Nostr Web Client

About coinjoin coordinators.

There is a difference to be made between privacy on-chain and privacy at the network level.

Even if you have chain privacy you can tag the addresses with their respective ips and trace the user. Obviously this can only be done by the coordinator.

This is why Samourai and Whirpool have always sucked.

Whirpool:

- If you used the mobile wallet without your node, the coinjoin was useless because your public keys were exposed to the backend and with them all your past, present and future addresses.

- If you used your own node or sparrow it was also of little use, since both samourai and sparrow reuse the tor circuit, they only generate a new one if you close the application, and therefore the coordinator can tag the incoming and outgoing addresses at the time of registration and ruin the coinjoin. Whirpool has never been zerolink, the coordinator knew everything.

Wabisabi:

- It creates new connections for both input and output addresses, so the coordinator sees distinct identities, although I think it has flaws in its design due to the delay. We can consider it to be zerolink, at least they tried and were honest.

Joinmarket:

- Since there is no centralized coordinator it is much less important to create new tor circuits for each connection, still the coordinator (the taker) will know the ips of the incoming and outgoing addresses. I don't know if they are mitigating this in any way.

Joinstr:

- Use Riseup VPN for logging, everyone uses the same VPN, there is no possibility of tagging inbound and outbound addresses across relays.

kukks 1y ago

Correct me if I am wrong, but wouldn't using something like rise up vpn, a third party operated service, give each third party all the data needed to correlate everything?

A vpn operator knows every source ip and their every destination and action and the promise of no logging is just that, a promise.

This is literally why people use Tor, and generate separate tor circuits per required identity.

PS, regarding wabisabi, circuits are constructed in advanced to prevent delays around tor circuit execution (although I think this is overkill), but also input, output registrations and anonymous credential reissuances has randomized delays built into it by design to prevent such correlation. Happy to answer more if you want to know more.

Reply to this note

Please Login to reply.

Discussion

Cyph3rp9nk 1y ago

In joinstr the coordinator is the nostr relay, the vpn will only know that you are connecting to a relay.

The relay will not be able to correlate inbound and outbound because all clients will use the VPN IP addresses.

This is a simple option to avoid having to deal with tor circuits.

kukks 1y ago

You are overestimating the effectiveness of a vpn here. The reality here is that we are focusing on very sophisticated difficult to execute attack vectors. The vpn is your only shield for all identities pushing to the relay here. Sure, https/wss encrypts the content, but an attacker that has compromised a vpn operator will listen to events on nostr relays that the vpn has connections to by its users, and can artificially delay data transfer to do timing analysis on events to correlate which ip sent which events with which pubkeys.

Cyph3rp9nk 1y ago

I am not the creator of joinstr, I am just saying why the creator has used the VPN option. The protocol is not even on mainnet and as far as I know, using tor circuits is an expected improvement.

I am aware that the right approach is wabisabi's. My post was mostly to emphasize whirpool's disastrous design in managing network connections.

https://gitlab.com/invincible-privacy/joinstr/-/blob/main/NIP.md?ref_type=heads

kukks 1y ago

Oh sure, i just perceived that the initial post was insinuating "just use a vpn" was the best choice.

And no debate over the whirlpool one 😅

Diacone Frost 1y ago

side note:

majority of devices do not have a public IP. So you're also hiding behind NAT.

I'm quite sure that my ISP is incompetent enough to fail to provide information leading to my MAC adress.

It's possible but I doubt it.

kukks 1y ago

Cell phone connections are probably correlated to the imei of the sim card, and nat only hides internal devices but still gets an ip as a collective?

Diacone Frost 1y ago

Oh, I meant desktops and home connections.

I'd hasitate to use phone for anything requiring privacy unless it's a pocket cash.

Imei (or a fingerprint) afaik are better way to identify you then ip. but with virtual providers and esims it's probably much harder for analitics.

still plausible

Cyph3rp9nk 1y ago

Post: Communication with the relay uses private channels.