Why Nostr? What is Njump?
2023-06-07 18:29:33
in reply to

ZmnSCPxj [ARCHIVE] on Nostr: 📅 Original date posted:2021-03-17 📝 Original message:Good morning JAMES, > Good ...

📅 Original date posted:2021-03-17
📝 Original message:Good morning JAMES,

> Good Afternoon,
>
> Verifiable and independantly verifiable are not the same. Independantly
> scrutinable means any public can scrutinise blockchain to determine it
> is honest. It does not rely on involved parties but insistently on the
> data published in the blockchain.

The involved parties ultimately publish the data on the blockchain, and the result is independently validatable.
All that each involved party has to do is validate for itself that it does not lose any funds, and, by the operation of math, the summary result does not result in any loss (or creation) of funds, thus CoinJoin cannot lead to fraud.

I do not see much of a point in your objection here.
For example, in the case of Lightning, the individual payments made by the participants in the channel cannot be verified by anyone else (they can lie about the payments that occurred on their channel).
But both participants in the channel need to agree on a single result, and it is that summary result that is independently verified onchain and published.

Indeed, one major technique for privacy improvement in Bitcoin is the simple technique of creating summaries of multiple actions without revealing details.
Such a general class of techniques works by reducing the data pushed onchain which provides both (a) scale because less data on chain and (b) privacy because less data is analyzable onchain.

Basically ---

1. The entire point of a public blockchain is to prevent uncontrolled forgery of the coin.
Only particular rules allow construction of new coins (in Bitcoin, the mining subsidy).
2. Various techniques can be used to support the above central point.
* The simplest is to openly publish every amount value in cleartext.
* However, this is not necessarily the ***only*** acceptable way to achieve the goal!
* Remember, the point is to prevent uncontrolled forgery.
The point is **not** mass surveillance.
* Another method would be to openly publish **summaries** of transactions, such as by Lightning Network summarizing the result of multiple payments.
* CoinJoin is really just a way to summarize multiple self-payments.
* Another method would be to use homomorphisms between a cleartext and a ciphertext, and publish only the ciphertext (which can be independently verified as correctly being added together and that inputs equal outputs plus fees).

No privacy technique worth discussing and development in Bitcoin gets around the above point, and thus fraud cannot be achieved with those (at least if we define fraud simply as "those who control the keys control the coins" --- someone stealing a copy of your privkeys is beyond this definition of fraud).
Any privacy improvement Taproot buys (mostly in LN, but also some additional privacy for CoinSwap) will still not allow fraud.

Regards,
ZmnSCPxj
Author Public Key
npub1g5zswf6y48f7fy90jf3tlcuwdmjn8znhzaa4vkmtxaeskca8hpss23ms3l