You still have to pay to enter whirlpool and the anon set gets bigger over time.
That's my point: Attackers only have to pay for block space
once to enter Whirlpool in order to participate in
infinite Sybil attacks. With WabiSabi, mining fees create an economic defense against Sybil attackers because they would have to incur a continuous cost to attack each round.
Generating change outputs is inevitable when using Wasabi.
Generating change outputs is not inevitable when using Wasabi, you can pay your destination directly within a coinjoin transaction and never receive change.
Eventually UTXOs get too small to coinjoin in wasabi and they become doxxic.
You can coinjoin any amount with the WabiSabi protocol, zkSNACKs' coordinator sets a 5000 sat minimum, but that's an arbitrary setting for DoS protection, there's no fundamental reason why a UTXO would get "too small to coinjoin". There's even an extra tool in Wasabi to precisely eliminate change when spending outside of a coinjoin:
https://twitter.com/wasabiwallet/status/1664718704628645890There's no way that all participants have the same sized UTXOs.
I know it's hard to believe that all participants have the same sized UTXOs, but you can verify with your own eyes that they actually do:
Even if you have some non standard amount like 0.09698481 as an output like the coinjoin above does, there's no way to determine if it is a payment, if it is change, or which inputs created it.
If chain analysis companies sybil attacked the Wasabi mix, then it's not just some guess. Additionally anyone else could could have sybil attacked the mix.
Since we have no reason to believe that the round was Sybil attacked, then it's best not to assume it was deanonymized based on a guy from Twitter saying "it looks like".
UTXOs sizes are identical in any given whirlpool pool so I am not sure how Wasabi provides more privacy when only 2 other UTXOs are identical.
WabiSabi provides more privacy than Whirlpool because even UTXOs that do not have identical values to yours contribute to the crowd you are hiding in, not just the ones that have identical values. There are 195 outputs containing a total of 44.125 BTC in the attacker's transaction, so it's even possible that the attacker with the 12.475 BTC input created zero out of the 3 outputs for 5.36870912 BTC because all of his coins were split into addresses containing smaller amounts.
This is why guessing one possible outcome without ruling out the others and calling it "deanonymization" is bad: Since there's no consequences to the accuser for accusing, why not make the accusation?
Once you enter whirlpool, common ownership is not revealed.
Common ownership is revealed from Whirlpool's
premix transactions, I never claimed common ownership is revealed "once you enter Whirlpool".
This is a user decision. The same can be said of Whirlpool. If you generate change, you can CoinJoin in a smaller pool. Once a UTXO gets small enough, it becomes too small to CoinJoin.
Users of WabiSabi are never faced with this decision because they can send their payments directly in a coinjoin so they never encounter change. Even if you had change because you spent coins outside of a coinjoin, you can always coinjoin your change.
The same can not be said with Whirlpool because you always get stuck with traceable Bitcoin no matter what you do. You cannot send a payment directly in a Whirlpool coinjoin unless the recipient wants an amount of exactly 0.5, 0.05, 0.01, or 0.001 BTC. You also can't coinjoin change below 0.001 BTC.
This thread has grown to become unmanageable for me. I am glad that you like Wasabi. I hope it is as private as you seem to think it is. I will revisit Wasabi and see if there is any value that I can get out of it.
Thanks for the responses, Wasabi being private by default finally puts an end to the need for these sorts of guides since all you have to do to transact anonymously is "Receive, wait, send".