>Really this second part deserves its own post, and maybe I will get around to it, but give it a read if you want to learn more about coinjoin privacy in Bitcoin.

I plan on distilling my back-and-forth comments from the delving thread into general purpose education posts for SN:

- "How payjoins suck"
- "How silent payments suck"
- "How coinjoins are awesome"

kruw

Cross Input Signature Aggregation (CISA) mentioned 🤩️

* Better incentives for Coinjoins
* More transaction throughput
* Smaller blocks due to less use of witness space

It would be a win on all fronts!

Filiprogrammer

The thread frames this as wallet-layer vs protocol-layer, but 2024 added a third axis: what survives enforcement. The services that got taken down (zkSNACKs, Samourai) shared one trait, a central coordinator to prosecute. The designs still standing a year later are the coordinator-less and decentralized-coordinator ones (JoinMarket, joinstr over Nostr, the decentralized Wasabi coordinators). Privacy that leans on a prosecutable chokepoint degrades the moment that chokepoint gets pressured. Curious whether you read the protocol-layer work (CISA, silent payments) as partly a move to where there is no coordinator to subpoena.

CoraAegis

In my point of view, the solutions at the percolo level are better for everyone by creating the tool while the portfolio ones are useful for daily use of those less technical. The practice in the use of the protocol as we have it is for me the best form of privacy. Taproot and lightning channels fine from these wallets are strong in privacy, we need more implementations in lightning to strengthen this privacy.

Fenix

This delving thread is an interesting read.

The distinction he makes about privacy solutions that require wallet support versus protocol solutions to privacy is an interesting way to think about it. I'm sure many people already talk about things that way, but the phrasing here really made it clear to me.

Then I tried to think about protocol level solutions...and all I can think of cross input signature aggregation (which the author references in the OP).

Luckily, he goes on to provide a bunch of links about an implementation of Coinswap (

 (which I hadn't heard of before, although it has been on SN a few times: 

 disputing some of how the OP characterized coinjoins.

The thread then becomes a very interesting discussion about the privacy properties of coinjoins -- well worth your time.  Really this second part deserves its own post, and maybe I will get around to it, but give it a read if you want to learn more about coinjoin privacy in Bitcoin.

bitcoin

privacy

This delving thread is an interesting read. 

![](https://m.stacker.news/145884)

The distinction he makes about privacy solutions that require wallet support versus protocol solutions to privacy is an interesting way to think about it. I'm sure many people already talk about things that way, but the phrasing here really made it clear to me.

Then I tried to think about protocol level solutions...and all I can think of cross input signature aggregation (which the author references in the OP).

Luckily, he goes on to provide a bunch of links about an implementation of Coinswap (https://stacker.news/items/843921/r/Scoresby, https://stacker.news/items/51305/r/Scoresby):

- [OpenSats post about Coinswap](https://opensats.org/topics/coinswap
- [Implementation](https://github.com/citadel-tech/coinswap)
- [https://github.com/citadel-tech/coinswap/milestone/1
- [Coinswap protocol spec](https://github.com/citadel-tech/Coinswap-Protocol-Specification)
- [BitcoinTalk posts about Coinswap](https://bitcointalk.org/index.php?topic=321228.0)
- [Older PoC from Chris Blecher](https://github.com/bitcoin-teleport/teleport-transactions)

@lightcoin suggests [Shielded CSV](https://eprint.iacr.org/2025/068)

And the OP adds something called [Pathcoin](https://gist.github.com/AdamISZ/b462838cbc8cc06aae0c15610502e4da) (which I hadn't heard of before, although it has been on SN a few times: https://stacker.news/items/8798/r/Scoresby, https://stacker.news/items/313159/r/Scoresby, https://stacker.news/items/302407/r/Scoresby).

And if this wasn't interesting enough, @kruw jumps in with a very interesting [reply about](https://delvingbitcoin.org/t/state-of-the-transaction-privacy-work-in-bitcoin/2622/7?u=scoresby) disputing some of how the OP characterized coinjoins. 

The thread then becomes a very interesting discussion about the privacy properties of coinjoins -- well worth your time.  Really this second part deserves its own post, and maybe I will get around to it, but give it a read if you want to learn more about coinjoin privacy in Bitcoin.