pull down to refresh

Yesterday there was a lot of discussion about coin join and frankly a lot of FUD mixed in with good info. In your opinion what are the trade-offs of this technical attempt to add on-chain privacy? If you think it is completely a poor choice then what are the alternatives and their trade-offs.
"Programmers know the benefits of everything and the tradeoffs of nothing." ~ Rich Hickey
"There are no solutions, only trade-offs" ~ Thomas Sowell
In general, coinjoin provides privacy in expense of cost and speed and often clunky UX.
Specifically, Wasabi has the strongest privacy guarantees, for all we know it's perfect. JoinMarket is good, although you have to do some work to achieve perfect privacy in it, you can't just be a "taker". Samourai/Whirlpool are trash. Not on the same level as the previous two, because they are TTPs.
And then there's Mercury, which is doing interesting things, though not CJ.
And of course LN, which is not great today as implementations go, but has the potential to provide perfect privacy on top of coinjoin channel management.
reply
What is ttp? I use whirlpool through Sparrow and did not realize some think it's "trash". Got any links so I can learn more?
reply
When using Whirlpool you never know how many counterparties run their node and don't share wallet's xpub with Samourai. So, you gain some privacy, but you are never sure that you are private against Samourai people. It's all tradeoffs, could be useful in a lot of cases, but not in all cases.
reply
Trusted third parties. I still have not heard a rational explaination of the issues with Whirlpool and Sparrow. Only Samoria wallet using their node.
reply
in expense of cost and speed and often clunky UX.
I think Bitcoiners are too focused on the cost and speed aspect. The biggest leverage to make CoinJoin more mainstream is the UX aspect.
reply
In a world where LN exist and works pretty well, onchain coinjoins became useless. Pre-LN time, yes I used coinjoins. But after LN became a norm, I stopped using any coinjoin. Is useless for me.
I use onchain exclusively to opn/close LN channels. All my txs are over LN now.
If you know how to use LN in a proper way, you do not need onchain coinjoins. If you really want to still use onchain coinjoins, fine for me, but in the end you are just throwing away more sats. That means more sats for me...
fun fact: even SN could be a nice tool to coinjoin your sats...
reply
Pre-LN time, yes I used coinjoins. But after LN became a norm, I stopped using any coinjoin. Is useless for me.
Lightning doesn't have perfect security, and neither does coinjoin. I personally use both. So if someone sends me on-chain funds, I coinjoin it with Wasabi, and then open lightning channels to actually use those funds.
reply
Yeah, I think in the future and even now to some extent we won't really need coin join. But lightning is not magic(for those reading this. Darth knows this very well). Part of this will be the increase in bitcoin usage driving up on-chain fees.
The other thing is that adoption grows most people will be paid in bitcoin not exchanging it for fiat. They will likely be paid off-chain via lightning.
I've said it before but thanks for your guides @DarthCoin.
reply
I will let you think about something....
Through a LN channel of 10M sats you could "coinjoin" 10 BTC. When you close it, it will remain only the info of 10M sats on one side or another and nothing about those 10BTC you passed through...
Let them fight over onchain coinjoins, do your stuff over LN...
reply
That sounds really interesting. Do you perhaps have a guide for this? Is there also a maximum for the amount that is being transferred on LN?
reply
see my SN bio, lots of guides there
reply
fun fact: even SN could be a nice tool to coinjoin your sats...
How is SN supposed to be a coinjoin tool? Just asking
reply
how many LN wallets did you used until now? how many submarine swaps did you used until now? how many LN nodes did you run until now? First you need to learn very well how to use LN and then think about how to use SN...
reply
Again, just asking. With regards to wallets, I've been using (in this order) Zap, Eclair, OBW, SBW, BlueWallet, Phoenix, LND, c-lightning, blixt (since I read one of you guides) . The question was just because I can understand the privacy features of using LN to move in-ou from the main chain, but I can't understand how that could be called 'coinjoin'
reply
If I give you 100 sats for this comment, can you tell me from which channel is coming? Can you tell me if those sats comes from a specific UTXO? The answer is no.
reply
Okay so the idea is that stacker.news is a huge black box whereby an external observer cannot triangulate the provenience of funds that come out from stacker.news wallets.
In this sense okay, that could be considered a coinjoin-like feature
Thanks
reply
I can't give specific details here. There are too many idiots on SN reading and don't want to put k00b on trouble. If you know how LN channels works and know how to use specific LN wallet apps, you will find the way. Use your brain and think about the process. It's easy, tested. I wrote several guides about this kind of process.
reply
What about if you have KYC coins, from an exchange, that you're planning on hodling long term? Coin join?
reply
  1. There's no such thing as "KYC coins". Please stop saying that. If there will be such thing, Bitcoin will cease to exist.
  2. If you never go back to fiat, why do you care so much? Just spend your coins on hookers and beers. Don't you?
If you plan to go back to fiat by selling those coins, then yes, you are fucked.
Also there's no "long term" holding. It is freedom (Bitcoin) or slavery (fiat/CBDC). So choose wisely. Bitcoin is simply money.
Reminder: Satoshi's papers, stated:
Abstract. A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution.
I do not see anywhere there saying: holding long term or getting rich. Is pure P2P money.
reply
If you want to sell your BTC on a centralized exchange at some point in the future, its not a a good idea to coinjoin.
I believe bitcoin is best used p2p so I have coinjoined everything as a statement to say this is never going back into an exchange. It will one day be spent p2p on a product or service accepting BTC.
Coinjoins obscure the history & gives the attacker a bit of doubt not to go through with it.
Also once you CJ you need to be careful how you spend the UTXO. I find this isn't talked about enough in the space
reply
once you CJ you need to be careful how you spend the UTXO. I find this isn't talked about enough in the space
100% agree with this. That's what I'm trying to foster here. Stating the facts. Blanket statements are not helpful.
The workaround moving UTXOs back on to an exchange is to use lightning. Without lighting this is a very valid issue.
reply
Right
I hear that liquid also works. As in you swap to CJ UTXO into liquid, then back out & it becomes "clean" again.
reply

Pros

  • Breaks deterministic connection between UTXOs
  • Adds forward privacy UTXO transactions
  • With tools like Sparrow and whirlpool is becoming more simple to do and allows you to automate mixing to cold storage
  • When done right very little to no risk of losing funds

Cons

  • Cost - this is related to current fee environment
  • Coin-joins are obvious on-chain
  • Possible censorship of UTXOs by exchanges (minimized by lightning)
  • Some trust is involved but differs depending on implementation
  • Requires diligence to not undo the breaking of deterministic links

Alternatives

  • Lighting but also has many caveats
  • Have fun not being private
reply
I use whirlpool with Sparrow to break KYC of my utxos. So this:
Breaks deterministic connection between UTXOs
Wonder how the pool fees compare to just buying on p2p markets with their higher rates. But I think whirlpool fees are cheaper. Depending on the pool of course, but so far, I traded time for fees, I think. Bigger pool means less utxos means less coinjoins required means less time. But higher entry fees.
reply
P2P markets are sometimes cheaper to buy BTC for fiat than regular exchanges. It's usually when you do the opposite of what the market does.
reply
Oh, interesting, then I need to take another look
reply
In P2P markets you can often get better rates than centralized exchanges, even 5-10 %, if your time preference is low and you act as a market maker by providing liquidity.
reply
Cost - this is related to current fee environment
You can run JoinMarket yield generator bot and get paid for participating in coinjoins instead of paying for coinjoins. Although pure maker mode in JM doesn't guarantee privacy, it's better to mix maker and taker modes.
reply
Thanks. Wasn't aware of that. Interesting
reply
Did I miss anything?
reply
Satoshi never used a coinjoin and still maintained perfect pseudonymity.
Why are you giving 5% of your sats to the coordinators anon?
Coinjoin is the dumbest psyop ever. The VC-owned coinjoin corporations like Samourai and Wasabi are rent-seeking off your privacy paranoia. Stop paying the idiot tax.
Common sense UTXO management is a better privacy tool than coinjoin, and there's no coordinator fee.
reply
This is funny.
Satoshi never used a coinjoin and still maintained perfect pseudonymity.
When is the last time a UTXO owned by Satoshi has moved? Did Satoshi KYC? Nope. Sounds like a strawman. Also see my trade-offs comment.
Is Samourai VS owned? I don't think so. Doesn't matter to me though. That doesn't have any impact on the security/effectiveness of coin join.
reply
Why does the timeline of Satoshi's utxos matter? If he moves some sats around today to any arbitrary recipient, how would that help chainanalyzoors find his name?
Even if you buy Bitcoin on an exchange that's 100% KYC'd, all you need to protect yourself from the feds is plausible deniability that when you withdrew from the exchange you weren't in possession of the utxo. I.e. it was a gift, or it was a payment to a contractor, or it was a donation to some overseas charity.
Once you have plausible deniability that your utxos don't belong to you, then all you need is common sense UTXO management (stop consolidating everything) to prevent your utxos from being linked to one another.
PS: Samourai is definitely a VC company. There's even a publicly traded Canadian company that owns a piece of them. The fact that more people don't know this is a testament to how effective their psyop operations are.
reply
The timeline matters because you are bringing up dead UTXOs as an argument.
reply
I ask the question again though... How does SN making a payment today help chainanalyzoors find his identity though? I don't understand.
His utxos weren't always dead. We know for example that SN received and sent to Mike Hearn from 1PhUXucRd8FzQved2KGK3g1eKfTHPGjgFu - even knowing the real name/ID of his counterparty and knowing with 100% certainty that SN owned the address, we are still clueless about who SN is. How would Satoshi be any more (or less) private if he had coinjoined the balance of the address before paying Mike Hearn, and received from Mike using a paynym rather than doxxing his address?
Perfect pseudonymity. If today SN sent more bitcoin from 1PhUXucRd8FzQved2KGK3g1eKfTHPGjgFu to you or me, we would still have no idea who he is. The timeline is irrelevant.
reply
Here's the trade-off. If you make one mistake all your UTXO history is linked. That may be ok for some, it may not be for others. Bottom line is it is a tool. I will never say everyone should always coin-join. That's the point of this discussion. The trade-offs. This isn't an absolute issue. Bitcoin is not private by default. Huge myth that I will not perpetrate.
reply
I guess that's where we have a different vision. I think Bitcoin is 100% private by default (proven by the SN case study), and some users have chosen to opt in to bad privacy practices either out of ignorance or convenience. If you don't opt in to losing your privacy, then you stay private like SN did.
Anyways I appreciate the dialogue, good luck with your privacy quest! My final comment on the topic is just that VC backed coinjoins are absurdly expensive. If you must coinjoin for some weird inexplicable reason, try joinmarket.
CONS: getting a FinCEN SAR filed against you
reply
FinCEN SAR
For a coin join? Do tell. By its very nature it breaks deterministic linking of UTXOs. Aren't you conflating actually activity with with the coin join? I've heard of this with mixing services but not coin join.
reply
Yes uder new proposed regulation, even non-custodial coinjoin will be considered grounds for SAR
reply
Not only that, but also opening an LN channel and even a UTXO consolidation.
reply
True. Very concerning. It does seem as if the fight will be coming sooner than we thought
reply
deleted by author
reply