Follow

A new blog post about the gridchain case (see earlier report from OXT Research):

joinmarket.me/blog/blog/the-44

h/t @ErgoBTC @laurentmt

@waxwing @ErgoBTC @laurentmt

Interesting write-up.

> There are 21 inputs, which is already in the "problematic" zone for sudoku-ing, as discussed, in that it will tend to lead to multiple possible solutions

Although true, it is likely that there is significant overlap in the solutions, that is, the privacy against the CoinJoin Sudoku is not equal amongst participants.

@6102 @waxwing @ErgoBTC

Indeed, the number of inputs and outputs is just a proxy for measuring the strength of a tx against coinjoin sudoku. In practice things are more complicated for several reasons.

A first reason is that an analyst doesn't always need to get a single combination in order to extract useful information.

Sometimes, it's possible to extract useful **deterministic** information from a sudoku returning multiple combinations.

@6102 @waxwing @ErgoBTC

A second reason is that there are many ways to decrease the number of possible combinations C(n,k) by decresing k or n.

For instance, it's easy to find the number of participants to a coinjoin and we know that each participant has at least 1 input that can''t be selected for the sudoku. Thus, we can already decrease k by (#participants -1).

@6102 @waxwing @ErgoBTC

Another example are constraints used by system itself.

For instance, mixers will usually put a constraint on the max number m of inputs that can be submitted for a single mix (e.g.: Wasabi doesn't allow more than 7 inputs).

Thus we know that k will never be higher than m.

@6102 @waxwing @ErgoBTC

But the "holy grail" for an analyst will be anything that helps to decrease n. This is where attacks à la Toxic Recall enter the game.

@laurentmt @6102 @ErgoBTC

Right, this whole issue is a huge can of worms. Obviously I couldn't (and didn't want to) go into that level of detail in an article. What I did want to do though, is to let people see that there is something unobvious - that typical Joinmarket transactions are not trivially one-solution sudoku-able, as you might tend to think; the fees actually make it less clear, for example, as does reuse of counterparties (both naturally seen as negatives).

Sign in to participate in the conversation
unidentified instance

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!