gun icon indicating copy to clipboard operation
gun copied to clipboard
verified publisher icon GoUpNumber

Add strategies in docs to enhance utxo onchain privacy in 'gun bet propose'

Open keblek opened this issue 4 years ago • 2 comments

https://gun.fun/bet/propose.html

Would be helpful to offer strategies for how to set up the onchain utxo that will be offered in a public proposal. These sorts of situations offer zero margin for error since privacy leaks cannot be undone.

I don't want to turn this into yet another privacy argument but I do think a good gun user should be aware of all the options and then pick accordingly (personal time preference and competence level). Including this in the docs may be out of scope for the project but seeing as how it's onchain I don't see how any discussion of this protocol can escape the perils of poor onchain fungibility.

There are two strategies (this is an ordered list);

  1. coinjoin (all things considered this is the best option because its the most secure way to enhance privacy) (this is an unordered list!!)

    • whirlpool (samurai or sparrow wallet) (easy to use but expensive)
    • joinmarket (hard to use but cheap)
    • wasabi wallet (I can't comment on this since I haven't personally used it, but I understand that this is an effective privacy enhancing tool that requires proper coin control on the user side)

  2. lightning to onchain via no-kyc exchange. The exchange has no idea where the LN sats came from and they don't know who owns the newly created UTXO, outside observers only see an exchange whitdrawal and would have to ask the exchange who sent the deposit (cheaper, steganographic, much less secure since it requires custodians in most cases (sans submarine swaps but I'm still not 100% sure what the privacy implications of that protocol are), much lower liquidity, much faster and with more competing options)

    • muun/phoenix wallet (or full LN node) and boltz exchange

  3. self-mining

  4. there are other ways but these methods are verboten and shall not be discussed nor encouraged. Well maybe we can discuss them but we really can't encourage them.

If there are any other workable strategies I would like to hear them.

Plebs (and degens alike) should not shy away from participating in this because of a fear of doxxing their stash.

Spending the utxo after a winning bet also presents privacy challenges.

keblek avatar Oct 13 '21 17:10 keblek

Hey these are really good ideas. Indeed a "how to maintain your privacy as a proposer" guide belongs at https://gun.fun -- my hope is that plebs and degens will just do offers or proposals via DMs unless they really know what they are doing.

Perhaps a first step is to put a (stronger) warning on https://gun.fun/bet/propose.html

Spending the utxo after a winning bet also presents privacy challenges.

Yes. The next big privacy win would be to move to the taproot/schnorr protocol I have in mind which would make the transactions indistinguishable from normal payments.

If we get to the point where this is actually popular enough for chain analysis to scrape twitter looking for this stuff and tag those transactions anyway then the only solution is to joinjoin or swap that UTXO into lightning. Adding LN support is on the roadmap which is probably the next big privacy win. We could even try and make it so bets pay out to an LN channel. Or even better instead of setting up a bet set up an LN channel instead and then do the bet in there. I think that works theoretically.

LLFourn avatar Oct 14 '21 00:10 LLFourn

Hey these are really good ideas

Thank you, I appreciate hearing that.

my hope is that plebs and degens will just do offers or proposals via DMs unless they really know what they are doing

The temptation to post about it on twitter and prove how "smart" we all are will be very high.

At some point we will need an efficient way to find proposers so that we can have an efficient market. Or do you think we all have enough friends to call up and be like "yo take a bet for this one thing against me right now". Sphinx chat or IRC over tor could remedy this. Or do you not see it like that?

Whenever I see a market maker/taker dynamic, I instantly assume that a central place (a market square) is necessary (or at least very helpful). Do you think a "market square" for gun is necessary?

Adding LN support is on the roadmap which is probably the next big privacy win.

That would be amazing and sounds very exciting. Would that end up looking like a dual funded channel onchain? Which itself looks like a payjoin.

keblek avatar Oct 15 '21 20:10 keblek