CoinJoin Not A Privacy Tool After All

Joinmarket, the Bitcoin tumbler service apparently popular among darknet market aficionados today announced that their service isn't actually very anonymous after all. Project developer Chris Belcher (WOT:nonperson) stated that "there are some possible vulnerabilities which could be exploited to spy on every user." While this was identified approximately one year ago, nothing was done to remedy the issue until multiple users noticed deanonymizing attacks happening in real time. Belcher assures his users that "We have a pretty good idea how to fix this" and after discussing the matter with CoinJoin creator Gregory Maxwell (WOT:gmaxwell) they together suppose they have an algorithm that will make it more difficult for attackers to uncover information on utxo's. It was admitted  that "This algorithm is not intended as a complete solution to that issue" leaving darknet market users with another steaming pile of shitware.

9 thoughts on “CoinJoin Not A Privacy Tool After All

  1. I'm missing the meaning of WOT:nonperson as it's used here. Is http://www.btcalpha.com/wot/user/gmaxwell/ not the key that corresponds to the identity of the internet persona that claims to be the person "Gregory Maxwell"? When someone writes WOT:nonperson here do they mean they're not a person in their (the article's author) WoT? Do they mean the person described has such a bad reputation that they may as well make a new identity, thus putting them on the par of a WOT;nonperson?

    • Who cares if Mr Flondor has a key now?

      Things mean what they do; there's no point in coming up with some convoluted theory that they might actually stand for something else.

      Also, what's this "make a new identity"? The point of the wot-thing is exactly to make that unfeasible. You only live once, and this is not fiat.

      • "Who cares ?" So WOT dont actually mean a thing if it some dude you dont like ? Or they were there, early so the key is ++more than a WOTer n00b? Thats not how it works !

        Learn how GPG works . Anyone can make WOT identity over and over , all cryptographically correct . They mean nothing . "You only live once, and this is not fiat." What? GPG is not bitcoin .

        You want to join a club? Go join one . GPG is not magic wand . It is a tool, not amazing and not bitcoin . It cant guarantee anything , like making people pay or do anything .

        • I'm not interested in doing here another complete iteration of this pointless infinite loop. You're certainly not the first one, and I'm afraid, sadly not the last one either to come up with these irredeemably retarded ideas, which you feel compelled to spew here. This has all been discussed at length already. Do your reading, then you may come back. You could for instance, start here.

          > if it some dude you dont like
          It's not just about 'like', but more like 'know' and 'trust'. And generally meaningful interaction is a prerequisite for knowing and trusting.

          > were there, early
          Sure, sure, they were early and they were lucky. It's always luck and privilege and what have you.

          > Thats not how it works !!!one
          xD

          > Learn how GPG works .
          Can gpgate just fine for my needs. And more importantly, know the limits of my knowledge.

          > Anyone can make WOT identity over and over , all cryptographically correct .
          Wot is not just about 'cryptographically correct' identities, whatever that means. The key itself is meaningless. Wot is about documenting meaningful interaction between humans, not just properly formed keys. Those keys only become valuable through interaction with other valuable entities.

          Of course, you can make your own wot fork, where you have all your friends, or really your sockpuppets, give you hundreds of +10's and yet your identity isn't worth anything, since all those entities which rated you are completely disconnected from actual humanity. So all their combined +10's aren't worth more than all the "Verified Virus-free Trustworthy Company" banners you could put in your scam website, or all the Coindesk articles you could pay for, saying how amazing your company is. Sure, you still might be able to part a clueless rando from a few pennies, but that's it. And even that, not for long (only for as long as they still have coin to lose).

          > What? GPG is not bitcoin .
          Everything is bitcoin.

          > It cant guarantee anything , like making people pay or do anything .
          Of course it can't 'make people pay'. Hence, trust. If you can't understand how a device that you think can't 'make people pay' may still be valuable and make them WANT to pay, it's either because you're dumb, or too used to fiat and haven't done the required reading on the subject yet.

        • You are right, it's actually easier to create a new identity in the "bitcoin" world than in the "fiat" world. I'm fine with that, personally; starting fresh is something that humans have done for a long time before the surveillance state. This comes with not trusting newbies or strangers, also something that humans have done for a long time.

        • I take it if Qntra required GPG keys to comment, you'd be good to go then.

          http://www.btcalpha.com/wot/user/not-found/?nick=vlad_tepes

    • corrected, ty

    • It's just circlejerk signaling.

Leave a Reply to shinohai Cancel reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>