Follow

I wrote what I hope is an intuitive explanation of how keyed-verification anonymous credentials can be used to build CoinJoin transactions, sharing here for feedback before publishing it more widely

gist.github.com/nothingmuch/94

· · Web · 1 · 2 · 5

@nothingmuch
This is a nice explanation, my only hiccup in reading it came from an initial assumption that the blowtorch would somehow be tied to the 'smelting' of input merging. But your explanation of it makes perfect sense, thats just my presumption running amuck.

What is the TL;DR: for the differences between the current mixing scheme, and the new wabisabi scheme? Is it just using different cryptographic primitives? More extensibility?

@htimsxela i think smelting is actually fine in this analogy, SiO2 won't oxidize further so the mass should stay the same ^_^

in the current system there are set denominations (~0.1 btc and multiples of that), each represented by a public key, and Schnorr blind signatures are used.

in Wasabi you can currently merge up to 7 inputs to get 1 or more blind signatures (depending), + a change output

@htimsxela this implies that your inputs are linked (can't merge inputs without revealing that to the coordinator) and, the change is also linked to that, and you can't do things like sending payments from a coinjoin, or doing a payjoin in a coinjoin.

the crypto is indeed different, kind of like extending the current Wasabi protocol with confidential transactions, but the result would still just a normal CoinJoin Bitcoin tx

@htimsxela note that we haven't yet discussed how to instantiate this more flexible mechanism into something more fully developed, and there's a lot to discuss WRT transaction structure and privacy/flexibility

Sign in to participate in the conversation
Mastodon

Server run by the main developers of the project 🐘 It is not focused on any particular niche interest - everyone is welcome as long as you follow our code of conduct!