Author

Topic: Will taproot upgrade kill coin mixing? (Read 152 times)

legendary
Activity: 4424
Merit: 4794
December 11, 2021, 05:03:37 PM
#6
taproot works by instead of having a single numeric value private key=single point signature. the signature is instead a range(accept any number between 2 points)
where participants all get given a number within that range.

and as long as the number is within that range, its proof

so if the rule set up was 1 person out of 10 can sign. any one of those 10 peoples number, being with in the range also counts as proof.

so the signature. either single signers number. or 5 signers (5of10multisig) is still a single number. thus appears as a single signature
                      
the issue is if it was a network wide thing where everyone was within a wide range so that all transactions were 'taproot' and mixable amungst themselves. and everyone was swapping anonymously with everyone, then everyone has to be within this secret range. .. this is not good thing to do as its not a secret if everyone knows it..

taproot only works in small groups of people that dont reveal the range to outside their group of people.
and only want to hide the value movements within their group in other networks/sidechains. they shouldnt really spam bitcoins blockchain with taproot transactions with zero-sum value. because just like the advice about address reuse. they dont want to be showing too many transaction signatures as it can reveal the range the signatures work on.

yes there may become many many groups. so see many many uses of taproot on the blockchain. but group A cant just taproot with group B whilst still keeping the value hidden as a 0sum total on the blockchain. they will have to exit their group into clear sum value and then enter another taproot to change funds between different groups.

so the premiss is to lock funds up into taproot. play  in zerosum taproot on altnets that have no blockchain. and then exit the altnet back to bitcoin in a transaction that exits the taproot back to clear value

this means these small groups that put funds together. may not reveal what shift of value they do within their group on the altnet and make it hard for any data sniffers on the altnet from knowing what value participants are swapping. but when its time to spend outside the group, back on the blockchain. the value is then shown. on the exit spend

so if 10 people put in small decimal values each, which combine to be say 2btc. eventually there will be an exit transaction totalling 2btc. but no one will know what happened in the middle or which utxo on the exit clear transaction belongs to which of the 10 participants
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
December 11, 2021, 03:16:23 PM
#5
This is not how signature aggregation works.
I think that's what they meant; they just didn't formulate it properly. They later conclude that the observers won't acknowledge if a transaction spends from single-sig or multi-sig and for multi-sig's scriptSigs, they won't know who are the signers.

I guess the “combination to a single signature from every signer of the network” means to a single signature individually.
legendary
Activity: 2268
Merit: 18771
December 11, 2021, 03:02:06 PM
#4
This schnorr signatures now allow signature aggregation. So that signature of every signer in the network will be combine to single signature.
This is not how signature aggregation works. It allows multiple signatures from a single transaction to be combined in to a single signature (such as in a multi-sig transaction); it does not allow all the signatures in the entire network to be aggregated in to a single signature. Taproot might obfuscate the locking script or spending conditions, but it does nothing to change the fact that you can still see how many coins were spent from which address and how many coins were sent to which address, meaning that mixers (or similar methods for protecting your privacy) will still be needed.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
December 11, 2021, 02:27:27 PM
#3
In the next four years or so do you think that technically is possible that bitcoin privacy problem will solve and coin mixing companys will not be needed again.
No, because I don't think the Bitcoin network will ever reach a satisfactory level of privacy. Chain analysis companies such as Elliptic have achieved deanonymizing lots of users and therefore, diminish the anonymity of us all. So, even if some can accomplish hiding their footprints, they may get traced due to the carelessness of the rest. It's either a full-scale upgrade in a protocol level or no feeling of true privacy at all.

And if it ever does achieve this level of privacy, I doubt the governments will just sit back and let it happen. At least now they do have a supposedly close watch. Anyway, not at present, but food for thought.
sr. member
Activity: 861
Merit: 423
hero member
Activity: 1162
Merit: 643
BTC, a coin of today and tomorrow.
December 11, 2021, 02:07:07 PM
#1
Before now bitcoin is using ECDSA. Now is that taproot upgrade has bring to us schnorr signatures. This schnorr signatures now allow signature aggregation. So that signature of every signer in the network will be combine to single signature. This will make observer not to know single transaction and multi-sig transaction and who sign and who did not sign.

My question
Since we have seen this upgrade that is better privacy. If developers work hard and continue to improve the taproot upgrade. In the next four years or so do you think that technically is possible that bitcoin privacy problem will solve and coin mixing companys will not be needed again.
Jump to: