[bitcoin-dev] Design for a CoinSwap implementation for massively improving Bitcoin privacy and fungibility

ZmnSCPxj ZmnSCPxj at protonmail.com
Wed Jun 10 10:58:03 UTC 2020


Good morning Chris,

> > Let me propose an alternative: swap-on-receive+swap-on-change.
>
> That's an interesting point, thanks for the thought. This scheme might
> not be appropriate for every threat model and use case.
> For example, if someone wants to use bitcoin just as a foreign currency
> for its privacy and censorship-resistant properties. So for example if
> they want to pay for a VPN anonymously, so they buy bitcoins and
> immediately send all of them to the VPN merchant. The swap-on-receive
> wouldn't be appropriate for them because they'll be doing a coinswap
> straight away to the VPN merchant. So perhaps this plan could be an
> optional mode of operation (which may or may not be the default). The
> scheme obviously is useful when bitcoin is being used more as a
> day-to-day money.


No, I think you misunderstand my proposal.

If the user is doing swap-on-receive, the user already has an anonymous UTXO, they can just transfer it directly in full to the VPN without using a CoinSwap.

The number of CoinSwaps involved is the same: one.

So the difference is:

* swap-on-receive:
  * I get some coins from an exchange, giving them my contact information and bank information and all the places I have ever inhabited in my entire existence and an unfertilized egg sample and an archive of my diary and let them invasively scan my cognitive substrate.
  * I send the coins to my CoinSwap wallet.
  * The CoinSwap wallet automaticaly CoinSwaps the coins into a new UTXO.
    * One CoinSwap.
  * I tell the CoinSwap wallet to send it all to the VPN.
    * My CoinSwap wallet knows my coins are already cleaned, so it creates a plain 1-input 1-output transaction directly to the VPN address.

* swap-on-pay:
  * I get some coins from an exchange, giving them my contact information and bank information and all the places I have ever inhabited in my entire existence and an unfertilized egg sample and an archive of my diary and let them invasively scan my cognitive substrate.
  * I send the coins to my CoinSwap wallet.
  * I tell the CoinSwap wallet to send it all to the VPN.
    * My CoinSwap wallet automatically arranges a CoinSwap into the VPN address.
      * One CoinSwap.

So in both cases the same expected number of CoinSwaps is done, i.e. one.

Note that there are still details like how much onchain fees are and how much CoinSwap maker fees are and etc etc but they exist for both flows anyway.
So I would still be buying slightly more than my target amount, and if there is any change I could just designate it to be added to the mining fees or a donation to ZmnSCPxj, because ZmnSCPxj is so awesome.

What swap-on-receive+swap-on-change instead does is just amortize the timing of the CoinSwaps, so that you CoinSwap as soon as you receive, instead of as soon as you have to pay, so that sending payments is as fast as non-CoinSwap onchain wallets.


Regards,
ZmnSCPxj


More information about the bitcoin-dev mailing list