1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
|
Return-Path: <5700er@gmx.com>
Received: from hemlock.osuosl.org (smtp2.osuosl.org [140.211.166.133])
by lists.linuxfoundation.org (Postfix) with ESMTP id 4BCFDC0001
for <bitcoin-dev@lists.linuxfoundation.org>;
Sun, 21 Feb 2021 23:28:52 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by hemlock.osuosl.org (Postfix) with ESMTP id 3632B82476
for <bitcoin-dev@lists.linuxfoundation.org>;
Sun, 21 Feb 2021 23:28:52 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from hemlock.osuosl.org ([127.0.0.1])
by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id noBih-Iow8EH
for <bitcoin-dev@lists.linuxfoundation.org>;
Sun, 21 Feb 2021 23:28:51 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from mout-xforward.gmx.net (mout-xforward.gmx.net [82.165.159.41])
by hemlock.osuosl.org (Postfix) with ESMTPS id 7D88187031
for <bitcoin-dev@lists.linuxfoundation.org>;
Sun, 21 Feb 2021 23:28:50 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net;
s=badeba3b8450; t=1613950125;
bh=fwljxx+tqzrkMG27ndYM870+KCTKsNqVtc6+hgZ/R04=;
h=X-UI-Sender-Class:From:To:Subject:Date:In-Reply-To:References;
b=KKfC0PJUJXAfdJYGMZKwtnXJ6xgb8wuSKFv87bsC1hhU9fMGkA8uqJKg7D50s+Zs1
T3UA5UkCv60wCPO/k498BlqOuu0/hsLOY0MYTiT1KD7sBLss/0dYA2fvAryqyNQmAX
b47PScpUiepW5U9bbRFiycGSAx8zqibg79sDXpmE=
X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c
Received: from [68.207.10.113] ([68.207.10.113]) by web-mail.gmx.net
(3c-app-mailcom-bs10.server.lan [172.19.170.178]) (via HTTP); Mon, 22 Feb
2021 00:28:44 +0100
MIME-Version: 1.0
Message-ID: <trinity-6ade29b2-2d87-490b-8d01-b5c754c3f652-1613950124890@3c-app-mailcom-bs10>
From: Herman Puller <5700er@gmx.com>
To: belcher@riseup.net, bitcoin-dev@lists.linuxfoundation.org
Content-Type: text/html; charset=UTF-8
Date: Mon, 22 Feb 2021 00:28:44 +0100
Importance: normal
Sensitivity: Normal
In-Reply-To: <5fcab0fc-6135-7587-7b3c-a314ccd099ca@riseup.net>
References: <5fcab0fc-6135-7587-7b3c-a314ccd099ca@riseup.net>
X-UI-Message-Type: mail
X-Priority: 3
X-Provags-ID: V03:K1:XYVAPr4vcmlF1lhG01vk3ps8fr5dtuT7ctQK4TUKnSvSFnZGvsGtIpKclp0jGmTM6L0UH
wc+V6MgHPvr3XDoYCWW2mqgi3vf8aP6A3R7dHU4Ew3U12QN0Di1wIv8L+jIkw+NYn2grf8TFxwLX
8KLFCnZxumz8F1lJv+GV5iy1tKfc5pca950Ue1ib9fPpNeFtXY03g0D8GghcfTA/Kz4kZwFSI2N5
GOyO4v8jxoP/pgQXrg55a2mh6lU70cWJEbPy03ubdTz9Aw2nR9RAbNpwb+ciZRTxg8qz8vnkBS8E
hc=
X-UI-Out-Filterresults: junk:10;V03:K0:/7s6oVpBP/A=:y2XWGwPdByYfK4zA2COPJtFr
L0Fqk1vT8dIECjzRfmdpXldCPApd/HtdmffdaFtUzGIBsQYIc/vNpKHZ5kNLeM0o7wSnu7Id5
xOpQKs+iSdphzk0sthf/FkGkV/SqPTxo/FsGhUF6Wi9FJ4cAI3MdJ2m47nQ1nH/eEHv7Ds3bA
oYM9HxADgeq9r6ak5sdCBRLkUwCx3ku7YCee5PCEcQUZSNzoPoLsfrOXfMnUVoP5LQRscy1T6
0xsqfwaofwMDjK7b4lTj66KBv+N04VRCLk51UNdbq4Xx6rqbsd6Jd8rsKhL5iCgel4CEHAUoq
UA/uVLZCsEWHsfROkdAJI8kJkLpmPG+e9Qb9vZVXkdbUec0G+sPwbe/GI5D8IXVParBz99WK4
H/x5RYw9D/fF5C04o7i1kJ2gDESJKxr+0Tlvox+d/YEktAQhaCSwwyGThm6v5MqC8Ek2WaNmv
w61xj88h4Pha+aMIsBorLw5yqRNbtHmKKlITENXwNgBj2tmUmS+njTzWA7o6HJqAAvjqV9QVf
UXLFU5dkdzWVVAVpeJSf+vysG5JqVFZNxx1mWC4bmlcux2j0m4xRyUKC0iSze2GWA2DlABHOF
+fSAR2+XWh8V1cv9R09u9w2CLSR4JmqJ55bq/HBJRePBkMD8AayJeRobwRgJkBcA2BjbCyQ1K
HqnbCGn43sjf1/iTRMETcjX
X-Mailman-Approved-At: Mon, 22 Feb 2021 08:02:33 +0000
Subject: Re: [bitcoin-dev] Teleport Transactions: A CoinSwap implementation
for Bitcoin
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Feb 2021 23:28:52 -0000
<html><head></head><body><div style="font-family: Verdana;font-size: 12.0px;"><div> </div>
<div>42 pieces waiting for me and this 1 interests me most, yet not a single comment to it. Must just be me, I guess. Anyway, please keep plugging away, Chris. And thanks.
<div>
<div name="quote" style="margin:10px 5px 5px 10px; padding: 10px 0 10px 10px; border-left:2px solid #C3D9E5; word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;">
<div style="margin:0 0 10px 0;"><b>Sent:</b> Wednesday, February 17, 2021 at 4:27 PM<br/>
<b>From:</b> "Chris Belcher via bitcoin-dev" <bitcoin-dev@lists.linuxfoundation.org><br/>
<b>To:</b> bitcoin-dev@lists.linuxfoundation.org<br/>
<b>Subject:</b> [bitcoin-dev] Teleport Transactions: A CoinSwap implementation for Bitcoin</div>
<div name="quoted-content">Suppose Alice has bitcoins and wants to send them with maximal privacy,<br/>
so she creates a special kind of transaction. For anyone looking at the<br/>
blockchain her transaction appears completely normal with her coins<br/>
seemingly going from bitcoin address A to address B. But in reality her<br/>
coins end up in address Z which is entirely unconnected to either A or B.<br/>
<br/>
Now imagine another user, Carol, who isn't too bothered by privacy and<br/>
sends her bitcoin using a regular wallet. But because Carol's<br/>
transaction looks exactly the same as Alice's, anybody analyzing the<br/>
blockchain must now deal with the possibility that Carol's transaction<br/>
actually sent her coins to a totally unconnected address. So Carol's<br/>
privacy is improved even though she didn't change her behaviour, and<br/>
perhaps had never even heard of this software.<br/>
<br/>
In a world where advertisers, social media and other companies want to<br/>
collect all of Alice's and Carol's data, such privacy improvement would<br/>
be incredibly valuable. And also the doubt added to every transaction<br/>
would greatly boost the fungibility of bitcoin and so make it a better<br/>
form of money.<br/>
<br/>
This undetectable privacy can be developed today by implementing<br/>
CoinSwap. The software could be standalone as a kind of bitcoin mixing<br/>
app, but it could also be a library that existing wallets can implement<br/>
allowing their users to send Bitcoin transactions with much greater privacy.<br/>
<br/>
For the last few months I've been working on implementing this project.<br/>
Here it is:<br/>
<br/>
<br/>
<a href="https://github.com/bitcoin-teleport/teleport-transactions/" target="_blank">https://github.com/bitcoin-teleport/teleport-transactions/</a><br/>
<br/>
<br/>
The project can create multi-transaction CoinSwaps (intended to avoid<br/>
amount correlation), and multi-hop CoinSwaps (intended to stop one<br/>
single maker being able to unmix a taker's CoinSwap).<br/>
<br/>
Just for fun I created a 5-hop CoinSwap on testnet. Here are the<br/>
transaction IDs of each funding transaction. Each hop has 3 individual<br/>
transactions.<br/>
<br/>
taker's outgoing txes:<br/>
<a href="https://blockstream.info/testnet/tx/f45349bd279bea20b8b218300f8e2416abf28f3858470ad8c5eb2f6cd5ec10a9" target="_blank">https://blockstream.info/testnet/tx/f45349bd279bea20b8b218300f8e2416abf28f3858470ad8c5eb2f6cd5ec10a9</a><br/>
<a href="https://blockstream.info/testnet/tx/40ea5c9e478b66fa3f615c2b8d3accfd69308443d90a5353de669767cb02c51f" target="_blank">https://blockstream.info/testnet/tx/40ea5c9e478b66fa3f615c2b8d3accfd69308443d90a5353de669767cb02c51f</a><br/>
<a href="https://blockstream.info/testnet/tx/8fe245e9c433127af4df8ff8853650808e3281fed7de6bfda62066a3fd3ad36e" target="_blank">https://blockstream.info/testnet/tx/8fe245e9c433127af4df8ff8853650808e3281fed7de6bfda62066a3fd3ad36e</a><br/>
<br/>
maker[0] funding txes:<br/>
<a href="https://blockstream.info/testnet/tx/3d9b879866ad136f9fe6e80599e1b97d610b6330be3ab4aa7df4161fce1e41d4" target="_blank">https://blockstream.info/testnet/tx/3d9b879866ad136f9fe6e80599e1b97d610b6330be3ab4aa7df4161fce1e41d4</a>,<br/>
<a href="https://blockstream.info/testnet/tx/fa11e778d135be28b4e35498fc668c5aba7c70dcc43334b39e7488bd1259e8be" target="_blank">https://blockstream.info/testnet/tx/fa11e778d135be28b4e35498fc668c5aba7c70dcc43334b39e7488bd1259e8be</a>,<br/>
<a href="https://blockstream.info/testnet/tx/a7713452bab711c09be83a8c630fb91127771ed99cf15b528eacd28b00ba6b20" target="_blank">https://blockstream.info/testnet/tx/a7713452bab711c09be83a8c630fb91127771ed99cf15b528eacd28b00ba6b20</a>,<br/>
<br/>
maker[1] funding txes:<br/>
<a href="https://blockstream.info/testnet/tx/245e1e87d83a4bef06ceb8933c758137ee2f7ba7aa66800ebb7103707d5de5f7" target="_blank">https://blockstream.info/testnet/tx/245e1e87d83a4bef06ceb8933c758137ee2f7ba7aa66800ebb7103707d5de5f7</a>,<br/>
<a href="https://blockstream.info/testnet/tx/15727b91e09a80634587f6210bdcba8808b93e4a780c55dd113ee85314db45c4" target="_blank">https://blockstream.info/testnet/tx/15727b91e09a80634587f6210bdcba8808b93e4a780c55dd113ee85314db45c4</a>,<br/>
<a href="https://blockstream.info/testnet/tx/94e4e4e9e8fc2012158ed068145c8b883c295b37f5b3b6cba7a21c229d4da103" target="_blank">https://blockstream.info/testnet/tx/94e4e4e9e8fc2012158ed068145c8b883c295b37f5b3b6cba7a21c229d4da103</a>,<br/>
<br/>
maker[2] funding txes:<br/>
<a href="https://blockstream.info/testnet/tx/1384d58e534543e22e4f23a367728bff12177ee9af01b036c397cfca9bbe2eb8" target="_blank">https://blockstream.info/testnet/tx/1384d58e534543e22e4f23a367728bff12177ee9af01b036c397cfca9bbe2eb8</a>,<br/>
<a href="https://blockstream.info/testnet/tx/eff3b1367f403c13927ddcb01c6d3c5c0d46076f7cb4419f8a18d6b62d884540" target="_blank">https://blockstream.info/testnet/tx/eff3b1367f403c13927ddcb01c6d3c5c0d46076f7cb4419f8a18d6b62d884540</a>,<br/>
<a href="https://blockstream.info/testnet/tx/617c52caec2f7f17f3ebd1cab80233cdc1b414591f1cc49affbd828ffec10278" target="_blank">https://blockstream.info/testnet/tx/617c52caec2f7f17f3ebd1cab80233cdc1b414591f1cc49affbd828ffec10278</a>,<br/>
<br/>
maker[3] funding txes (also taker's incoming txes):<br/>
<a href="https://blockstream.info/testnet/tx/8fde61974a4e0801ae5b76b620e2effd6c837310c1bd76d738216451ae1226e3" target="_blank">https://blockstream.info/testnet/tx/8fde61974a4e0801ae5b76b620e2effd6c837310c1bd76d738216451ae1226e3</a>,<br/>
<a href="https://blockstream.info/testnet/tx/6491b85ef73a8f88e276a9b0f951c09e0367851a83aa49ffee8f8ad095f50de2" target="_blank">https://blockstream.info/testnet/tx/6491b85ef73a8f88e276a9b0f951c09e0367851a83aa49ffee8f8ad095f50de2</a>,<br/>
<a href="https://blockstream.info/testnet/tx/363b6803b7e3ed45472277448ce9938e3e73167a67762d6a9ac621243b8db019" target="_blank">https://blockstream.info/testnet/tx/363b6803b7e3ed45472277448ce9938e3e73167a67762d6a9ac621243b8db019</a>,<br/>
<br/>
<br/>
The so-called taker organized the whole thing. They decided what the<br/>
CoinSwap amount should be (0.05 tBTC in this case), decided which makers<br/>
to route over depending on their fees, how many transactions and makers<br/>
there would be. The only thing the makers do is follow the protocol and<br/>
collect their CoinSwap fees, they are not meant to even know their<br/>
position in the route. Because the taker chose how much bitcoin to<br/>
coinswap and when, they paid a fee to each maker to provide an incentive<br/>
for the makers to keep the software running.<br/>
<br/>
To a passive observer of the blockchain a single-hop CoinSwap is as<br/>
private as a multi-hop, so I suspect in practice most users will just<br/>
create 2-hop CoinSwaps.<br/>
<br/>
The project is still a work in progress. All kinds of attacks are<br/>
possible right now, so the it shouldn't be used on mainnet with real<br/>
money yet. Also right now the CoinSwap addresses created by the project<br/>
appear as 2-of-2 multisignature addresses, but the plan is to use<br/>
ECDSA-2P which will make them look the same as regular single-signature<br/>
addresses which is needed before the thing massively improves privacy<br/>
and fungibility.<br/>
<br/>
CoinSwap is the next generation of bitcoin on-chain privacy tech. It<br/>
improves on CoinJoin because it breaks the transaction graph, and even<br/>
improves the privacy of people who don't use it. CoinSwap also uses less<br/>
block space for the same privacy and therefore is cheaper in miner fees.<br/>
<br/>
Links:<br/>
* Design document:<br/>
<a href="https://gist.github.com/chris-belcher/9144bd57a91c194e332fb5ca371d0964" target="_blank">https://gist.github.com/chris-belcher/9144bd57a91c194e332fb5ca371d0964</a><br/>
* Discussion: `##coinswap` IRC channel on the freenode network<br/>
_______________________________________________<br/>
bitcoin-dev mailing list<br/>
bitcoin-dev@lists.linuxfoundation.org<br/>
<a href="https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" target="_blank">https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev</a></div>
</div>
</div>
</div></div></body></html>
|