-
Notifications
You must be signed in to change notification settings - Fork 80
Bypass the need for multiple mixing rounds #21
Comments
The updated 'Simplified Protocol' section would look like this: A. Simplified ProtocolAlice and Bob are the same user, however the Tumbler does not know this. 1. Input Registration PhaseMany Alices register their
Tumbler checks if inputs have enough coins, are unspent, confirmed, were not registered twice and that the provided proofs are valid, then signs the blinded outputs. 2. Output Registration PhaseBobs register their signed outputs to the Tumbler. 3. Signing PhaseTumbler builds the unsigned CoinJoin transaction and gives it to Alices for signing. |
It also comes with some implementation difficulties, because all Bob outputs must be registered within 1 minute. Therefore the change between a user's Bob identities must be fast, since multiple Bob identities per user wer introduced. (Tor circuit changes.) |
DoS protection still works as it has to, because the user can pre-divide its coins, neverthless if it wants to disrupt more than one round. |
Because of the aformentioned implementation difficulties it might be possible at output registration phase we start getting close to the 1 minute timeout, and this would slow down the that phase from a few second to close to minute. |
This would also make deanonymization somehow easier, because there'd be less distinct participant in a mix. |
It was referenced from the document, the issue can be closed. |
Right now if the fixed denomination is 1btc and the user wants to mix 3btc, it must participate in 3 mixing rounds. However it could potentially register 3btc input and then register 3 times 1btc outputs. With this it can mix cheaper, because it only participates in one round.
This topic should be further explored.
The text was updated successfully, but these errors were encountered: