Very happy to see this announcement, and really pleased to see the donors continue to support these efforts: theymos, greg, pieter. Guys like us don't know how good we have it, but this is really the direction we always knew Bitcoin was headed. Further evidence that the scalability issue has long been solved (or in the midst of being addressed) and that the next direction to be tackled is privacy.
Also agree, as much as mixers have been the go-to solution for typical users in past, they're still highly centralised and CJ should, with time, require less of that aspect.
Good job Wasabi and JoinMarket!
Topic: CoinJoin: Bitcoin privacy for the real world - page 2. (Read 294695 times)
Neat outcome.
Congratulations to the Wasabi and JoinMarket developers! JoinMarket pioneered a lot of CoinJoin science (and BTW, belcher wrote an excellent & comprehensive wiki article on privacy), while Wasabi is the first wallet that implements CoinJoin in both a highly-usable and sound way. As both a signer and a donor to the CoinJoin bounty fund, I'm thrilled that these two pieces of software exist!
For everyone looking to improve their privacy, I highly recommend checking out Wasabi, especially over centralized "mixers".
Further work is still necessary toward achieving default-fungibility, which is IMO the end goal. Even with Wasabi, you need a fair bit of expertise to maintain privacy, and the vast majority of people are using wallets that are terrible privacy-wise. Without intending to say that the bounty fund will reward people for these specific things, I'd personally like to see:
- Improvements to make Wasabi more of a complete wallet.
- CoinJoin integration in other wallets, especially Bitcoin Core.
- Research on doing CoinJoin in decentralized ways. (Wasabi's method is pretty secure, but requires a centralized coordinator.)
- Other research (and, perhaps more importantly, usable products) for improving day-to-day privacy.
For everyone looking to improve their privacy, I highly recommend checking out Wasabi, especially over centralized "mixers".
Further work is still necessary toward achieving default-fungibility, which is IMO the end goal. Even with Wasabi, you need a fair bit of expertise to maintain privacy, and the vast majority of people are using wallets that are terrible privacy-wise. Without intending to say that the bounty fund will reward people for these specific things, I'd personally like to see:
- Improvements to make Wasabi more of a complete wallet.
- CoinJoin integration in other wallets, especially Bitcoin Core.
- Research on doing CoinJoin in decentralized ways. (Wasabi's method is pretty secure, but requires a centralized coordinator.)
- Other research (and, perhaps more importantly, usable products) for improving day-to-day privacy.
Here is a solution for your third point:
Just like Bitcoin a CoinJoin wallet should build a network of nodes with a mempool.
It works like this:
Alice wants to coinjoin a transaction so she sends a message to the mempool
In this message it is specified the listening node which is the communication port for Alice plus eventual informations or conditions releted to the coinjoin she wants (maybe she wants to be paid for the coinjoin and she states the fee or she wants to coinjoin with 3 or 4 participants, etc...)
Alice builds a path of nodes to her listening node just like it happens in the lightning network in which every node of the path is only aware of the 2 nodes communicating with it
Alice --> node A --> node B --> node C --> node D --> Alice's listening node
In this example of path node C will only be aware of node B and node D
Bob sees Alice's message on the mempool and decides he wants to coinjoin with Alice
He construct a path to a Bob's listening node just like Alice did
Now the 2 listening nodes talk to each other and through them Alice and Bob communicate in a secure way
They settle the details for the coinjoin, sign it and then send it to the Bitcoin network.
This is not limited to 2 participants, it can be extended to 3 or more and it could become a standard in which every privacy oriented coinjoin wallet participates.
Of course this is far less efficient than a centralized solution but we already know decentralization is inefficient.
Well deserved reward to both parties congratulations to both.
Having tested both wasabi and join market both being relatively simple to use I can see many people adopting the use of them.
Having tested both wasabi and join market both being relatively simple to use I can see many people adopting the use of them.
good decision, congrats to both projects!
Very wise decision and exactly what I was thinking would be fair as both belcher and nopara are deserving but not there 100%
Code:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hello all,
this is to announce that we're awarding:
* 10 BTC to JoinMarket, for the first practical CoinJoin solution, and continued research into progressing this domain.
* 10 BTC to Wasabi, for building a more end-user accessible solution and larger adoption.
The remainder of the funds is left for future solutions with more ubiquitous impact on the ecosystem.
For those watching, 822f559df14894bd57bdd1ef0ab983228b7816a69d035cc1c5d18fb569ee5e94 is the payout transaction, crediting
several individual contributors directly as requested by the winning projects, and aggregating the remaining bounty funds
into a single UTXO. It is (obviously) a joined transaction, mixed with other transfers.
Congratulations!
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEErGYmFy4AqCz/rolypjbpdjH3Z+AFAlzvMfkACgkQpjbpdjH3
Z+D2Pw/+IXvHLrQ1IuTicPXQgauzgIGV9F9tOZln6cIgduVW3A2nlenw9uSixh/4
rhV+kPUOjLsswEocKA1zt0pxq1QbSbhKaDRq2Rms3CtYfyvnlBTDvd/bdNDWBr2g
9Koc0QRq0ETKnJ7dXlOtwhUcOaWrW2qJMf8TekOPb6b70BSUSZzJe5YfItdLu8YM
KmmJ02GIr+urcTJDT3O6kEUpRBEUEaKcWPCAm+CVMGiKAisuhBnhKb163TKOKuH5
zoBdCHKd9giHB5obrqeaCKtw5Rg1Q7Q7hDRcFgvk5YN11EzqFyJrrHq6cyDxso8T
DsO5sa38+0aEi1ijAElwhX+7Wh5/AyadIaAq57V+9Y4TQCbDd0jhwjSclSMuiTkb
r1S0Zc6HuU0ztJyddguDKIZdUpvuRLCQXH0dUW27eYkt3NMrJTiUzN39fSNaRLDM
ZS8mHga1aUxv3IhNVf1pnDOlSE9kHrPMfaaWhrEFLROi/zz5idb6xeZ8bLIAo76D
YbY2zJ7BN0AMTI/EPX/ArkAU8qITfSwy0C9MDfZfmqeA9iy5eTj1EUSPcvoFPksg
wY+HvBptA+qaekNqmqZPZnGRx34e8QWTOP8r3NQxib2Nep8ycHB9TQXiIMGcxLvg
V3SXBCz7MCfJsKieBtZUaIOfWFzHvKGwPdjn/KoMCcwoE5rnQco=
=6vff
-----END PGP SIGNATURE-----
Hash: SHA512
Hello all,
this is to announce that we're awarding:
* 10 BTC to JoinMarket, for the first practical CoinJoin solution, and continued research into progressing this domain.
* 10 BTC to Wasabi, for building a more end-user accessible solution and larger adoption.
The remainder of the funds is left for future solutions with more ubiquitous impact on the ecosystem.
For those watching, 822f559df14894bd57bdd1ef0ab983228b7816a69d035cc1c5d18fb569ee5e94 is the payout transaction, crediting
several individual contributors directly as requested by the winning projects, and aggregating the remaining bounty funds
into a single UTXO. It is (obviously) a joined transaction, mixed with other transfers.
Congratulations!
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEErGYmFy4AqCz/rolypjbpdjH3Z+AFAlzvMfkACgkQpjbpdjH3
Z+D2Pw/+IXvHLrQ1IuTicPXQgauzgIGV9F9tOZln6cIgduVW3A2nlenw9uSixh/4
rhV+kPUOjLsswEocKA1zt0pxq1QbSbhKaDRq2Rms3CtYfyvnlBTDvd/bdNDWBr2g
9Koc0QRq0ETKnJ7dXlOtwhUcOaWrW2qJMf8TekOPb6b70BSUSZzJe5YfItdLu8YM
KmmJ02GIr+urcTJDT3O6kEUpRBEUEaKcWPCAm+CVMGiKAisuhBnhKb163TKOKuH5
zoBdCHKd9giHB5obrqeaCKtw5Rg1Q7Q7hDRcFgvk5YN11EzqFyJrrHq6cyDxso8T
DsO5sa38+0aEi1ijAElwhX+7Wh5/AyadIaAq57V+9Y4TQCbDd0jhwjSclSMuiTkb
r1S0Zc6HuU0ztJyddguDKIZdUpvuRLCQXH0dUW27eYkt3NMrJTiUzN39fSNaRLDM
ZS8mHga1aUxv3IhNVf1pnDOlSE9kHrPMfaaWhrEFLROi/zz5idb6xeZ8bLIAo76D
YbY2zJ7BN0AMTI/EPX/ArkAU8qITfSwy0C9MDfZfmqeA9iy5eTj1EUSPcvoFPksg
wY+HvBptA+qaekNqmqZPZnGRx34e8QWTOP8r3NQxib2Nep8ycHB9TQXiIMGcxLvg
V3SXBCz7MCfJsKieBtZUaIOfWFzHvKGwPdjn/KoMCcwoE5rnQco=
=6vff
-----END PGP SIGNATURE-----
Amazing, congratulations. At this point in time where we encounter a lot of difficulties in maintaining a little more privacy and individuality in our lives, and in which governments and companies insist on knowing all our steps, it is very important to see successful initiatives like these that seek to offer greater privacy in our lives.
Congrats and thank you all.
Congratulations to the Wasabi and JoinMarket developers! JoinMarket pioneered a lot of CoinJoin science (and BTW, belcher wrote an excellent & comprehensive wiki article on privacy), while Wasabi is the first wallet that implements CoinJoin in both a highly-usable and sound way. As both a signer and a donor to the CoinJoin bounty fund, I'm thrilled that these two pieces of software exist!
For everyone looking to improve their privacy, I highly recommend checking out Wasabi, especially over centralized "mixers".
Further work is still necessary toward achieving default-fungibility, which is IMO the end goal. Even with Wasabi, you need a fair bit of expertise to maintain privacy, and the vast majority of people are using wallets that are terrible privacy-wise. Without intending to say that the bounty fund will reward people for these specific things, I'd personally like to see:
- Improvements to make Wasabi more of a complete wallet.
- CoinJoin integration in other wallets, especially Bitcoin Core.
- Research on doing CoinJoin in decentralized ways. (Wasabi's method is pretty secure, but requires a centralized coordinator.)
- Other research (and, perhaps more importantly, usable products) for improving day-to-day privacy.
For everyone looking to improve their privacy, I highly recommend checking out Wasabi, especially over centralized "mixers".
Further work is still necessary toward achieving default-fungibility, which is IMO the end goal. Even with Wasabi, you need a fair bit of expertise to maintain privacy, and the vast majority of people are using wallets that are terrible privacy-wise. Without intending to say that the bounty fund will reward people for these specific things, I'd personally like to see:
- Improvements to make Wasabi more of a complete wallet.
- CoinJoin integration in other wallets, especially Bitcoin Core.
- Research on doing CoinJoin in decentralized ways. (Wasabi's method is pretty secure, but requires a centralized coordinator.)
- Other research (and, perhaps more importantly, usable products) for improving day-to-day privacy.
Code:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hello all,
this is to announce that we're awarding:
* 10 BTC to JoinMarket, for the first practical CoinJoin solution, and continued research into progressing this domain.
* 10 BTC to Wasabi, for building a more end-user accessible solution and larger adoption.
The remainder of the funds is left for future solutions with more ubiquitous impact on the ecosystem.
For those watching, 822f559df14894bd57bdd1ef0ab983228b7816a69d035cc1c5d18fb569ee5e94 is the payout transaction, crediting
several individual contributors directly as requested by the winning projects, and aggregating the remaining bounty funds
into a single UTXO. It is (obviously) a joined transaction, mixed with other transfers.
Congratulations!
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEErGYmFy4AqCz/rolypjbpdjH3Z+AFAlzvMfkACgkQpjbpdjH3
Z+D2Pw/+IXvHLrQ1IuTicPXQgauzgIGV9F9tOZln6cIgduVW3A2nlenw9uSixh/4
rhV+kPUOjLsswEocKA1zt0pxq1QbSbhKaDRq2Rms3CtYfyvnlBTDvd/bdNDWBr2g
9Koc0QRq0ETKnJ7dXlOtwhUcOaWrW2qJMf8TekOPb6b70BSUSZzJe5YfItdLu8YM
KmmJ02GIr+urcTJDT3O6kEUpRBEUEaKcWPCAm+CVMGiKAisuhBnhKb163TKOKuH5
zoBdCHKd9giHB5obrqeaCKtw5Rg1Q7Q7hDRcFgvk5YN11EzqFyJrrHq6cyDxso8T
DsO5sa38+0aEi1ijAElwhX+7Wh5/AyadIaAq57V+9Y4TQCbDd0jhwjSclSMuiTkb
r1S0Zc6HuU0ztJyddguDKIZdUpvuRLCQXH0dUW27eYkt3NMrJTiUzN39fSNaRLDM
ZS8mHga1aUxv3IhNVf1pnDOlSE9kHrPMfaaWhrEFLROi/zz5idb6xeZ8bLIAo76D
YbY2zJ7BN0AMTI/EPX/ArkAU8qITfSwy0C9MDfZfmqeA9iy5eTj1EUSPcvoFPksg
wY+HvBptA+qaekNqmqZPZnGRx34e8QWTOP8r3NQxib2Nep8ycHB9TQXiIMGcxLvg
V3SXBCz7MCfJsKieBtZUaIOfWFzHvKGwPdjn/KoMCcwoE5rnQco=
=6vff
-----END PGP SIGNATURE-----
Hash: SHA512
Hello all,
this is to announce that we're awarding:
* 10 BTC to JoinMarket, for the first practical CoinJoin solution, and continued research into progressing this domain.
* 10 BTC to Wasabi, for building a more end-user accessible solution and larger adoption.
The remainder of the funds is left for future solutions with more ubiquitous impact on the ecosystem.
For those watching, 822f559df14894bd57bdd1ef0ab983228b7816a69d035cc1c5d18fb569ee5e94 is the payout transaction, crediting
several individual contributors directly as requested by the winning projects, and aggregating the remaining bounty funds
into a single UTXO. It is (obviously) a joined transaction, mixed with other transfers.
Congratulations!
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEErGYmFy4AqCz/rolypjbpdjH3Z+AFAlzvMfkACgkQpjbpdjH3
Z+D2Pw/+IXvHLrQ1IuTicPXQgauzgIGV9F9tOZln6cIgduVW3A2nlenw9uSixh/4
rhV+kPUOjLsswEocKA1zt0pxq1QbSbhKaDRq2Rms3CtYfyvnlBTDvd/bdNDWBr2g
9Koc0QRq0ETKnJ7dXlOtwhUcOaWrW2qJMf8TekOPb6b70BSUSZzJe5YfItdLu8YM
KmmJ02GIr+urcTJDT3O6kEUpRBEUEaKcWPCAm+CVMGiKAisuhBnhKb163TKOKuH5
zoBdCHKd9giHB5obrqeaCKtw5Rg1Q7Q7hDRcFgvk5YN11EzqFyJrrHq6cyDxso8T
DsO5sa38+0aEi1ijAElwhX+7Wh5/AyadIaAq57V+9Y4TQCbDd0jhwjSclSMuiTkb
r1S0Zc6HuU0ztJyddguDKIZdUpvuRLCQXH0dUW27eYkt3NMrJTiUzN39fSNaRLDM
ZS8mHga1aUxv3IhNVf1pnDOlSE9kHrPMfaaWhrEFLROi/zz5idb6xeZ8bLIAo76D
YbY2zJ7BN0AMTI/EPX/ArkAU8qITfSwy0C9MDfZfmqeA9iy5eTj1EUSPcvoFPksg
wY+HvBptA+qaekNqmqZPZnGRx34e8QWTOP8r3NQxib2Nep8ycHB9TQXiIMGcxLvg
V3SXBCz7MCfJsKieBtZUaIOfWFzHvKGwPdjn/KoMCcwoE5rnQco=
=6vff
-----END PGP SIGNATURE-----
The conditions for the bounty are:
And, having considered this for a while, my perspective is that no-one has really achieved this.
Coinjoin (as currently implemented) has a problem: coinjoins with a large number of participants and also similar/equal output amounts are easily identifiable on the (public) blockchain. This simply reduces fungiblity in a different way: now, outputs from mass coinjoins can be identified as "coinjoin related" and labelled as such.
Payjoin and PaySwap (link: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-April/016888.html) are the real solution, and they are as of yet unimplemented by anyone.
Coinjoins must look exactly like any other transaction on the blockchain in order to make Bitcoin transactions truly private.
The bounty fund will pay out as funds are available according to the signers best judgment for completed work proposed in this thread that furthers the goal of making improved transaction privacy a practical reality for Bitcoin users.
And, having considered this for a while, my perspective is that no-one has really achieved this.
Coinjoin (as currently implemented) has a problem: coinjoins with a large number of participants and also similar/equal output amounts are easily identifiable on the (public) blockchain. This simply reduces fungiblity in a different way: now, outputs from mass coinjoins can be identified as "coinjoin related" and labelled as such.
Payjoin and PaySwap (link: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-April/016888.html) are the real solution, and they are as of yet unimplemented by anyone.
Coinjoins must look exactly like any other transaction on the blockchain in order to make Bitcoin transactions truly private.
are the results out already who got the bounty rewards?
Repeated dishonesty from Samourai have barred them from ever receiving a payout from the bounty as far as I am concerned: I will not be signing a transaction paying them. Evaluating the privacy of systems is difficult even when the involved parties are honest and easy to work with, it is far too difficult when they are actively misleading. Personally, I would urge my friends to not use that wallet.
As far as other stuff, there has been efforts in progress to do some awarding for a couple months now. It takes time to evaluate things and work with the recipients. If it didn't this bounty would have been gone years ago when "darkwallet" demanded the whole thing then mobbed us with unreasonable demands (including public campaigning which was vigorous to the point of harassment) to pay it all to them when the result didn't provide the advertised privacy and didn't even stay available due to the operating model.
As far as other stuff, there has been efforts in progress to do some awarding for a couple months now. It takes time to evaluate things and work with the recipients. If it didn't this bounty would have been gone years ago when "darkwallet" demanded the whole thing then mobbed us with unreasonable demands (including public campaigning which was vigorous to the point of harassment) to pay it all to them when the result didn't provide the advertised privacy and didn't even stay available due to the operating model.
This makes sense and is reasonable. Thank you for updating us that you are still reviewing Wasabi and joinmarket for payouts.
In a sense I can of understand why you are hesitant as Wasabi doesn't allow coinjoining smaller amounts and is profit motivated(understandable considering what happened to darkwallet) benefiting the wallet and joinmarket while great has really lacking UX that wasabi excels at. Thus no ideal solution exists as of yet but we are getting better every month. My opinion doesn't matter as its your bounty to give but IMHO partial rewards should be given to wasabi and joinmarket and half withheld for future projects that creates a better mixing wallet.
If anyone's interested, I've found a summary of this thread and the list of proposals submitted to date. A short recap for those who stopped following this thread after a while:
https://medium.com/@6102bitcoin/the-coinjoin-bounty-thread-e6d5e3055e6a
https://medium.com/@6102bitcoin/coinjoin-part-ii-the-proposals-b62853f95e37
https://medium.com/@6102bitcoin/the-coinjoin-bounty-thread-e6d5e3055e6a
https://medium.com/@6102bitcoin/coinjoin-part-ii-the-proposals-b62853f95e37
I understand that the devs at Samourai can sometimes exaggerate their claims due excitement but they appear to be doing great work to make Coinjoin usable along with nopara - https://twitter.com/SamouraiWallet/status/1120215932922679297
For the record I don't have any association with Samourai. Back then I wanted to build Wasabi Wallet for Samourai, but they were not interested/responding my messages and nagging, so I went ahead alone.
Repeated dishonesty from Samourai have barred them from ever receiving a payout from the bounty as far as I am concerned: I will not be signing a transaction paying them. Evaluating the privacy of systems is difficult even when the involved parties are honest and easy to work with, it is far too difficult when they are actively misleading. Personally, I would urge my friends to not use that wallet.
As far as other stuff, there has been efforts in progress to do some awarding for a couple months now. It takes time to evaluate things and work with the recipients. If it didn't this bounty would have been gone years ago when "darkwallet" demanded the whole thing then mobbed us with unreasonable demands (including public campaigning which was vigorous to the point of harassment) to pay it all to them when the result didn't provide the advertised privacy and didn't even stay available due to the operating model.
Wassabi wallet get's a vote from me.
Must praise nopara73 for the work on the wallet have been testing out on ubuntu and quite impressed with the project and wallet thus far,
I agree with what is being said about the .NET privacy issue as nopara73 pointed out he is aware of the situation as are many others regarding the telemetry/privacy issues in the .NET framework.
You sir deserve some bounty!
Must praise nopara73 for the work on the wallet have been testing out on ubuntu and quite impressed with the project and wallet thus far,
I agree with what is being said about the .NET privacy issue as nopara73 pointed out he is aware of the situation as are many others regarding the telemetry/privacy issues in the .NET framework.
You sir deserve some bounty!
so tell us again about "ad hominems on Microsoft"
Regarding your ad hominems on Microsoft, I believe they are worthy topics to discuss, but falls outside the scope of this discussion.
you can't pretend Microsoft have a good reputation, or that Windows doesn't openly suck up all user data, it's a default option in Windows, labelled "Please spy on everything I do on this computer"
so why even try to defend them? why attack someone who's only informing people about platforms with zero privacy, Mr. Privacy?
I don't endorse Microsoft's data collection policies. Quite the contrary, in fact, I've raised my voice against them in the past and received concerning response from MS: https://github.com/dotnet/cli/issues/10497
But again, it falls outside the scope of this discussion.
Regarding your ad hominems on Microsoft, I believe they are worthy topics to discuss, but falls outside the scope of this discussion.
you can't pretend Microsoft have a good reputation, or that Windows doesn't openly suck up all user data, it's a default option in Windows, labelled "Please spy on everything I do on this computer"
so why even try to defend them? why attack someone who's only informing people about platforms with zero privacy, Mr. Privacy?
it wouldn't surprise me if the .NET framework is an epicly gigantic codebase that no one person could be reasonably expected to read and review, like 100's of thousands of LOC.
So there's not much point in saying "open source baby", the Game of Thrones books are open source and I'm still not going to read them. And more importantly, is the byte-code interpreter open source?
When you're dealing with a product from an organisation with such a bad reputation as that of Microsoft, the questions are endless, and the answers are likely to be unsatisfactory. I don't want to waste my time.
(not to mention, Microsoft are now openly collecting all user data from their Windows users, what's the point in developing privacy software for an OS that openly exploits user privacy, why even bother?)
.NET Core is not .NET Framework. The former is cross platform the latter is Windows only. Yes, they are both open source and yes, the Roslyn compiler is open source, too. In fact I managed to contribute to the .NET ecosystem once or twice in the past, too. Please don't make comments like this when you have no knowledge of the subject.
Regarding your ad hominems on Microsoft, I believe they are worthy topics to discuss, but falls outside the scope of this discussion.
Wasabi is built with .NET Core. Core is open source and cross platform
it wouldn't surprise me if the .NET framework is an epicly gigantic codebase that no one person could be reasonably expected to read and review, like 100's of thousands of LOC.
So there's not much point in saying "open source baby", the Game of Thrones books are open source and I'm still not going to read them. And more importantly, is the byte-code interpreter open source?
When you're dealing with a product from an organisation with such a bad reputation as that of Microsoft, the questions are endless, and the answers are likely to be unsatisfactory. I don't want to waste my time.
(not to mention, Microsoft are now openly collecting all user data from their Windows users, what's the point in developing privacy software for an OS that openly exploits user privacy, why even bother?)
Jump to: