Bitcoin Forum>Bitcoin>Development & Technical Discussion
Pages:
Author

Topic: Decentralized whirlpool! - page 2. (Read 520 times)

BlackHatCoiner
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Re: Decentralized whirlpool!
March 22, 2024, 11:22:02 AM
#7
Quote from: Kruw on March 21, 2024, 06:39:51 PM
It doesn't matter whether the attacker is able to choose their round since there's no additional cost to participate in a remix, all rounds the attacker is chosen to participate in adds to their data set.
In Whirlpool, the coinjoin is consisted of three remixers and two premixers, meaning that for every new coinjoin, two new entrances are required to begin, which will be joined with three already mixed coins. This means that if an attacker wants to de-anonymize a coinjoin, they need to have at least three remixed coins and another premixed coin (in the same round!), so that they can see where the premixer victim's coin ends up.

But, to be a premixer you need to pay the entrance fee in each coinjoin, which is quite high to discourage that particular attack. And the more the remixes the honest user does, the more expensive this attack becomes, because the more entrances the attacker has to pay.

I don't see how this is vulnerable.
Kruw
member
Activity: 378
Merit: 93
Enable v2transport=1 and mempoolfullrbf=1
Re: Decentralized whirlpool!
March 21, 2024, 06:39:51 PM
#6
Quote from: BlackHatCoiner on March 21, 2024, 05:21:22 PM
Care to elaborate? The attacker can't remove them from the coinjoin or join a round of their choice. They must keep spending coins until they join the round they want. How is that vulnerable?

It doesn't matter whether the attacker is able to choose their round since there's no additional cost to participate in a remix, all rounds the attacker is chosen to participate in adds to their data set.
BlackHatCoiner
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Re: Decentralized whirlpool!
March 21, 2024, 05:21:22 PM
#5
Good to see them going in that direction.

Quote from: ABCbits on March 21, 2024, 04:59:42 AM
For example, is there any mechanism to protect against de anonymization by sybil attack?
I'm looking forward to see how sybil attacks will be discouraged in the case where the attacker launches (or bribes) a coordinator. At the moment, Whirlpool discourages by not allowing you to select which round to join. Round selection is random. But, this is trust-requiring to Samourai users, as far as I understand.

Quote from: Kruw on March 21, 2024, 01:40:15 PM
Whirlpool is uniquely vulnerable to Sybil attacks since the attack victims pay the mining fees of the attacker.
Care to elaborate? The attacker can't remove them from the coinjoin or join a round of their choice. They must keep spending coins until they join the round they want. How is that vulnerable?
Kruw
member
Activity: 378
Merit: 93
Enable v2transport=1 and mempoolfullrbf=1
Re: Decentralized whirlpool!
March 21, 2024, 01:40:15 PM
#4
Quote from: FinneysTrueVision on March 21, 2024, 12:20:55 AM
Having multiple coordinators is meaningless if Samourai is still running all of them.

^This.

The decentralization of WabiSabi coinjoin coordination is ahead of this already since Nostr is used for discovering new coordinators.

Quote from: ABCbits on March 21, 2024, 04:59:42 AM
Since the blog lack many details, i have so many question. For example, is there any mechanism to protect against de anonymization by sybil attack? I also wonder what will developer of wallet which offer Whirlpool feature (e.g. Sparrow Wallet) do.

Whirlpool is uniquely vulnerable to Sybil attacks since the attack victims pay the mining fees of the attacker.  JoinMarket has a mechanism to prevent Sybil attacks called "Fidelity Bonds", see https://reyify.com/blog/poodle and https://github.com/JoinMarket-Org/joinmarket/issues/156
ABCbits
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
Re: Decentralized whirlpool!
March 21, 2024, 04:59:42 AM
#3
Since the blog lack many details, i have so many question. For example, is there any mechanism to protect against de anonymization by sybil attack? I also wonder what will developer of wallet which offer Whirlpool feature (e.g. Sparrow Wallet) do.
FinneysTrueVision
sr. member
Activity: 1680
Merit: 379
Top Crypto Casino
Re: Decentralized whirlpool!
March 21, 2024, 12:20:55 AM
#2
If they truly intend to make Whirlpool coordination decentralized then it is a step in the right direction. The blog they posted doesn’t have much details about how everything will eventually work. Having multiple coordinators is meaningless if Samourai is still running all of them. This is only the initial phase though so we’ll have to wait for further developments to see how decentralized this will actually be.
Medusah
sr. member
Activity: 364
Merit: 300
Re: Decentralized whirlpool!
March 20, 2024, 07:14:21 PM
#1
Today is a special day for Samourai Wallet.  They took the first step towards decentralizing whirlpool[1].  There will be no more hardcoded coordinator servers in the upcoming version of their Samourai Wallet, Whirlpool and Dojo software.  The Soroban network will be used for coordinator discovery. 

[1]: https://blog.samourai.is/decentralized-whirlpool-stage-1/
Pages:
Bitcoin Forum>Bitcoin>Development & Technical Discussion
Jump to: