bitcoin-dev
Design for a CoinSwap implementation for massively improving Bitcoin privacy and fungibility
Posted on: May 30, 2020 16:00 UTC
The email exchange between Ruben and Chris focuses on the potential use of Succinct Atomic Swaps (SAS) to enhance privacy and anonymity in Bitcoin transactions.
Ruben proposes using 2-party ECDSA for non-timelocked SAS outputs instead of multisig, which would allow the use of MuSig even without Schnorr. He also suggests using CoinSwap for trading one coin for another in a non-custodial way to improve privacy. Furthermore, he addresses vulnerabilities such as amount correlation and single points of trust by suggesting multi-transaction CoinSwaps and routing CoinSwaps through many parties.The CoinSwap protocol is a new method of conducting off-chain Bitcoin transactions that enhances user privacy and security. It prevents the possibility of transaction amounts being linked by using hash-time-locked contracts, routing, multi-transactions, and private key handover. The protocol allows users to swap their coins with others without revealing their identities or the transaction amount to anyone except for the intended recipient. The use of fidelity bonds protects against sybil attacks and solves the "who goes first" problem in CoinSwap. Private key handover and Succinct Atomic Swap are suggested as methods to improve the protocol further. Finally, it is possible to combine CoinSwap with CoinJoin to enhance privacy.CoinSwap is a promising privacy protocol that breaks the transaction graph heuristic and improves Bitcoin's fungibility. It requires multiple building blocks, such as ECDSA-2P, liquidity market, routed CoinSwaps, breaking change output heuristics, fidelity bonds, multi-transaction CoinSwaps, federated message boards protected from spam with fidelity bonds, and PayJoin with CoinSwap. CoinSwap can be adopted unilaterally and is on-chain technology, making it different from Lightning Network, which cannot support large payment amounts. CoinSwap has a liquidity market similar to JoinMarket, where all required liquidity is always available, and it is resistant to sybil attacks due to fidelity bonds.A recent discussion on the bitcoin-dev mailing list highlighted two interesting concepts to improve privacy in Bitcoin transactions. The first concept is atomic swaps, which allows for trustless exchange of different cryptocurrencies without using an intermediary exchange service. The second concept is Pay-to-Endpoint (P2EP), which is a technique that improves transaction privacy by obfuscating the origin and destination addresses. In related news, Binance recently returned frozen BTC to a user who promised not to use CoinJoin, a privacy-enhancing technique that combines multiple bitcoin transactions into one to obscure the trail of the original coins. The incident sparked controversy among privacy advocates, with some arguing that it sets a dangerous precedent for restricting the use of privacy tools in Bitcoin.