From: nopara73 <adam.ficsor73@gmail.com>
To: Prayank <prayank@tutanota.de>,
Bitcoin Protocol Discussion
<bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Wasabi Wallet 2.0 Testnet Release
Date: Thu, 10 Mar 2022 08:33:21 -0400 [thread overview]
Message-ID: <CAEPKjgf9XngWzhF9+QfDVLqSc8_6T1NrCi7MzUC4eV3zpTAe7w@mail.gmail.com> (raw)
In-Reply-To: <Mx7rhhv--3-2@tutanota.de>
[-- Attachment #1: Type: text/plain, Size: 7906 bytes --]
> There is no coin control in Wasabi Wallet 2.
This is correct, but in and of itself can be misleading for those who know
that privacy in Bitcoin is near impossible without coin control, because
the conclusion would be then that Wasabi 2.0 ruined privacy for no reason,
which is obviously not the case, in fact it improves it in many ways.
The idea is that you don't need coin control when you can make your
transaction with coinjoined coins. These coins are indistinguishable, so
you don't really have a use for coin control in that case. I think this is
non-controversial, but what about the case when you cannot make the tx from
coinjoined coins?
In that case there still is a mandatory privacy control, which is an
improved version of coin control. The insight here is that, in coin control
settings, users are differentiating between coins based on their labels.
Since Wasabi creates label clusters, it is ok to select the clusters the
user wants to make the transaction from instead of individual coins. I know
you liked the never released cluster selection page before it got further
improved to be a privacy control page, but note the privacy control still
uses the same insight, it just further removed unnecessary friction. That
being said, coins can also be seen with this super secret developer key
combination: CTRL + D + C
> User does not select coins because they are never shared with the user in
the first place.
As explained above it is selecting coins indirectly rather than directly.
It is selecting clusters of coins that are assumed to belong to the same
wallet from an outside observer's point of view instead of individually
selecting coins one by one.
> There are no 'private' coins. Every coin is public in Bitcoin.
Not sure I'd like to engage in bikeshedding on terminology, but in my
opinion this terminology is not only true, but also good and useful:
Ownership of equalized coinjoin UTXOs is only known by the owner and not by
external observers. The owner has control over who it reveals the ownership
of these UTXOs. Privacy is your ability to selectively reveal yourself to
the world, therefore the terminology of "private coins" naturally makes
sense and it's a useful differentiator from non-coinjoined coins.
> Since, the wallet assumes some coins as 'private' based on certain
things it can be misleading for the user. Privacy depends on the things
users want to share with others.
The wallet does not assume. The user assumes when selecting the anonymity
levels. The wallet works with the user's assumption of its threat model. If
a misleading claim can be made here then it's that the user misleads the
wallet (and her/himself) rather than the other way around.
> Privacy involved in using a change or not using it is debatable. Not
using a change address makes it easier to understand who might be the
recipient in a transaction whereas using a change address same as other
outputs would be difficult to analyze for possible recipients.
Although I agree it's debatable, but for different reasons. I'd rather take
an issue of its usefulness instead. About the assumption that it's easier
to understand who might be the recipient, that's incorrect as the
transaction can easily be considered a self spend. In comparison to change
generating transactions, there the change and the recipient can most of the
times be established.
> Wasabi wallet does not have different types of addresses to use for a
change however [Bitcoin Core][2] recently made some related improvement
which would improve privacy.
Yup. Unfortunately this is a hack to make the wallet feel like a light
wallet as it greatly reduces the size of the client side filters we have.
Although, as the blockchain grows further optimizations are needed. So it's
not very helpful if Bitcoin Core gives us 10 GB of filters so we can use
all the types of addresses. We had a pull request to Core about creating
custom filters, but it was NACK-ed. In order to do this correctly and get
merged into Core we'd have to have a more comprehensive modification than
our initial PR and that we have no resources to allocate to yet.
> As far as issues are concerned, there are several things not fixed and
shared in different GitHub issues or discussions. These include privacy,
security and other things.
I greatly disagree with this assessment, in fact, quite the opposite. Take
for example the tremendous activity your pull request about an empty catch
block received: https://github.com/zkSNACKs/WalletWasabi/pull/6791
No sane project would allow their best developers to spend more than 5
minutes on this issue, yet 7 developers were discussing if leaving a single
empty catch block in the code could be a potential security risk in the
future and our resolution was actually contributing to NBitcoin to make
sure we aren't getting an exception for incorrect password, but rather a
boolean signal.
> As WW2 is not developed for power users (mentioned by developers working
on Wasabi), I am not sure if bitcoin dev mailing list would be the best
place to look for newbies.
I do agree that the bitcoin-dev mailing list is not where the target users
of Wasabi 2.0 are to be found, however Wasabi 2.0 is a great forward step
of Bitcoin development and developers could certainly benefit from knowing
about great innovations it comes with.
On Wed, Mar 9, 2022 at 5:27 PM Prayank via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:
> Hi Max,
>
> > Whenever the user wants to spend bitcoin to an address, the wallet
> automatically selects those private coins with sufficient sats, coin
> control is displayed to the user.
>
> 1.There are no 'private' coins. Every coin is public in Bitcoin.
>
> 2.Since, the wallet assumes some coins as 'private' based on certain
> things it can be misleading for the user. Privacy depends on the things
> users want to share with others.
>
> 3.There is no coin control in Wasabi Wallet 2.
>
> > However, when the private balance is insufficient to make the payment,
> the user has the option to adjust the coin selection with the help of the
> previously provided contact labels.
>
> User does not select coins because they are never shared with the user in
> the first place.
>
> [Selecting some labels][1] with misleading text 'who can see this
> transaction' does not look helpful.
>
> > Wasabi also suggests the user to slightly adjust the payment amount so
> as to avoid the creation of a change utxo, decreasing fees and improving
> future privacy.
>
> Privacy involved in using a change or not using it is debatable. Not using
> a change address makes it easier to understand who might be the recipient
> in a transaction whereas using a change address same as other outputs would
> be difficult to analyze for possible recipients.
>
> Wasabi wallet does not have different types of addresses to use for a
> change however [Bitcoin Core][2] recently made some related improvement
> which would improve privacy.
>
> > We kindly ask for your help testing the completely new UI/UX
>
> As WW2 is not developed for power users (mentioned by developers working
> on Wasabi), I am not sure if bitcoin dev mailing list would be the best
> place to look for newbies. As far as issues are concerned, there are
> several things not fixed and shared in different GitHub issues or
> discussions. These include privacy, security and other things.
>
>
> [1]: https://i.imgur.com/Gxjmhau.png
> [2]: https://github.com/bitcoin/bitcoin/pull/23789
>
>
> --
> Prayank
>
> A3B1 E430 2298 178F
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
--
Best,
Ádám
[-- Attachment #2: Type: text/html, Size: 9772 bytes --]
next prev parent reply other threads:[~2022-03-10 12:33 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-02 4:24 [bitcoin-dev] Wasabi Wallet 2.0 Testnet Release Prayank
2022-03-10 12:33 ` nopara73 [this message]
-- strict thread matches above, loose matches on Subject: below --
2022-03-01 20:48 Max Hillebrand
2022-03-01 22:50 ` nopara73
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAEPKjgf9XngWzhF9+QfDVLqSc8_6T1NrCi7MzUC4eV3zpTAe7w@mail.gmail.com \
--to=adam.ficsor73@gmail.com \
--cc=bitcoin-dev@lists.linuxfoundation.org \
--cc=prayank@tutanota.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox