0 sats \ 2 replies \ @RedRadish688 OP 18 Jun \ parent \ on: What are your thoughts on Bitcoin losing the Darknet bitcoin
Another thing, that is not discussed often enough, when Monero is sold as an idiot proof privacy solution is the risk of post quantum deanonymization. Even monero researchers agree, that this is inevitable, it might be 5 years from now, it might be 40 years. And while it's generally accepted, that coins can switch their encryption algorithms when quantum computers become are real thing, nobody can remove what has already been written to the ledger.
So depending on your threat model, it might be necessary even with monero to act like transactions are traceable, the same way you would do with bitcoin. One could argue, that lightning can provide even more protection here, as the transactions are dispersed across different nodes.
Monero amount privacy is actually quantum proof. It uses Pedersen Commitments which are 'perfectly hiding' in a technical sense meaning even quantum computers can't break it:
'"Perfectly" binding or hiding means that even with infinite computing power it would be impossible to break'
But no, sender and receiver privacy are not quantum proof atm. FCMP++ and Seraphis are being worked on and will change this though and allow L2s as well.
I agree that ephemerality is a better property to have for privacy than permanent blockchains, but unless you're running your on LN node and only using unannounced channels exclusively (how many users realistically do this?), Lightning leaks too much data. Receiver privacy is bad and amount privacy is not guaranteed from larger routing nodes. It's also trivial for large nodes to save all transaction data going thru them and break them later.
What is worse is that most Lightning users are on custodians or using LSPs which provide no privacy.
The incentives naturally lead to centralizing transactions through these large nodes (cheaper fees and less chance for transactions to fail)
reply
FCMP++ and Seraphis are being worked on and will change this though and allow L2s as well.
OK, that sounds like some interesting development, curious to see how it plays out.
Lightning leaks too much data. Receiver privacy is bad and amount privacy is not guaranteed from larger routing nodes. It's also trivial for large nodes to save all transaction data going thru them and break them later. What is worse is that most Lightning users are on custodians or using LSPs which provide no privacy.
Receiver privacy is already getting much better with BOLT12, but I will agree with you here yes, lightning still has work to do here regarding the usability of self custodial solutions. You are also right, if all your transactions go through a few large nodes, the current lightning encryption will also not protect you from post quantum deanonymization.
reply