Anonymity

Question 1

what is adress clustering

Answer 1

H1. If two (or more) addresses are inputs to a transaction, they are controlled by same user.
H2. One-time change address (if exists) is controlled by the use controlling input addresses.

Two addresses in my block,
mine to play with mine to mock
One time I’ll change the name of house
It’s my control it’s my carousel

H1. If two (or more) addresses are inputs to a transaction, they are controlled by same user.
H2. One-time change address (if exists) is controlled by the use controlling input addresses.

Question 2

Coinjoin

Answer 2

multi signature transactions, that leads to unlinkability

Question 3

What are the coinjoin issues

Answer 3

who creates the final action who shall sign the inputs
It’s each of you who’ll sign, divine third party make the trans design
now what’s the threat of model mine and which bad parties are maligned
the goat the devil wants to find the link between the inputs
the problem is the builder’s bad and knows the map from inputs to the motherfucking outputs

Question 4

What I wish I could have done

Answer 4

Mixing as a servive

Mixing-as-a-Service
P2P CoinJoin was proposed in 2013 by Maxwell (as a post in bitcointalk.org).
Even before that, there existed several mixing services in Bitcoin ecosystem.4
o OnionBC : Anonymous transactions and Escrow service. Accessible only on Tor.
o Bitcoin Fog : Deposit-and-Withdraw service for anonymity. Available only on Tor.
o BitLaundry : Simple single-use-deposit and multiple-output-transaction mixing.
o Blockchain.info Send Shared : Shared wallet for the users to mix transactions.

Question 5

BitLaundry

Answer 5

Deposit input transactions at a single-use address within the mixing network.
Specify fresh output addresses to the mixing network to receive transactions.

I been trapping out the ozarks I’m marty byrdin,.

Question 6

is byrd the word

Answer 6

Experiments with BitLaundry reveal that
it does not guarantee full unlinkability.

In fact, Moser et al. observed in one
case that their input transaction was
directly linked to output transactions.

Question 7

Why should you never trust a DJ

Answer 7

the problem is the DJ’s bad(vlad) and knows the map from inputs to the motherfucking outputs

Possible threats
o Mixing service may just steal the money, and never return to the user.
o Mixing service may log or reveal the information on address mapping.

Question 8

What are the goals of anonymity. anonamia.

Answer 8

VUR-CEA, who got the keys to my motherfucking beamer

Unlinkability Inputs and outputs to a transaction should be unlinkable.
Verifiability Attacker must not be able to steal or destroy transactions.
Robustness Protocol should succeed in presence of malicious parties.
In addition to the standard security and privacy, the protocol should also be
Compatible with the underlying blockchain network and its operation.
Efficient in terms of running the protocol and confirmation timings.
Affordable in terms of transaction fee (or gas) compared to transfers.

Question 9

What does standard mixing guarantee, and compare that to p2p and distributed mixing

Answer 9

Standard mixing networks simply distance addresses of Sender and Receiver.
P2P and distributed mixing protocols guarantee more in terms of Anonymity

o CoinJoin : P2P protocol for external unlinkability. Vulnerable to DoS attacks.
o CoinShuffle : P2P mixing overlaying CoinJoin. Provides internal unlinkability.
o TumbleBit : Untrusted payment hub for off-chain payment with commitment.
o MixCoin : Distributed mixing network for a third-party mixing of transactions.
o BlindCoin : Distributed mixing network with blinded tokens for unlinkability

Question 10

Talk about Confidential Unlinkable, Untraceable, Anonymous. Like erm, UC AU. SIlver University. Australian University.

Answer 10

Confidential if amount is hidden, but sender and receiver are public
Unlinkable if transaction appears to be independent of others, its
inputs/outputs also appear independent of each other
Untraceable if the lineage of coins/assets are unattainable
Anonymous if sender, receiver and amount are all h

Question 11

What is a challenge for blockchain verifiability

Answer 11

“maintaining public verifiability while shielding transaction information”

(sender, receiver, amount, general state transition … )

Question 12

Obfuscation

Answer 12

≈ k-anonymity set
(hiding in the crowd) for
sender/recipient unlinkability
and/or untraceability

Question 13

Cryptography

Answer 13

using fancy crypto
magic to hide information yet
remains verifiable on its integrity.
Such as, zero-knowledge proof, ring
signature, Pedersen commitment …

Question 14

Obfuscation v.s.* Cryptography

Answer 14

Obfuscation
✓ simpler construct, more efficient
✗ only unlinking senders/receivers
✗ privacy depends on anonymity set
size and set sampling

Cryptography
✓ maximal privacy
✓ selective attributes hiding
✗ computational heavy, complicated

Question 15

What is centralised coinjoin

Answer 15

basically there’s a central coinjoin server

Question 16

: Decentralized Mixing + CoinJoin

Answer 16

basically there’s a central coinjoin server but not really idk like a decentralsed group of nodes and they do a lil shuffling

Question 17

What is coinshuffle

Answer 17

ten people in a line, each have a private and public key pair.

all pass their public keys around, such that guy10 ends up with 10, guy9 ends up with 9 and guy 1 ends up w 1

guy10 encrypts his output address with all 10 public keys, one for one, in the right sequence. he passes it to guy 9

guy 9 decrypts a layer off of guy10’s onion. guy 9 creates his own onion of 9 layers.

all the way passed to guy 1, at this point, guy 1 has 9 onions of 1 layer each. he decrypts all of them and adds his own address in.

Then he creates one big transaction, sends it back to participants to sign. And sign they will, since they can verify that their own transaction is in the mix. So they’ll sign the overall package. See this system is good; while the onions were being passed around no one could tell who’s transaction whose was, cos it was all onioned.

Question 18

CoinShuffle++

Answer 18

Like the shuffle described above, which was coinjoin, but there’s extra steps of a dice mix and a DC-Net in the wa.y

Question 19

What is monero’s approach to privacy

Answer 19

• Stealth address for unlinkability
• Ring Signature for untraceable payment
• Traceable Ring Signature for double-spending detection/prevention
• Bulletproofs for confidential transactions hiding the amount

Question 20

Stealth Address

Answer 20

Alice sends to Bob

In each transaction, a stealth address (a one time public key) is added to the transaction.

Others looking at this transaction can’t figure out where it’s going to (receiver address). However Bob, using his private key, can receive that transaction after scanning the blockchain.

Question 21

why is zerocash better than zerocoin

Answer 21

zerocoin only hides the origin of payments, not amount or destination

Zerocash is more efficient, hides the amount and destination as well.

I used to know where i was going used to know where i was from
and i didn’t know to pay i sing the zerocash song
now I woke up feeling groggy and I don’t know where I’m from
and I don’t know where im going how much to pay oh lawd im gone
im alright in 6ms cos im a smaller than k

Question 22

zk snark

Answer 22

zero knowledge
succint (short proof size and verification time)
noninteractive (doesnt require QnA)
argument of 
knowledge