The first concerns the coordinator's ability to compromise anonymity by selectively excluding entities from the join or by incorporating their entities, essentially performing a Sybil attack on a targeted user. This issue underscores a fundamental weakness for all participants, barring the coordinator, as the essence of coordination requires anonymity which inherently cannot distinguish between genuine participants and Sybils. Although decentralization and cost imposition, like the Joinmarket fidelity bonds, can mitigate this risk, they do not eliminate it entirely. The decentralized approach of having each participant act as a coordinator for a join raises the difficulty for attackers but doesn't fully remove the threat.

The second vulnerability involves the coordinator's capacity to tag a targeted user through manipulation involving the blinding key, roundID, and other elements, emphasizing that the only "identity" a user has in such systems is the coin they contribute. The necessity for blockchain access for attestation verification is highlighted, pointing out a potential oversight in the Wasabi project's approach to client assurance regarding the effectiveness of blinding. A significant point raised is the possibility of using signed messages from the coordinator to provide non-repudiable evidence of their claims, thereby strengthening trust in the system.

Further discussions touch upon technical aspects related to signature verification and the potential for certain attacks or privacy compromises. The email also questions the practicality and security of using specific cryptographic methods like RSA in the context of unblinded signatures and their association with inputs and outputs in transactions. It proposes the consideration of permanent keys tweaked with context-specific information for easier verification by clients, though applicability might be limited to the Schnorr family of signatures and may not extend to RSA.

The email ends with reflections on the broader implications of having multiple Wasabi coordinators, suggesting a cautious approach to their analysis given the assumption they could be operated with ulterior motives. Additional comments question the efficiency and security of various anonymizing strategies, hinting at the need for further investigation into covert attacks beyond straightforward Sybil tactics, possibly considering timing and network-level vulnerabilities.