Nostr Web Client

What about Monero's cryptography makes it more private than Cashu's BDHKE?

Metadata from IP/ampunt/etc. is always a risk so pointing to that is pretty left curve, IMHO.

#asknostr

Metadata, IP addresses, and amounts are always the most important factors when it comes to privacy, so I wouldn't consider calling out problems relating to them as left curve.

Short Answer: The fact that Monero doesn't rely on trust to function is why it's more private over Cashu and BDHKE. XMR is trust less, Cashu is not.

Long Answer: Monero uses different technologies to conceal metadata, such as ring signatures and stealth addresses, preventing the re-use of addresses, whereas Cashu uses blind signatures and relies upon trust of the mint used.

XMR also uses Dandelion++, which is essentially it's own onion routing network, to protect IP addresses. You can also take it a step further and incorporate I2P into transactions through Kovri. While Cashu is received offline, the only problem that is that off-layer protections Cashu has do not apply to the entire Bitcoin blockchain, so once a transaction from Cashu is done and the sats go back to being on-chain, more privacy risks arise.

Finally, XMR conceals amounts using RingCT. Much like with metadata concerns, Cashu's privacy is also reliant upon custodians to keep it private by not log or timestamp activities. If a mint does logging, then correlations for activities could be made.

Reply to this note

Please Login to reply.

Discussion

average_bitcoiner 7mo ago

Left curve is the correct but simple answer.

The mint trust is only for rug risk, not for privacy.

Please describe a correlation that would happen with mint logging? Assume I'm using Mullvad + TOR.

And yea, no shit bitcoin layer 1 is hard to do privately. That does make cashu less private. They're separate protocols.

MoneRogue 7mo ago

The fact that the mint has the capacity to log Cashu users through things like timestamps can be used to determine what time zone a person is in and therefore their location, present an identifiability threat. It's a good thing so many people are smart enough to use some kind of protection with these kinds of applications.

Also, how is Cashu a separate protocol if it's built from Lightning and used for Bitcoin? It's a L3 application. That's like saying that BTC on-chain and BTC on the LN are separate protocols.