From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Mon, 07 Apr 2025 03:36:04 -0700 Received: from mail-yw1-f191.google.com ([209.85.128.191]) by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1u1jpj-0007Ax-NT for bitcoindev@gnusha.org; Mon, 07 Apr 2025 03:36:04 -0700 Received: by mail-yw1-f191.google.com with SMTP id 00721157ae682-6fecdb96e52sf61829907b3.2 for ; Mon, 07 Apr 2025 03:36:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1744022158; x=1744626958; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-sender:mime-version :subject:references:in-reply-to:message-id:to:from:date:sender:from :to:cc:subject:date:message-id:reply-to; bh=ziDCWQzysOYoNj0mYjC3mpoFUimmLoTo5pVODif5j5E=; b=g0ctbzpem7PKDDp2hFmrC2xiRJx6MQmezncN7id65eOs1GU4jp4EfDkF0BWN0PEGyF X6xmf/f+yM4W5TsgUwnqRUCyTLdkauJRTjp+xb3OQeN6YmltpFm56c0solL3F+HCbm3j wVgm3UMzJoYMiq7SyeeMo08AkwTJk/PW4G6knAd9Uh6aEHT3sgTZ6fikcGLIv5csaEaa uImJj97pP591bwphx2SPCtMK+zTa+kLE3ZPCjR8X1aknmtKxnl4S8PK39blIH92QcXSe DGtrQ3Ee10uKho4OOpwFHH5qza+wpV34TlLgNoK9esSFS9qEJursi8N4miSqP0KjQVJ0 DlsQ== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1744022158; x=1744626958; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-sender:mime-version :subject:references:in-reply-to:message-id:to:from:date:from:to:cc :subject:date:message-id:reply-to; bh=ziDCWQzysOYoNj0mYjC3mpoFUimmLoTo5pVODif5j5E=; b=DCnclFa7DpgernYOBXCCezhhfKWpNT3h7y3P99ZBQvw3/w5PETFyn/MnvAQBD3ysf8 DYuW6yOLJ1Hbvru39+P9MY/X/yF9MRd9646Rck13tJT94n756Glj1T2+0+DL1zNnXvks Gy2ThZGBRxZ2pnfIYj7/ba4q453FENbC6RkWdP1r5Pe6OcR9sYxaMKXzBp1Nvc6J3yQA K/xh4/GKuZASzn1n2/Mc5qDwNPqMCUdsRU8jBq0pkmVFiOy7HEKTjfNOIoA6lBmeOc2v pCpPPPMdW0wPSW2nmLGFoJGwKnmeWK763OHLlQylNpNmFML2PS5LOnPb9iLxWDo+8jJ6 QSGQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1744022158; x=1744626958; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-sender:mime-version :subject:references:in-reply-to:message-id:to:from:date:x-beenthere :x-gm-message-state:sender:from:to:cc:subject:date:message-id :reply-to; bh=ziDCWQzysOYoNj0mYjC3mpoFUimmLoTo5pVODif5j5E=; b=qldfXtzZZKpRy+StVydByFovNbZDqtAh2znNfk/Zr0ONyX9T8E/jWF0MVuITf/qbE7 nWOQywtnmSSXcTZVwiQKfG1JqSZWTt5EYRM1lvM/kvf8++3C1jT4h5mM6sUpiNXI2v1M heaa68Ed+zjbE9Env8WcQYFLJjVXeCDzwbDMT7O4ZxtLW8j1MIfQFa29byoUkLa04Ob2 PPleWL8E1qutjlwc8SlFxa3aDWd2d2fnz3vUn+mzdi4gF6aKD33CeQBXcqKAOK9YfuFF 4kTOEFg2kTHfCl3DlxBbKgMTqfG6bGxrLJDHoOA8zFCpY4ICYs5QmNJ9X4FARHB/qmWF P0HQ== Sender: bitcoindev@googlegroups.com X-Forwarded-Encrypted: i=1; AJvYcCU6EUhSNjUnqC0QzGCF41P0vuWphwTzuwU1YYkC1mpjp/jtpuFLNNFcWP+K+aiqeedQX/3DreKOgZvN@gnusha.org X-Gm-Message-State: AOJu0YyR4EJl4h3HuL90+0hWL3QLe9VTRQdoKtLxdwVQMWjfharCjX/a mBByR2UI0Geyf+r83NOsVogoQxijfQrWtecrp4tc+Fu4buaKSPzY X-Google-Smtp-Source: AGHT+IFPKqt0KTkVDT4aBXF+4TiGq840BrU9x4W0Gugdokj5uHpQ1Z76RPd6pc82CSAQrrv9HxKoXA== X-Received: by 2002:a05:6902:1708:b0:e6d:da84:e901 with SMTP id 3f1490d57ef6-e6e1c226064mr21632205276.27.1744022157741; Mon, 07 Apr 2025 03:35:57 -0700 (PDT) X-BeenThere: bitcoindev@googlegroups.com; h=ARLLPALS+b8iNa2bCaVYfeTz+jBaYQM/xvlB0P8G1yJvV4rlOw== Received: by 2002:a25:dc8a:0:b0:e6b:af35:e62d with SMTP id 3f1490d57ef6-e6e07a99eb9ls458614276.2.-pod-prod-06-us; Mon, 07 Apr 2025 03:35:54 -0700 (PDT) X-Received: by 2002:a05:690c:6805:b0:700:a6a0:1e2e with SMTP id 00721157ae682-703e137e49bmr186114407b3.0.1744022154054; Mon, 07 Apr 2025 03:35:54 -0700 (PDT) Received: by 2002:a05:690c:3749:b0:703:d6cc:4806 with SMTP id 00721157ae682-703d6cc4a43ms7b3; Mon, 7 Apr 2025 03:01:41 -0700 (PDT) X-Received: by 2002:a05:690c:250a:b0:702:5927:25b1 with SMTP id 00721157ae682-703e313eba2mr213507437b3.10.1744020100548; Mon, 07 Apr 2025 03:01:40 -0700 (PDT) Date: Mon, 7 Apr 2025 03:01:39 -0700 (PDT) From: Javier Mateos To: Bitcoin Development Mailing List Message-Id: <35a802c4-b0dc-43a3-a087-de2babf12759n@googlegroups.com> In-Reply-To: References: Subject: Re: [bitcoindev] Reiterating centralized coinjoin (Wasabi & Samourai) deanonymization attacks MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_Part_470334_874221802.1744020099983" X-Original-Sender: javierpmateos@gmail.com Precedence: list Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com List-ID: X-Google-Group-Id: 786775582512 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Score: -0.5 (/) ------=_Part_470334_874221802.1744020099983 Content-Type: multipart/alternative; boundary="----=_Part_470335_1125901475.1744020099983" ------=_Part_470335_1125901475.1744020099983 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hello everyone, First of all, I believe this debate has been extremely constructive,=20 despite some friction regarding inherent biases. I think Yuval has=20 identified real risks, and at the same time, there was a lack of clarity=20 regarding how the coordinator operated. If the coordinator had malicious=20 intentions in the beginning, these have been observed and brought to the=20 table by a community that is always active and vigilant about these crucial= =20 issues. I believe this is already part of the healthy culture surrounding= =20 Bitcoin. At this moment, what is crucial is to look forward and demand: -Overall Transparency: We need clear answers to questions such as: How are= =20 the residual funds calculated and allocated? Which wallet(s) are used?=20 Ultimately, this information should be publicly verifiable on the=20 blockchain. -Audit and Review of the Revenue Model: Is the current mechanism (which=20 retains residual funds) the best option? Could the excess be redistributed= =20 among users? Should it be handed over to a group of independent auditors,= =20 or what alternative is best? These are questions aimed at finding more=20 transparent options, especially if disclosed properly. They could even be= =20 addressed through a bounty, for example. -Audit and Review of the Protocol Architecture: The measures above would=20 help and could pave the way for the adoption of technical mitigations. Clearly, a thorough technical and ethical review is required, or else we=20 wouldn=E2=80=99t have this healthy debate. Regards, -Javier El viernes, 4 de abril de 2025 a las 14:26:17 UTC-3, Peter Todd escribi=C3= =B3: > On Fri, Jan 31, 2025 at 10:39:10PM +0100, Yuval Kogman wrote: > > - https://youtu.be/v952Fd1vmOs?t=3D2073 - here, months after launching > > his service, he fails to disclose until pressed to elaborate, then > > admits he's collecting revenues and casually misrepresents the > > "optimistic" behavior of wasabi (which a bug) as a "little known > > secret" that justifies his appropriation of excess funds, which under > > the zksnacks coordinator went to the mining fees (thereby bolstering > > sybil resistance, not undermining it). > > For the record, I checked the archive.org and github history of the > Wasabi Wallet docs themselves, and since at least Nov 23rd 2024 > (archive.org) or possible Oct 10th 2024 (git commit), they've clearly > stated that leftovers go to the coordinator: > > "In rare cases the output decomposition contains change (maximum of > 10,000 sats per coinjoin), this leftover goes to the coordinator. This > is because creating such small amounts would harm privacy and ends up > being more expensive than just forfeiting it." > > (note: this whole passage is highlighted) > > > https://web.archive.org/web/20241123035844/https://docs.wasabiwallet.io/u= sing-wasabi/CoinJoin.html#fees > > https://github.com/WalletWasabi/WasabiDoc/commit/a1f2f474f282918f2e1626a0= 1351ac8f1b9c43cf > > The git commit that introduced that language is PGP-signed by Github as > of Nov 9th 2024. > > --=20 > https://petertodd.org 'peter'[:-1]@petertodd.org > --=20 You received this message because you are subscribed to the Google Groups "= Bitcoin Development Mailing List" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoindev+unsubscribe@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/= 35a802c4-b0dc-43a3-a087-de2babf12759n%40googlegroups.com. ------=_Part_470335_1125901475.1744020099983 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hello everyone,

First of all, I believe this debate has been ext= remely constructive, despite some friction regarding inherent biases. I thi= nk Yuval has identified real risks, and at the same time, there was a lack = of clarity regarding how the coordinator operated. If the coordinator had m= alicious intentions in the beginning, these have been observed and brought = to the table by a community that is always active and vigilant about these = crucial issues. I believe this is already part of the healthy culture surro= unding Bitcoin.

At this moment, what is crucial is to look forwa= rd and demand:

-Overall Transparency: We need clear answers to q= uestions such as: How are the residual funds calculated and allocated? Whic= h wallet(s) are used? Ultimately, this information should be publicly verif= iable on the blockchain.

-Audit and Review of the Revenue Model:= Is the current mechanism (which retains residual funds) the best option? C= ould the excess be redistributed among users? Should it be handed over to a= group of independent auditors, or what alternative is best? These are ques= tions aimed at finding more transparent options, especially if disclosed pr= operly. They could even be addressed through a bounty, for example.
-Audit and Review of the Protocol Architecture: The measures above woul= d help and could pave the way for the adoption of technical mitigations.
Clearly, a thorough technical and ethical review is required, or e= lse we wouldn=E2=80=99t have this healthy debate.

Regards,
=
-Javier



El viernes, 4 de abril de= 2025 a las 14:26:17 UTC-3, Peter Todd escribi=C3=B3:
On Fri, Jan 31, 2025 at 10:39:10PM= +0100, Yuval Kogman wrote:
> - https://yout= u.be/v952Fd1vmOs?t=3D2073 - here, months after launching
> his service, he fails to disclose until pressed to elaborate, then
> admits he's collecting revenues and casually misrepresents the
> "optimistic" behavior of wasabi (which a bug) as a "= ;little known
> secret" that justifies his appropriation of excess funds, whi= ch under
> the zksnacks coordinator went to the mining fees (thereby bolsteri= ng
> sybil resistance, not undermining it).

For the record, I checked the archive.org and github h= istory of the
Wasabi Wallet docs themselves, and since at least Nov 23rd 2024
(archive.org) or possible Oct 10th 2024 (git commit), = they've clearly
stated that leftovers go to the coordinator:

"In rare cases the output decomposition contains change (maximum o= f
10,000 sats per coinjoin), this leftover goes to the coordinator. This
is because creating such small amounts would harm privacy and ends up
being more expensive than just forfeiting it."

(note: this whole passage is highlighted)

https://web.archive.org/web/20241123= 035844/https://docs.wasabiwallet.io/using-wasabi/CoinJoin.html#fees
https://github.com/WalletWasabi/WasabiDoc/commit/a1f2f474f282918f2= e1626a01351ac8f1b9c43cf

The git commit that introduced that language is PGP-signed by Github as
of Nov 9th 2024.

--=20
https://petertodd.org 'peter'[:-1]@petertodd.org

--
You received this message because you are subscribed to the Google Groups &= quot;Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoind= ev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoind= ev/35a802c4-b0dc-43a3-a087-de2babf12759n%40googlegroups.com.
------=_Part_470335_1125901475.1744020099983-- ------=_Part_470334_874221802.1744020099983--