What is Nostr?
Ben Carman [ARCHIVE] /
npub17lt…7hwm
2023-06-07 23:21:57
in reply to nevent1q…9s5t

Ben Carman [ARCHIVE] on Nostr: 📅 Original date posted:2023-05-22 🗒️ Summary of this message: Using ...

📅 Original date posted:2023-05-22
🗒️ Summary of this message: Using ALL|ANYONECANPAY in coinjoin can reduce steps, but it poses risks such as adding unwanted inputs, lower fee rates, and lack of uniformity. Verification code is available.
📝 Original message:The problem with using ALL|ANYONECANPAY is that you cannot verify beforehand that the other inputs are the inputs you want added to the transaction.

Some examples of bad things that could happen:


* Coordinator adds its own inputs, you still get your outputs but effectively paid fees for no privacy gain
* The inputs added could be paying at a lower fee rate than expected, causing the tx to take longer than what you paid for
* Different input types or amount are added so you no longer have the same uniformity across the inputs
* (if you care) An input from a sanctioned address is added, causing you to get "tainted" coins.

This is the code in ln-vortex that verifies the psbt on the client side if you are curious

https://github.com/ln-vortex/ln-vortex/blob/master/client/src/main/scala/com/lnvortex/client/VortexClient.scala#L616


Best,

benthecarman

________________________________
From: bitcoin-dev <bitcoin-dev-bounces at lists.linuxfoundation.org> on behalf of alicexbt via bitcoin-dev <bitcoin-dev at lists.linuxfoundation.org>
Sent: Monday, May 22, 2023 7:51 AM
To: Bitcoin Protocol Discussion <bitcoin-dev at lists.linuxfoundation.org>
Subject: [bitcoin-dev] Coinjoin with less steps using ALL|ANYONECANPAY

Hi Bitcoin Developers,

I recently experimented with different sighash flags, PSBTs and realized ALL|ANYONECANPAY could be used to reduce some steps in coinjoin.

Steps:

- Register outputs.
- One user creates a signed PSBT with 1 input, all registered outputs and ALL|ANYONECANPAY sighash flag. Other participants keep adding their inputs to PSBT.
- Finalize and broadcast the transaction.

Proof of Concept (Aice and Bob): https://gitlab.com/-/snippets/2542297

Tx: https://mempool.space/testnet/tx/c6dd626591dca7e25bbd516f01b23171eb0f2b623471fcf8e073c87c1179c492

I plan to use this in joinstr if there are no major drawbacks and it can even be implemented by other coinjoin implementations.

/dev/fd0
floppy disk guy

Sent with Proton Mail secure email.
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev at lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20230522/9d45d394/attachment-0001.html>;
Author Public Key
npub17lts233cksw942zaqq8kkkgrc8hn9pfzgdyrce28nrf2vx49q7wq3c7hwm