UTXO probing attack using payjoin

The discussion highlights the inherent privacy considerations and potential costs associated with Payjoin transactions. It is noted that for a Payjoin recipient to ensure privacy, they must validate the sender's inputs to confirm they are broadcastable. This validation process opens up an opportunity for the recipient to potentially broadcast the initial transaction if the sender decides to abort the Payjoin, thereby making probing attempts by attackers more detectable and less effective. However, it is also pointed out that despite these measures, an attacker could still replace the original transaction, incurring minimal costs if it is a Payjoin transaction. This suggests that while there are mechanisms in place to enhance privacy and reduce the effectiveness of probing attacks, motivated attackers with sufficient resources may still pose a significant threat to privacy. The cost implications for attackers are considered relatively low, implying that the barrier to conducting such spying activities on someone’s wallet may not be prohibitively high for entities with the necessary motivation and financial resources.