fedimint is this
Discussion
Fedimints can't distinguish users so they can't selectively stop serving certain users.
They can distinguish users via shotgun kyc. Refuse to process any transfer unless its creator self-identifies. Most users will happily do so. The victim has two options: stay anonymous, in which case you don't get your money, or self-identify, in which case you *still* don't get your money.
In the worst case you can find someone who did kyc and trade them the tokens offline.
I rewrote this reply six times and right now I think that will probably usually work at first, but only when the blocked person can find someone who trusts them, and that would get harder over time.
The reason it would only work if the blocked person can find someone who trusts them is this: if Alice gets blocked she can sell withdrawal rights to Bob and Carol at the same time, and one of them will get screwed, because the mint won't honor the same blind signature twice. But Alice will have gotten paid with real bitcoins twice, so she would be ecstatic.
You might think Bob and Carol can fix this using atomic swaps, but it won't work: in order for atomic swaps to work on an ecash mint, the mint has to transfer your money into an HTLC. But Alice can't get them to do that without identifying herself to the mint, and she can't give the blind signature to Bob or Carol to have them do it, because as soon as one of them has the blind signature, they do not need the HTLC anymore. Bob and Carol can only try to redeem the money as soon as possible, but only one of them will win, and the other one already sent Alice their money.
At first it would probably be easy to find people who trust you not to doublespend, in fact I suspect that almost everyone who knows how to use a mint would trust you not to doublespend because they themselves wouldn't know how to actually do it. But that trust factor would mean there are a bunch of suckers out there who will give you real bitcoins in exchange for a blind signature that you can easily sell to two people at once, thus getting paid twice. So game
theory suggests that scammers would exploit by intentionally getting banned and then double spending people until randos on the
internet are unwilling to trust people who ask them to buy their blind
signatures offchain.
At that point you wouldn't be able to rely on randos on the internet buying your blind signatures from you, so you can only do this with people who have a mutual trust relationship with you. That makes it a lot harder. You have to disclose that you got censored to someone you trust, then hope they aren't censored too (often a whole region gets censored at the same time), and finally hope they are willing to help you in this situation (which might be hard if they've never used a mint before and you have to teach them).
So yeah, it would probably work fine at first, but then it might get harder over time.
This is really about Chaumian mints rather than federations in particular, right.
Something I find really interesting is, to the extent your point is true, it's also ~ the reason that these servers aren't auditable, which might be the thing that takes them from 'a bit dodgy' to 'really dubious trust model', and therefore, perhaps, why they will struggle to find usage.
That's bitcoin's special sauce, scantxoutset and so on.