Replying to Avatar Papa Figos

How is he not wrong?

Your receiver privacy is protected. I can't look up your balance. I can't look up other transactions you made. I can't tell for sure that you've spent the output, because it could just be someone else using it as part of a ring signature, which is the whole point of ring signatures.

It gets very hard very quickly to do any sort of "tracing" because of that, although yes, in certain corner cases just because of the sheer statistical improbability of a certain output being a ring member, one could draw implicative conclusions regarding certain a transaction, if they are well positioned to do so.

This is a known weakness, and FCMP++ fixes it, which again, is kinda the whole point of having the upgrade in the first place.

All I see is a LN maxi grasping at strawmen and clinging to his ego in order to not have to rethink his ideas.
Avatar
Hanshan 7mo ago

its not wrong to say you can know true spends on the chain, since theres a chain to be monitored.

and you can know the true spends to the extent you have access to wallet data.

so Sybil attacks are a thing

short EAE traces are a thing.

and best practices on a L2 could fix that.

Reply to this note

Please Login to reply.

Discussion

Avatar
Papa Figos 7mo ago

Of course you can know if you have the wallet data. You spent it. Is that so different from grabbing two lightning wallets, seeing a payment for X sats at Y timestamp and concluding you have the sender and receiver wallets?

Personally I don't see that as a flaw.

As for knowing true spends on chain, that's the thing, you can't.

All you can say is a certain output is part of a ring signature. You don't know whether it's a decoy or a real spend.

Could this be improved? Yes, and it will (FCMP++ soon™).

Are a few statistical attacks around this weakness known & understood? Yes.

So.. his arguments are a nothing burger, really.

Avatar
Hanshan 7mo ago

i mean

its different that you need both wallets and not just the sending one.

and its just timing analysis instead of cryptographic proof.

so its different but i agree its meh

and the point is that if you have access to the sending wallet you DO know which are the true spends .

nobody is saying they can identify the true spend in a ring as a 3rd party.

but it's pertinent to know there IS public information and what it is.