Which i agreed with you but a flaw was discovered about Wasabi wallet by OXT research last year and it was discussed on this forum which is the reason why i advise the sending of large amount of BTC through Wasabi may expose the sender UTXO.
I remember.
I have commented on that topic back when i read first about it:
Ok, so i read the article and the statement from samourai.
The two reasons why the vulnerability is critical (according to samourai) are:
When a mixed output is remixed, these vulnerabilities break the ZeroLink guarantee for the previous mix, cancelling its benefits.
and
These vulnerabilities break a core assumption of mixing, with each remix effectively canceling out the privacy gains of the previous mix.
If this is based on the assumption that the attacker has to know every UTXO in the wallet, there is no privacy to begin with.
Further, they only reference on multiple mixing events. So the coinjoin itself is not "vulnerable", they claim that multiple coinjoins have the same effect than one coinjoin.
To me, this seems just like the regular war between samourai and wasabi.
The privacy is not broken, the coinjoins are not useless.
Assuming that every UTXO of a user is known before coinjoining and also assuming that all UTXO's are enqued into a coinjoin is a pretty strong assumption to say at least.
And even then, it is not like there is a vulnerability which de-anonymizes people.
And further:
After reading the published vulnerability, i'd still stay that this is by far not as severe as outlined by samourai.
Assuming that an attacker knows every UTXO in your wallet:
- Choosing the UTXOs to mix yourself, does circumvent everything mentioned by them.
- Not mixing multiple BTC's automatically at once does circumvent this.
Assuming that an attacker does not know every UTXO in your wallet, the "vulnerability" isn't exploitable at all.
The recommendation from samourai to "stop using coinjoin" is exaggerated. Especially for a wallet which calls "ricochet" a privacy extending mechanism.
For everyone wondering what that is: It simply adds hops between your address and the destination. Basically it makes 3-4 transactions out of 1:
Source -> hop1 -> hop2 -> hop3 -> destinationAnd these transactions are always broadcasted after the previous one has 1 confirmation. That's quite easy to detect and not sophisticated at all.
Calling that privacy extending while also assuming an attacker knows every UTXO in a
competitors wallet to find
vulnerabilities is kind of insincere.
As far as i am aware there hasn't been published anything new after that. Correct me if i am wrong.
