RT @udiWertheimer: “So even though the obfuscation on Zcash is stronger due to the zk-SNARK encryption, Chainalysis can still provide the transaction value and at least one address FOR OVER 99% OF ZEC ACTIVITY”
Play stupid games...
Happy to see Chainanalysis is officially getting rid of the idea Zcash and Dash are privacy coins. They never were and never will be because their privacy is "optional". That makes them easy to trace back to whomever in the block chain.
These guys seems to disagree with you [Chainalysis says it can track 99% of transactions involving Zcash, and almost all of Dash’s – coins that both fancy themselves as private and untraceable.](https://news.bitcoin.com/not-so-private-99-of-zcash-and-dash-transactions-traceable-says-chainalysis/)
But then again. They could be as wrong about this, as the Carnegie Mellon guys were about Monero.
did you even read and understand chainalysis blog post? most users don't use shielded addresses to begin with and these who do, do it mostly wrong (same amount in and out). ofc you can track most txs then.
and please stop talking about dash, because I'm not interested in talking about their bad coinjoin implementation nor about coinjoin at all.
ofc it's traceable if
- you don't even use shielded addresses to begin with
- you don't use it right (eg same amount in and out of shielded addresses which stands out)
but I don't think we should talk about my first point here because it's clear that bitcoin's open ledger approach is traceable and why bother if they don't even use zcashs privacy feature.
2nd point is an issue, yes. and clearly needs education to use it right. but then it seems private and (at least currently) not traceable (which is currently only 0.9% of zcashs usage).
but zk-snarks anonymity set is very impressive compared to ringct with only ringsize 11. sadly it also has it's cons, which is why I'm here and not in r/zcash.
>but zk-snarks anonymity set is very impressive compared to ringct with only ringsize 11.
Sure this is an issue in Monero but it's being constantly upgraded when feasible. First we had Min-Ring Size 0, then 3, then 5 and now fixed 11. Even in an EABE edge situation this is 11\^2 = 121. In normal circumstances it's more like EABCDE or even more and that would already be 14641.
You should also consider how much of the claimed anonymity set in zCash shielded is already shrinked by many users just using it as mixer (in-out) and so not providing anything to the real anon set.
>Sure this is an issue in Monero but it's being constantly upgraded when feasible. First we had Min-Ring Size 0, then 3, then 5 and now fixed 11.
I know :)
>Even in an EABE edge situation this is 11\^2 = 121. In normal circumstances it's more like EABCDE or even more and that would already be 14641.
we don't know how much txs are eg EABE compared to something like EABCDE. maybe/probably mostly is still speculation and so it may be more like EAE. just saying.
>You should also consider how much of the claimed anonymity set in zCash shielded is already shrinked by many users just using it as mixer (in-out) and so not providing anything to the real anon set.
this sounds like saying "we should not trust decoys". but at least zcash has a fix: just hold same amount (or bigger) of zcash in an shielded address while using it as mixer with other funds (and also don't use it like: amount x in / amount x out).
EABE attacks on Zcash and Dash are easily done because few transactions use the optional privacy feature.
oh I see /s
>EABE attacks on Zcash and Dash are easily done because few transactions use the optional privacy feature.
if you don't use zcashs privacy feature then you are basically just using bitcoins technology which we know is easily traceable, so we should not look at these txs if we just want to compare privacy features. zcash has one big issue: if you send the same amount to an shielded address and then back to a normal address, your tx stands out. looks like a lot of people do this and so chainalysis can trace these txs as they wrote in their blog post. other than that it seems they cannot do much (yet). so they can only trace some txs because people don't know how to use it and not because there are only few txs which use the privacy feature.
I don't disagree, but just having the feature isn't magically going to solve all your problems. This is one of those things that you need to also know how to use it.
Using an anonymized output together with a chance output from a former transaction, as a simple example, completely destroys the effort.
The main issue, as far as I see it, is that most wallets don't have a very good user-experience. On top of that, the privacy concepts are basically missing in them. They leak meta-data all over the place...
I'm working on a new wallet, @TomZ/floweep2pnet-312d182c">Flowee Pay, that takes privacy more seriously, and yeah cashfusion is on the roadmap. I'd say it is a vital element of privacy in an ever more digital world.
> What's to say chainalysis can't track cashfusion as well?
Statistics does. And what this means is that there is no such thing as perfect privacy. The point is that as the effort increases to fuse your inputs, the effort to do chain-analysis increases much much faster.
> Optional privacy will always be much worse than mandatory.
The good news is that wallets can make privacy a default. There is no need to make things mandatory to make it common.
> The good news is that wallets can make privacy a default. There is no need to make things mandatory to make it common.
I would be careful with that..
If exchange start to « taint » mixed coin and lock you fund you are out of fun..
> Samurai wallet for BTC « solve » » this with Ricochet. It’s a battle we can keep on fighting.
It is only solved when exchange are transparent on how evaluate « taint ».
The consequences are severe for users (fund locked and need to proof his activity was legal to regain access to his funds)
>They were able to decode **98%** of all transactions on dash and zcash despite mixing and privacy being available
Where did you get that number?
From that article:
" Mixing transactions related to PrivateSend make up roughly 9% of all Dash transactions. This is larger than the share of Bitcoin transactions that use CoinJoin or mixing techniques, "
" The percentage of Dash transactions that constitute actual transfers of funds using PrivateSend is less than 0.7% "
CashFusion and similar methods like Wasabi wallet CoinJoin is far from easy to defeat. In fact Europol just released a report where they basically admit that it is a very hard nut to crack if at all possible. Reason: Statistics.
> Monero has zero-conf.
Yes it does, but sending(composing) a TX on my Corei7 with 32GB of RAM takes about 2 minutes.
My hard drive is slow(non-SSD Raid1) though.
Also, wallet balance is not visible until fully synced.
I am sorry, these two are complete show-stoppers for any kind Point-of-Sale commerce.
**But I respect Monero and I think it is a solid coin, a real crypto. It is a fine niche coin with valid & important uses.**
> How in the world can it take 2 minutes to compose a transaction? Did you confuse it with ZCash?
Maybe you used (your node used) SSD.
Or maybe Monerujo only shows it as instant, while in reality it is not done yet when it is shown as "complete" to you.
Hard drive is the thing slowing me down the most, and I noticed monerod heavily relies on hard-drive.
I used standard Monero node and monero wallet from here:
I scanned a QR code, set the amount and pressed send. And I instantly get a confirmation, which is also seen on the service I paid to. On my phone. Just like using 0-conf on BCH.
What probably happened to you is the wallet wasn't done syncing, which is unfortunately very slow in Monero if you don't have an SSD, and it caused the GUI to hangup.
> What probably happened to you is the wallet wasn't done syncing
Nope, the wallet wouldn't even allow me to send without being fully synced.
FYI, the wallet balance is 0 when monerod is not synced.
But you should already know that when using monero.
No SSD or not synced = No fun.
Also show stopper for Point-Of-Sale commerce.
> The UX isn't very nice I agree, but creating a transaction should not take 2 min, so there must be something else that's messing it up.
There is, there are like 30-50 applications running on my Linux PC at any given time.
They are also using some of the RAID1 hard drive.
Still, Bitcoin Cash(and any other application) is 1000x times faster on the same hard drive, so when you're saying that Monero is fast or low-resources coin, I object. It is not.
We just launched support for two notable cryptocurrencies in Chainalysis Reactor and KYT (Know Your Transaction): Dash and Zcash. As two of the most popular so-called “privacy coins” — cryptocurrencies with privacy enhancing features encoded into their protocols — they account for over $1.5 billion of reported daily trading volume.
You may be wondering how Chainalysis products could support privacy coins. Isn’t the whole purpose of privacy coins to make transactions impossible to trace?
That’s an oversimplification, in that it misunderstands both the privacy features coins like Dash and Zcash offer and how users actually utilize those features in everyday transactions. Below, we’re going to examine how Dash and Zcash allow investigators and compliance professionals to investigate illicit activity in a way that balances users’ privacy needs with the industry’s compliance needs.
It’s possible to perform mixing transactions that are functionally identical to PrivateSend on other technologically similar cryptocurrencies. This means from a technical standpoint, Dash’s privacy functionality is no greater than Bitcoin’s, making the label of “privacy coin” a misnomer for Dash. In fact, independent wallet softwares provide more advanced forms of CoinJoin that are being used with major cryptocurrencies not labeled as privacy coins, such as Bitcoin, Bitcoin Cash, and Litecoin.
The percentage of Dash transactions that constitute actual transfers of funds using PrivateSend is less than 0.7%.
Mixing transactions are very easy to spot and identify on the Dash blockchain. As they are still public and transparent, the exact same techniques that can be used to analyse CoinJoin transactions performed using Bitcoin can be used on Dash.
It’s also possible to connect inputs and outputs on some PrivateSend transactions, due to the large number of inputs one has to send to break funds down into denominations. For example, a user sending 73.4 DASH results in 14 inputs: 7 in units of 10, 3 in units of 1, and 4 in units of 0.1. Researchers at Princeton University have shown that in certain circumstances it’s possible to use combinatorics to uniquely identify the single address a PrivateSend output came from.
Roughly 14% of Zcash transactions involve one of Zcash’s two shielded pools in some way. But of the transactions that interact with a shielded pool, only 6% are completely shielded, i.e. sender, receiver, and transaction amount are all encrypted. That’s only 0.9% of all Zcash transactions.
So even though the obfuscation on Zcash is stronger due to the zk-SNARK encryption, Chainalysis can still provide the transaction value and at least one address for over 99% of ZEC activity.