Topic: Wasabi Wallet - Open Source, Noncustodial Coinjoin Software (Read 8147 times)

Stop that.

OK, if the Wasabi coordinators have those "weaknesses" in their system, what can the developers do to address them?

So, remember people. Wasabi is completely trustless software, as long as you already have private coins, trust another person to join your coinjoin, and deliberately blacklist yourself on every coordinator you connect. Trustlessness on steroids.

There's always a small risk of getting Sybil attacked; it's just the way coinjoins are constructed. But, no, we have Mr. Absolute Truth here harassing anyone who dares to claim that Wasabi might not cure cancer.

Why wouldn't my solutions protect me? Explain how I can still be Sybil attacked if I use the methods I described to you. Start with method 1, explain how the malicious coordinator could defeat it, then go on to method 2, explain how the malicious coordinator could defeat it, then go on to method 3 and explain how a malicious coordinator could defeat it.

But, no, we have Mr. Absolute Truth here harassing anyone who dares to claim that Wasabi might not cure cancer.

OK, if the Wasabi coordinators have those "weaknesses" in their system, what can the developers do to address them?

Actually, we have a partner of a blockchain analysis company posting in in this thread: BlackHatCoiner.

BlackHatCoiner and o_e_l_e_o were both hired by the 'Mixtum" blockchain analysis company to get Bitcointalk users to deposit their BTC into their custodial spy network:

Actually, we have a partner of a blockchain analysis company posting in in this thread: BlackHatCoiner.

BlackHatCoiner and o_e_l_e_o were both hired by the 'Mixtum" blockchain analysis company to get Bitcointalk users to deposit their BTC into their custodial spy network:

So what do I do?  Do I have to get myself banned 10 times, which is also a big waste of time on my end particularly if time is a very important resource and I am a Target, while trying to find out if the Attacker is quitting due to Mining Fee burns?

My points proved conclusively that coordinators are trustless. You can even use all 3 anti Sybil methods together at once, you don't have to rely on just one:

- First, register your private coin to the coordinator. If it's accepted, then there's no Sybil attack.
- Second, ask your friend to register a coin to the same round. If it's accepted, then you've confirmed for a second time that there's no Sybil attack.
- Third, just to be absolutely sure, back out of the round during signing to check to see if the transaction was built to target you. If the transaction is created, you've confirmed for a third time that there's no Sybil attack.

If somebody is so keen on trying to attack a Target, then may be safe to assume the Target is likely very important and therefore the Funding could be huge.  And I imagine having a Million Dollars funding to spend on a Decoy Coordinator burning Mining Fees in an attempt of the successful Attack is not too extraordinary either.

Honest coordinators issue temporary bans to non-signer inputs as a DoS protection measure, so a convincing Sybil attacker would have to do the same.

Step 1: Find a coordinator.
Step 2: Check if he is a Sybil attacker by DoS-ing him.
Step 3: Have your coins blacklisted in that coordinator.
Step 4: Repeat step 1 until there are no coordinators left.

Lol! 

My points proved conclusively that coordinators are trustless. You can even use all 3 anti Sybil methods together at once, you don't have to rely on just one:

- First, register your private coin to the coordinator. If it's accepted, then there's no Sybil attack.
- Second, ask your friend to register a coin to the same round. If it's accepted, then you've confirmed for a second time that there's no Sybil attack.
- Third, just to be absolutely sure, back out of the round during signing to check to see if the transaction was built to target you. If the transaction is created, you've confirmed for a third time that there's no Sybil attack.

How does the victim get to do that indefinitely when the coordinator is supposed to ban him after refusing to sign and disrupt the round? What prevents the attacker coordinator to simply mark these inputs as blacklisted, with DoS protection measure as an excuse?

This costs the target victim nothing, and they can repeat it as many times as they want.

What if the Transaction is still created even if I am a target and am backing out?

My points proved conclusively that coordinators are trustless. You can even use all 3 anti Sybil methods together at once, you don't have to rely on just one:

- First, register your private coin to the coordinator. If it's accepted, then there's no Sybil attack.
- Second, ask your friend to register a coin to the same round. If it's accepted, then you've confirmed for a second time that there's no Sybil attack.
- Third, just to be absolutely sure, back out of the round during signing to check to see if the transaction was built to target you. If the transaction is created, you've confirmed for a third time that there's no Sybil attack.

Having said that, no blockchain analysis representatives have an account here otherwise maybe they could given an answer.

3. Quality scoring of incoming transactions
We run a thorough background check of incoming funds through a proprietary algorithm.

2.1. Privacy Policy

Please refer to our Privacy Policy to get an understanding of our confidentiality obligations. You consent to the collection and use of information as described in the Privacy Policy.

2.2 Suspension or termination of services

Mixtum reserves the right to suspend or terminate access to services at any time at its own discretion, with or without reasons, with or without notification assuming no responsibility whatsoever.

For example, services may be suspended or terminated due to the following reasons:

    an actual or suspected violation of these Terms and Conditions;
    use of the service in such a manner that is conducive to the legal liability of Mixtum or Service malfunction;
    planned or unplanned maintenance, etc.

2.3 Unacceptable use

You agree that you personally will not commit, encourage or support the committal of:

    use of any unauthorized means to access the Mixtum service or use of any automated process or service (for example, spider, crawler or periodic caching of information stored or generated by Mixtum) except for the functions described in our API, as well as distribution of instructions, software or tools with this aim in view;
    modification, change, distortion or any other interference in work of the Mixtum service;
    disturbing or interference in operation of servers or networks used by Mixtum to deliver the Services;
    disabling, overload or degradation of Mixtum performance (or any other network connected to the service);
    use of the Mixtum service or website for any other purposes other than those specifically provided by these Terms and Privacy Policy;
    any illegal or fraudulent activity, as well as use of this Service in order to legalize illegal income, financing of terrorism, participation in schemes of phishing, forgery or other such falsification or manipulation;
    unauthorized spamming, pyramid schemes or any other activity duplicating unwanted messages should they be commercially oriented or of other nature.

2.4 Service updates

At any time and at its absolute discretion Mixtum can carry out unscheduled works related to the service modification, update and enhancement. We are liable to add or remove functions and cease activities of the service and website.
2.5 License and restrictions

Mixtum provides you with a personal nontransferable nonexclusive license to use the Service as it is stipulated for you by Mixtum. This license is provided under conditions and restricted to the provisions, stipulations and constraints stated in these Terms. Therewith, such license is intended for personal, noncommercial use. You may not copy, modify, create a derivative work of, decompile or otherwise attempt to extract the source code of the service or any part thereof, exclusive of data permitted by law, or expressly allowed by the Mixtum platform (use of templates, API, etc.). You may not reassign (or grant a sublicense of) your rights to use the service, or otherwise transfer any part of your rights in accordance with these Terms. These Rules do not provide you with any license or permission to copy, distribute, change or otherwise use any applications programming interface despite any provisions to the contrary. No property rights or ownership rights related to the Service are not granted to you according to these Terms. Mixtum reserves all rights that have not been expressly granted.

Is there anyone left in this topic, who's understood what I said? Talking with TwistyPhrasy feels like a loss of my time.

Is there anyone left in this topic, who's understood what I said? Talking with TwistyPhrasy feels like a loss of my time.

Why wouldn't my solutions protect me? Explain how I can still be Sybil attacked if I use the methods I described to you. Start with method 1, explain how the malicious coordinator could defeat it, then go on to method 2, explain how the malicious coordinator could defeat it, then go on to method 3 and explain how a malicious coordinator could defeat it.

Why are you still trying to spread this lie after you already found out that the "wasabistats" Twitter account is flagging remixes as false positive merges?  This was already decisively proven to be a hit job account: https://twitter.com/Kruwed/status/1642612625883164672

Don't trust, verify!  120 of those 132 "output merges" are outputs being remixed, which are detected as false positives since KYCP cannot tell the difference between outputs merged to make a payment and outputs that were remixed in another coinjoin. https://i.ibb.co/YDPGYdC/sheet.png