Thanks, any further comments from core team members would be great. I don't see why every Bitcoin user must be forced to use a privacy protocol for every transaction to provide a sufficient anonymity set. Even a small percentage of Bitcoin users may be a larger absolute number than the entire user base of a privacy coin. Also, isn't the primary issue the absolute number of people one is mixing with in a transaction (e.g., 50), rather than the total number of users of a privacy protocol or privacy coin? It seems the total user base only needs to be above some reasonable absolute number to provide sufficient privacy. The number of total users of a coin seems most important because of network effects that can determine whether a coin will survive against competitors, rather than its effect on privacy.
The anonymity set is more reduced than that. Let me give you an example: say you want to transfer 123.456 Bitcoin. No matter what method you use, if someone can observe you sent 123.456 Bitcoin from your address and 123.456 Bitcoin appeared in another address within an hour or two they can make certain conclusions. These inferences can be cryptographically proven, and this is called "reducing the anonymity set". Eventually the anonymity set can be reduced to the point where you can ascertain undoubtedly prove a certain address sent a transaction regardless of the intermingling and intermixing that occurred.
Now in order to make this really difficult, you have to start with a VERY large anonymity set. In other words, there need to be to very many people potentially involved in a transaction that any reduction is practically meaningless. Mixing typically requires point-in-time availability of people or nodes, and the higher the mix the longer it takes (since you have to go through "rounds" of mixing). Darkcoin gets around this, I believe, by "premixing" your coins. The downside to their approach (and to most of the other approaches I've seen) is that you have massive address churn in your wallet, and any practical use will require you to back your wallet.dat up constantly. Secure and anonymous cold storage is thus observable to anyone with a blockchain explorer (when it really shouldn't be).
One of the solutions Monero and other mixing systems employ to blind amount correlation is it splits inputs (and outputs) by powers of 10, so the earlier example would mean inputs of 100, 20, 3, 0.4, 0.05, and 0.006. Now because of the way Monero works (ring signatures!) you specify you want to mix with, say, 50 other people. So it takes that first input (100) and goes and finds all the unspent transaction outputs (ie. those not spent with a mixin of 0) that have ever occurred in the past and have a value of 100. As you can imagine, this is a pretty huge set, and is growing every day. It can then pick 50 of those at random, add your signature to the ring, and voila. Now it does the same for the other 5 inputs. This means that the total anonymity set here is massive - 51 * 6 = 306 people that could have possibly been involved in the transaction. Most importantly, because all of these are stealthed transactions (Monero uses stealth addresses permanently) some of those outputs you mix with could even have been created by you previously! Thus the potential anonymity set grows and grows even if the userbase stays stagnant - a feature that is not shared by any of the Bitcoin-derived anonymity solutions.
Finally, because Monero uses stealth addresses, you never need to backup anything more than a 300 byte password-encrypted keys file (or just write down the 24 word mnemonic seed you get when you first create a wallet). That 300 byte file will never change no matter how many transactions you do. You back it up once and you are safe from data loss forever.
