📅 Original date posted:2019-07-30
📝 Original message:On 26/07/2019 10:38, Dmitry Petukhov via bitcoin-dev wrote:
>
> If the attacker is the entity who provides this 'maker outsourcing',
> and it captures significant portion of that maker-outsourcing/utxo-rent
> market, it can even receive some profit from the convenience fee, while
> deanonymizing the joins.
>
> And with pseudonymous entities, you cannot be sure how much of that
> market the attacker controls.
>
No the attacker does not. I believe renting out UTXO proofs does not
change the privacy properties, because of the quadratic term in the
fidelity bond formula. This is where a sacrifice of V bitcoins creates a
bond of value V^2. The formula provides a strong incentive for
profit-motivated makers to use all their fidelity bond coins with just
one maker, not spread them out over many makers. JoinMarket takers
always use multiple makers, so a single maker can never deanonymize a
coinjoin just they get chosen by takers a lot. (But they would make
loads of money in coinjoin fees, which should encourage other makers to
also sacrifice coins in order to compete with them and capture some of
that fee income)
If a sybil attacker wants to run multiple makers for the purpose of
deanomyization then they will take a substantial quadratic hit in their
effectiveness. This is explored the other document "Financial
mathematics of JoinMarket fidelity bonds"
https://gist.github.com/chris-belcher/87ebbcbb639686057a389acb9ab3e25b
Regards
CB
Chris Belcher [ARCHIVE] /
npub1ek…lnm2u
2023-06-07 18:19:43
in reply to nevent1q…zd6k
Author Public Key
npub1ekvnqhww3aagwuj9t55dgj5y29u8cxdjllfv3vgppt8vc0zljhrs6lnm2uPublished at
2023-06-07 18:19:43Event JSON
{
"id": "27c70a6f10570d96616746e448ff67e0a1a01e95633c46cbcaac0dba4b413a79",
"pubkey": "cd99305dce8f7a8772455d28d44a8451787c19b2ffd2c8b1010acecc3c5f95c7",
"created_at": 1686161983,
"kind": 1,
"tags": [
[
"e",
"e5951fd065af963dd1caf477c2dc7ac75e75b8c5de9df2bf7554616176c13878",
"",
"root"
],
[
"e",
"28f701090d6c9337d02167c332c5e939ab86f8a6b33e7613f36abb94576ec243",
"",
"reply"
],
[
"p",
"78f5a82a0b64fb3c18bd33a69c53b1af612b3ac8dd81e12f74ba62f3793dac05"
]
],
"content": "📅 Original date posted:2019-07-30\n📝 Original message:On 26/07/2019 10:38, Dmitry Petukhov via bitcoin-dev wrote:\n\u003e \n\u003e If the attacker is the entity who provides this 'maker outsourcing',\n\u003e and it captures significant portion of that maker-outsourcing/utxo-rent\n\u003e market, it can even receive some profit from the convenience fee, while\n\u003e deanonymizing the joins.\n\u003e \n\u003e And with pseudonymous entities, you cannot be sure how much of that\n\u003e market the attacker controls.\n\u003e \n\nNo the attacker does not. I believe renting out UTXO proofs does not\nchange the privacy properties, because of the quadratic term in the\nfidelity bond formula. This is where a sacrifice of V bitcoins creates a\nbond of value V^2. The formula provides a strong incentive for\nprofit-motivated makers to use all their fidelity bond coins with just\none maker, not spread them out over many makers. JoinMarket takers\nalways use multiple makers, so a single maker can never deanonymize a\ncoinjoin just they get chosen by takers a lot. (But they would make\nloads of money in coinjoin fees, which should encourage other makers to\nalso sacrifice coins in order to compete with them and capture some of\nthat fee income)\n\nIf a sybil attacker wants to run multiple makers for the purpose of\ndeanomyization then they will take a substantial quadratic hit in their\neffectiveness. This is explored the other document \"Financial\nmathematics of JoinMarket fidelity bonds\"\nhttps://gist.github.com/chris-belcher/87ebbcbb639686057a389acb9ab3e25b\n\n\nRegards\nCB",
"sig": "5bfaa22a975ac00bddc19ac0454bf508d46fd47a3e038d1536d0eaec304edc4fc8bf4d1005232c5c1f21fc7ca09cb794e88b112bee07ebd0d7c80e0cb76f6a47"
}