Replying to Avatar Tatum Turn Up

ELI5: Why does Bitcoin have a “privacy problem” and what does something like Monero do differently that eliminates that problem?
Avatar
Loki 2y ago

Monero is not auditable and because of obfuscation has far less payment ledger capabilities. No RBF, so CPFP no fee market. If it got too popular it would end up with a nasty mempool bitrot problem.

It is probable the weak obfuscation of Monero is no stronger than chain analysis Vs coinjoins.

It's a one trick pony right now, and with enough LN on Tor or similar, obsolete.

The main claims relate to darkweb arrests. But most of these depended on a lot of evil nodes on the anonymising network and had nothing to do with Bitcoin. UTXO is mostly private.

If you want more than this, please donate to Indra so we can bring scalable privacy to the internet.

See my profile for info re Indra.

Reply to this note

Please Login to reply.

Discussion

Avatar
Saberhagen The Nameless 2y ago

Monero relies on pedersen commitments and range proofs for auditability. Its built on the foundation of sound cryptography from the 80s. True, you cannot just look at the blockchain like Monero and do "simple math" to add everything up.

But then again, what bitcoiner does that? They just run a node and pay no mind just as Monero. No bitcoiner is making sure every new block (all inpus) = (all outputs). So in practice that is a weak point.

RBF has it's own trade offs. Where 0 conf payments use to be pretty safe for small amounts on btc, it makes them way riskier and lowers convienience/useability in that respect.

Monero doesn't only have obfuscation...you are very misinformed sir. Sender is the only part that is obfuscated thru ring sigs. Monero uses ZKPs/encryption for amounts and recievers. There is no connection graph linking senders and recievers. There is no amount analysis either. Simple examples:

Monero: ~6% chance Alice sent $[?] to [?]

Bitcoin Coinjoin:

[Alice, Bob, and/or Carol] sent [$X, $Y, and/or $Z] to [Dave, Eve, and/or Frank]

Encryption > Obfuscation

Monero privacy is much stronger than merely coinjoining where the range of possible amounts and connections is completely available. There is always potential to combine with future data to deobfuscate a coinjoin tx. And it has happened many times.

https://www.wired.com/story/silk-road-bitcoin-seizure-james-zhong/

Avatar
Saberhagen The Nameless 2y ago

I think I linked the wrong article. Here is the correct one: https://blockworks.co/news/silk-road-hacker-sentenced