bitcoin-dev

Combined summary - Reiterating centralized coinjoin (Wasabi & Samourai) deanonymization attacks

Combined summary - Reiterating centralized coinjoin (Wasabi & Samourai) deanonymization attacks

The discussion initiated by AdamISZ/waxwing delves into the cryptographic properties of Schnorr and ECDSA signatures, particularly their behaviors in scenarios involving arbitrary public keys and messages.

The inquiry focuses on whether a valid signature for a given message and public key could also validate under a different public key for the same message in both Schnorr and ECDSA frameworks. For Schnorr signatures, due to key-prefixing, replicating a valid signature across differing public keys is deemed impossible. This impossibility stems from the mathematical relationship between the signature, message, and public key, which cannot be satisfied for a new public key without violating the hash function's preimage resistance. Conversely, ECDSA lacks this key fixation in its hashing process, allowing public key recovery from a signature but still preventing the creation of a new valid public key for an unchanged signature-message pair due to inherent verification constraints.

Further communications elaborate on potential vulnerabilities within coinjoin implementations, specifically addressing sybil attacks and the role of centralized coordinators in Wasabi's setup. Despite measures to economically disincentivize such attacks, concerns persist regarding the ability to anonymously manipulate transaction flows. The discussion extends to technical gaps in handling failed transaction rounds and suggests improvements for lite client validations amidst MITM threats. Additionally, the conversation critiques Wasabi's approach to privacy, pointing out missteps in protocol auditing and the misuse of privacy mechanisms like wabisabi credentials.

Yuval Kogman's insights bring to light vulnerabilities related to the coordination of coinjoins, highlighting the risks posed by coordinator-induced Sybil attacks and tagging through manipulation of cryptographic elements. The discourse raises questions about the integrity of blind signatures and the security implications of using certain cryptographic methods. It underscores the importance of non-repudiable evidence and trust in the system.

A detailed analysis addresses the proper management of blind signatures in mixing services and identifies a specific bug correction in Wasabi 1. It explores observation attacks and server's potential deanonymization tactics, stressing the significance of log management for enhancing user privacy and security. Concerns are also raised about the effectiveness of current measures against history intersection attacks, suggesting further enhancements.

The dialogue surrounding Wasabi & GingerWallet and Samourai wallet unveils fundamental design flaws leading to deanonymization risks. Critiques focus on trust issues and the coordinators' roles, with specific vulnerabilities highlighted in the Whirlpool and WabiSabi protocols. The discussions provide a comprehensive overview of technical shortcomings, economic incentives, and the broader ethical considerations in developing privacy-preserving technologies within the cryptocurrency space.

This compilation of discussions encapsulates the ongoing debates and analyses within the Bitcoin development community regarding cryptographic signature schemes, the security and privacy of coinjoin implementations, and the broader challenges of ensuring user trust and safety in cryptocurrency transactions.

Discussion History

0
Yuval KogmanOriginal Post
December 21, 2024 14:16 UTC
1
January 6, 2025 13:07 UTC
2
January 6, 2025 14:30 UTC
3
January 7, 2025 15:56 UTC
4
January 7, 2025 21:33 UTC
5
January 23, 2025 16:25 UTC
6
January 24, 2025 16:00 UTC
7
January 24, 2025 16:38 UTC
Bitcoin Logo

TLDR

Join Our Newsletter

We’ll email you summaries of the latest discussions from authoritative bitcoin sources, like bitcoin-dev, lightning-dev, and Delving Bitcoin.

Explore all Products

ChatBTC imageBitcoin searchBitcoin TranscriptsSaving SatoshiBitcoin Transcripts Review
Built with 🧡 by the Bitcoin Dev Project
View our public visitor count

We'd love to hear your feedback on this project?

Give Feedback