|
|
|
@ -1089,32 +1089,35 @@ have the same properties. |
|
|
|
This section considers various new technologies coming down the pipeline and how they interact with existing |
|
|
|
and new metadata analysis techniques. |
|
|
|
|
|
|
|
\nsubsection{Shielded Coinbase} |
|
|
|
\nsubsection{Shielded Coinbase ZIP-213} |
|
|
|
|
|
|
|
Shielded coinbase seems interesting but leaks a grave amount of metadata tied to the zaddress of the miner, which |
|
|
|
Shielded coinbase is interesting but leaks a grave amount of metadata tied to the zaddress of the miner, which |
|
|
|
can feed into this analysis. We recommend Pirate, Arrow and other coins implementing enforced \zaddr usage |
|
|
|
avoid implementing the new \cite{ZIP-213} "Shielded Coinbase". The Hush community does not agree the the final conclusion |
|
|
|
of ZIP-213 that it is ok to make the miner \zaddr output public and that only users concerned with "post-quantum" |
|
|
|
privacy need to worry about metadata leakage. It gives no recourse to these users, and so in that sense Sietch |
|
|
|
can be seen an a valid defense against quantum computers. Further research is required to see what kind of |
|
|
|
speed up quantum computers can have on graph theory algorithms that make up the bulk of an \ITM. |
|
|
|
speed up quantum computers can have on graph theory algorithms that make up the bulk of an attack. |
|
|
|
|
|
|
|
Shielded Coinbase will drastiscally reduce privacy of \zaddr miners, because they will re-use the same \zaddr |
|
|
|
for every block and it leaks the \zaddr being mined to. The "normal" behavior of mining to a taddr first then |
|
|
|
sending to a \zaddr isolates metadata leakage to the taddr. The \zaddr of a miner is never disclosed publicly. |
|
|
|
ZIP-213 says miners should make a new address for every block but that simply will not happen because it's optional |
|
|
|
and also makes wallet.dat files very large, slower, more annoying to backup, and various other reasons. All privacy |
|
|
|
and also makes wallet.dat files very large, slower, more annoying to backup, and most importantly, the downtime |
|
|
|
it would take to stop zcashd and restart with a new zaddr directly translates into lost money for a miner. All privacy |
|
|
|
coin research points to the fact that most users only do what is mandatory, they do not go out of there way to do |
|
|
|
extra work to get privacy. |
|
|
|
extra work to get privacy. Miners are no exception. |
|
|
|
|
|
|
|
By using Timing and Value Analysis with Shielded Coinbase, an analyst can get a much better estimate on the minimum |
|
|
|
value a \zaddr likely has and how much funds pass thru it per time interval, as well as txid's to correlate to the |
|
|
|
\zaddr. These can all be used as inputs to the ITM Attack, as well. |
|
|
|
\zaddr. These can all be used as inputs to the ITM Attack, as well. Additionally, \zaddr miners open themselves up |
|
|
|
to dust attacks because their \zaddr is publicly known on the public blockchain, forever. |
|
|
|
|
|
|
|
ZIP-213 is a fascinating academic exercise which could be implemented with better privacy properties but less auditability, |
|
|
|
i.e. knowing exactly how much new funds are being mined in each block. Taking into account the ITM Attack in particular |
|
|
|
and Metaverse Metadata attacks in general, ZIP-213 will not increase the privacy of a blockchain but potentially decrease |
|
|
|
it by infecting the shielded pool with too much metadata leakage. |
|
|
|
and Metaverse Metadata attacks in general, ZIP-213 will not increase the privacy of a blockchain but decrease |
|
|
|
it by infecting the shielded pool with too much metadata leakage. For these many reasons, Hush and Komodo world are ignoring |
|
|
|
ZIP-213, and indeed, ignoring the entire Heartwood Network Upgrade, as it has no privacy features. |
|
|
|
|
|
|
|
In summary, Shielded Coinbase was implemented by Electric Coin Company with little practical regard to increasing privacy on their |
|
|
|
blockchain, though it is an interesting technical peice of work. Since increased \zaddr usage does not translate into more profits, |
|
|
|
@ -1128,8 +1131,8 @@ involved in pushing the bleeding edge of privacy tech forward. |
|
|
|
|
|
|
|
\nsection{Acknowledgements} |
|
|
|
|
|
|
|
This is an independently funded work of research with no 3rd party |
|
|
|
funding sources. No funding from Electric Coin Company nor Zcash Foundation was received. |
|
|
|
This is an independently funded work of research with no third party |
|
|
|
funding sources. No funding from Electric Coin Company, Zcash Foundation or any other for-profit or non-profit entity was received. |
|
|
|
|
|
|
|
\nsection{References} |
|
|
|
|
|
|
|
@ -1141,7 +1144,7 @@ funding sources. No funding from Electric Coin Company nor Zcash Foundation was |
|
|
|
\endgroup |
|
|
|
|
|
|
|
\begin{center} |
|
|
|
\textbf{Speak And Transact Freely} |
|
|
|
\textbf{Speak And Transact Freely - myhush.org} |
|
|
|
\end{center} |
|
|
|
|
|
|
|
\end{document} |
|
|
|
|
