for both systems to share an identity if coins were shared between the JoinMarket and Teleport maker clients, but at that point they would arguably be a single system, not two separate systems, and that is what you should work towards.\n\n\nRegards,\nZmnSCPxj",
"sig": "8fa616b9acb0f3920cc33f37606e5bcfabca5370bb31647db8dbd0aaa152a8abbd420c5e7e9896143c07a96b0ce54736b733916b54bb1bf0a5ab67781324db07"
}