Pages:
Author

Topic: CoinJoin: Bitcoin privacy for the real world - page 6. (Read 294672 times)

legendary
Activity: 2940
Merit: 1333
Great post man, thanks! Makes me appreciate more what a cool idea this is.

Here's an actual example of a CoinJoin transaction (click link for blockchain.info link):



There were 3 people involved in the transaction. There are 6 outputs, 2 per person. 3 of the outputs (coloured yellow) are for the exact same amount. It's impossible to know which of these three yellow outputs belongs to which of the 3 people just from looking at this transaction. The other 3 outputs are change amounts. We can easily tie the change outputs to the inputs, which I did by using the coloured arrows.

The guy who spent 82 BTC got back a yellow 70 BTC and 12 BTC of change - indicated by the blue arrow.
The guy who spent 171 BTC got back a yellow 70 BTC and 101 BTC of change - indicated by the orange arrow.
All the other inputs came from the 3rd guy, and he got back a yellow 70 BTC and 41 BTC of change - indicated by all the red lines.

Hopefully that makes it clearer. It's the yellow outputs that have been anonymised by this transaction, not the inputs or the change outputs.
full member
Activity: 165
Merit: 100
Somebody please "CoinJoin for Dummies".
Snip

Great post man, thanks! Makes me appreciate more what a cool idea this is.

If you like the idea and concept, I encourage you to download the blockchain and get your own Joinmarket-maker script running. Estimates are that the avg. maker gets about a 1% annual increase in their coin. All you need is a computer that can run the script and bitcoind.

You can get the private keys for your addresses, so you are actually in control of your coins the entire time, unlike all other similar services I've seen.

In addition, you'll get that good feeling of supporting both the bitcoin network and Joinmarket!
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
Couldn't you just use poloniex to get monero bought with BTC, then send it to yourself with a mixin of 5 or 100 or whatever you choose, then convert it with XMR.to back to BTC?
That's centralized and you lose control of your coins even if temporarily. Coin Join allows for mixing without ever giving out your coins or control of them.

Any exchange or gambling site or online wallet will do what you suggest. You just have to trust them to be online long enough for you to withdraw, and/or not get hacked, shutdown, or whatever.

I've actually seen a few people deposit to my site, wait a few days (when I "join" all deposits to the cold wallet), then withdraw, without ever playing. Works the same way. But now their coins are "tainted", so don't go try going to coinbase directly from any gambling site. Our wallets are all tagged.
sr. member
Activity: 353
Merit: 251
Somebody please "CoinJoin for Dummies".

Basically, you join payments together to 'anonymize' coins, while trading coins for other coins to make proving someones ownership of a specific coin harder.

Using Joinmarket as an example;
There are makers and takers in the Joinmarket network. Makers run a script that offers their coin for coinjoin transactions in exchange for a small fee. They sit around on the network, looking for a taker who needs coins mixed.

Takers, on the other hand, pay the makers to trade coins with them. Takers will come into Joinmarket announcing that they want to mix a certain amount of coins. Eventually a maker will accept his offer, and the maker and taker (and possibly more parties) all make one big Bitcoin transaction with lots of outputs to different addresses.

Joinmarket is just one of many ways a coinjoin can happen, but this should give you the general idea. 

The whole taker-maker process aims to mix the coins for the takers and the makers, making it harder to tell who owns which coins after the coinjoin-transaction. It will be hard to tell who now owns each output, if someone owns several outputs etc., which is the end goal of the transaction.

Users can run this process as many times as they like, the assumption being that more coinjoin transactions = better privacy.

Great post man, thanks! Makes me appreciate more what a cool idea this is.
full member
Activity: 165
Merit: 100
Somebody please "CoinJoin for Dummies".

Basically, you join payments together to 'anonymize' coins, while trading coins for other coins to make proving someones ownership of a specific coin harder.

Using Joinmarket as an example;
There are makers and takers in the Joinmarket network. Makers run a script that offers their coin for coinjoin transactions in exchange for a small fee. They sit around on the network, looking for a taker who needs coins mixed.

Takers, on the other hand, pay the makers to trade coins with them. Takers will come into Joinmarket announcing that they want to mix a certain amount of coins. Eventually a maker will accept his offer, and the maker and taker (and possibly more parties) all make one big Bitcoin transaction with lots of outputs to different addresses.

Joinmarket is just one of many ways a coinjoin can happen, but this should give you the general idea. 

The whole taker-maker process aims to mix the coins for the takers and the makers, making it harder to tell who owns which coins after the coinjoin-transaction. It will be hard to tell who now owns each output, if someone owns several outputs etc., which is the end goal of the transaction.

Users can run this process as many times as they like, the assumption being that more coinjoin transactions = better privacy.
legendary
Activity: 2492
Merit: 1491
LEALANA Bitcoin Grim Reaper
Couldn't you just use poloniex to get monero bought with BTC, then send it to yourself with a mixin of 5 or 100 or whatever you choose, then convert it with XMR.to back to BTC?

newbie
Activity: 1
Merit: 0
May I just say, I am so fucking impressed with what everyone has been posting here. That. Is. All.
hero member
Activity: 910
Merit: 501
Bitcoin gambling sites are entirely functional as (probabilistic) mixers, if you trust the gambling sites.

Wanna mix 10BTC? Just make a hundred 0.1BTC bets at even odds.  50 of them pay out double (minus the house cut) and 50 disappear.  So you get your 10BTC back, minus the house cut, and the house cut in that case is just a mixing fee.

But that's not really what coinjoin is supposed to accomplish.

In this case I would be just too scared to loose 75 or more of my bets.
That would be a relatively high mixing fee. Personally I would not take that risk.
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
Bitcoin gambling sites are entirely functional as (probabilistic) mixers, if you trust the gambling sites.

Wanna mix 10BTC? Just make a hundred 0.1BTC bets at even odds.  50 of them pay out double (minus the house cut) and 50 disappear.  So you get your 10BTC back, minus the house cut, and the house cut in that case is just a mixing fee.

But that's not really what coinjoin is supposed to accomplish.

Most gambling sites do off-chain transactions. If you want to mix 10 BTC, you simply deposit. Wait a few days. And then Withdraw. No need to actually gamble or play.

The problem is if you need to exchange the mixed coins, they are tagged as "gambling" coins by such exchanges as coinbase. So you need to bounce them around a few times among your own wallets.
sr. member
Activity: 278
Merit: 252
ABISprotocol on Gist
Quote
BTW (and sorry for being slightly off-topic): did blockchain.info remove "shared coin", their coinjoin implementation? Cannot find it anymore!

does not exist anymore Sad

That really sucks.
Just use joinmarket.

Are there any easy, straightforward instructions to use joinmarket? Blockchain's shared coin was easy.

Actually, yes, there are -

Joinmarket has a reddit:  https://www.reddit.com/r/joinmarket  May not be a bad place to have questions answered, but you may want to do tor and create a disposable account for it.  I won't use reddit anymore because of this - they are getting NSLs all the time, read in depth into comments... https://www.reddit.com/r/announcements/comments/4cqyia/for_your_reading_pleasure_our_2015_transparency/

However, if you don't want to deal with that, you could just view / lurk in the reddit discussions without having to log in and find out some of what you need, or just check out the right-hand side of the screen (under 'How do I get Started') which has the links you need.

There's also a very handy set of instructions right on github, for the GUI version of it, here:

https://github.com/JoinMarket-Org/JMBinary

Pretty damn handy.  :-)
legendary
Activity: 924
Merit: 1132
Bitcoin gambling sites are entirely functional as (probabilistic) mixers, if you trust the gambling sites.

Wanna mix 10BTC? Just make a hundred 0.1BTC bets at even odds.  50 of them pay out double (minus the house cut) and 50 disappear.  So you get your 10BTC back, minus the house cut, and the house cut in that case is just a mixing fee.

But that's not really what coinjoin is supposed to accomplish.
legendary
Activity: 1148
Merit: 1018
Quote
BTW (and sorry for being slightly off-topic): did blockchain.info remove "shared coin", their coinjoin implementation? Cannot find it anymore!

does not exist anymore Sad

That really sucks.
Just use joinmarket.

Are there any easy, straightforward instructions to use joinmarket? Blockchain's shared coin was easy.
sr. member
Activity: 278
Merit: 252
ABISprotocol on Gist
People appear to have been sending very large numbers of addresses dust as a way to break anonymity. Granted, they also may have been doing it as a way to get signatures from scriptPubKeys due to the 'R' re-use issue, but the script would use bitcoind to spend the dust which is known to not be vulnerable.

Also there's lots of pretty much unspendable dust out there from Satoshidice and others, and again such a script can help.

Check with Peter Todd before using (not sure if up to date exactly because was last updated November 2015) but, this could be useful if you are trying to deal with some dust issue (Core)

https://github.com/petertodd/dust-b-gone

I also happen to think that dust isn't as big a deal as people think it is.  It is a gift, not a curse, and it should be treated as such, people just haven't been innovative enough yet to address it well or meaningfully.  See project referred to in my signature.

Also, see BlockCypher's API http://dev.blockcypher.com/#microtransaction-api

(I do not work for BlockCypher, but I consider their work innovative)
newbie
Activity: 8
Merit: 0
People appear to have been sending very large numbers of addresses dust as a way to break anonymity. Granted, they also may have been doing it as a way to get signatures from scriptPubKeys due to the 'R' re-use issue, but the script would use bitcoind to spend the dust which is known to not be vulnerable.

Also there's lots of pretty much unspendable dust out there from Satoshidice and others, and again such a script can help.
legendary
Activity: 1792
Merit: 1008
/dev/null
Quote
BTW (and sorry for being slightly off-topic): did blockchain.info remove "shared coin", their coinjoin implementation? Cannot find it anymore!

does not exist anymore Sad

That really sucks.
Just use joinmarket.
legendary
Activity: 1148
Merit: 1018
Quote
BTW (and sorry for being slightly off-topic): did blockchain.info remove "shared coin", their coinjoin implementation? Cannot find it anymore!

does not exist anymore Sad

That really sucks.
sr. member
Activity: 364
Merit: 250
Quote
BTW (and sorry for being slightly off-topic): did blockchain.info remove "shared coin", their coinjoin implementation? Cannot find it anymore!

does not exist anymore Sad
sr. member
Activity: 469
Merit: 253
It would seem someone intentionally destroyed 1.6 BTC.

Phi to be (more) precise Smiley
legendary
Activity: 3416
Merit: 1912
The Concierge of Crypto
(that might not even be the most interesting thing about that transaction...)

I looked at that, and this one looked interesting to me:

https://btc.blockr.io/address/info/1PavedWithGodAndSomeTeensionXudq5X

It would seem someone intentionally destroyed 1.6 BTC.
sr. member
Activity: 261
Merit: 523
New paper on address closures / clustering.

http://arxiv.org/abs/1605.06369



Sorry for bumping this thread ... I'm just curious.

...

3M8XGFBKwkf7miBzpkU3x2DoWwAVrD1mhk

...

The bounty fund will pay out as funds are available according to the signers best judgment for completed work proposed in this thread that furthers the goal of making improved transaction privacy a practical reality for Bitcoin users.

If JoinMarket did not qualify, and CoinShuffle (or ShuffleCoin?) did not also qualify, what would do it? Does it have to be completely decentralized? Can it be something that relies on a "super-node" or even a third party website, bot or api? (Someone collects possible transactions and makes everyone sign it once a day or once an hour or something.)

How do you define "practical reality for Bitcoin users"?

Did I miss any other attempts at implementing this aside from CoinShuffle and JoinMarket?

Would be interested to know as well.
Six months ago I sent a PM to theymos, Pieter Wuille, gmaxwell asking for (some of) the bounty.



I think something like this would be possible to build within JoinMarket, such that "takers" are given an option to delay and group their transaction with other takers (and makers, maybe), but again, I'm sure the coding would be substantial.  A better solution for JoinMarket will likely be simple growth.  The GUI is probably helping to bring in more users.  An Electrum plugin could also be potentially huge for JoinMarket, bringing fungibility (is that a word?) to many more users.  I think some privacy conscious websites may also benefit from implementing JoinMarket transactions into their wallet structure (online casinos, darknet markets, etc.) which will also help the current limitations.


This could be done with a script called patientsendpayment.py, https://github.com/JoinMarket-Org/joinmarket/wiki/Sending-payments-with-CoinJoin#patient-send-payment
Although because the current protocol is flawed and needs updating, you can only send to addresses for which you know the private key.

Using JoinMarket for bitcoin websites could be done today, I've written a brief explanation on how here https://github.com/JoinMarket-Org/joinmarket/issues/293
Pages:
Jump to: