This repository has been archived by the owner on May 19, 2020. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 76
Mixing Unequal Inputs [CCJ Extensions] #73
Comments
The coordinator can also just simply have like a bunch of keys to sign with and for each session one key is assigned for output denomination. (Not randomly, otherwise the tumbler could cheat.) |
Ethan's idea on slack:
|
nopara73
changed the title
Mixing unequal inputs [CCJ extensions]
Mixing Unequal Inputs [CCJ Extensions]
Apr 5, 2018
This was referenced Apr 5, 2018
Other things those may be relevant: |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Related Issues: #73, #74, #75
Related Question: https://bitcoin.stackexchange.com/questions/73431/mixing-unequal-inputs
Non-entropist Approach Measuring Anonymity: https://www.freehaven.net/anonbib/cache/entropist.pdf
Knapsack Algorithm: https://www.comsys.rwth-aachen.de/fileadmin/papers/2017/2017-maurer-trustcom-coinjoin.pdf
If optimal algorithm is found CCJ can be extended to handle unequal CJ outputs the following way:
The difference is: Alice doesn't provide change and active CJ outputs right away, rather, the coordinator builds the mix when all the inputs are provided and gives the output amounts to Alice.
Unlike in my sloppy illustration, there are more things are happening here: These output amounts will be paired up with outputs (scriptPubKeys), and these pairs will be blinded one by one.
These pairs then will be sent to the coordinator, the coordinator signs them blindly and send back to Alice along with a flag. The flag tells Alice if she has to unblind and expose the output-value pair to the server or not. If Alice lied and blinded the incorrect amount she'll be banned. The point is: when Alice blinds, she doesn't know if the server will ask for the information back or not. (Mental note: this will result in many unused receive addresses to be generated.)
Finally Alice changes to many Bob identities, unblinds the signatures and proceeds with the CCJ protocol normally.
The text was updated successfully, but these errors were encountered: