0 sats \ 1 reply \ @yo2xncv0 19 Jun freebie \ parent \ on: What are your thoughts on Bitcoin losing the Darknet bitcoin
Monero amount privacy is actually quantum proof. It uses Pedersen Commitments which are 'perfectly hiding' in a technical sense meaning even quantum computers can't break it:
'"Perfectly" binding or hiding means that even with infinite computing power it would be impossible to break'
https://docs.grin.mw/wiki/miscellaneous/switch-commitments/#properties-of-commitment-schemes
But no, sender and receiver privacy are not quantum proof atm. FCMP++ and Seraphis are being worked on and will change this though and allow L2s as well.
I agree that ephemerality is a better property to have for privacy than permanent blockchains, but unless you're running your on LN node and only using unannounced channels exclusively (how many users realistically do this?), Lightning leaks too much data. Receiver privacy is bad and amount privacy is not guaranteed from larger routing nodes. It's also trivial for large nodes to save all transaction data going thru them and break them later.
What is worse is that most Lightning users are on custodians or using LSPs which provide no privacy.
The incentives naturally lead to centralizing transactions through these large nodes (cheaper fees and less chance for transactions to fail)
FCMP++ and Seraphis are being worked on and will change this though and allow L2s as well.
OK, that sounds like some interesting development, curious to see how it plays out.
Lightning leaks too much data. Receiver privacy is bad and amount privacy is not guaranteed from larger routing nodes. It's also trivial for large nodes to save all transaction data going thru them and break them later. What is worse is that most Lightning users are on custodians or using LSPs which provide no privacy.
Receiver privacy is already getting much better with BOLT12, but I will agree with you here yes, lightning still has work to do here regarding the usability of self custodial solutions. You are also right, if all your transactions go through a few large nodes, the current lightning encryption will also not protect you from post quantum deanonymization.
reply