peakshift · johnsBeharry · Oct 25, 2020 · Oct 25, 2020 · Oct 25, 2020 · Oct 27, 2020
diff --git a/coinjoins/README.md b/coinjoins/README.md
@@ -0,0 +1,83 @@
+# Coinjoins & Privacy UX Primer
+
+- Bitcoin is not anonymous.
+- Consider each address you generate as a new identity.
+- Coin has history
+- Histories can link addresses into clusters
+- Public ledger
+- Anyone can lookup
+- New users may not be aware
+
+## Address Reuse
+
+Use a [hierarchical deterministic wallet](https://en.bitcoin.it/wiki/Deterministic_wallet) in order to avoid reusing an identity.
+
+Practicality
+
+- How do you adverise an address to be paid in a video?
+- Handling gap limit, online and during recovery
+
+## Wallet Fingerprinting
+
+The way the transaction is constructed can give chain analysts an idea of which wallet was used.
+
+1. Change is sometimes the last output
+   1. Solutions
+      1. [Lexicographical Ordering (BIP 0069)](https://github.com/bitcoin/bips/blob/master/bip-0069.mediawiki) (see also [arguments against, search for bip 69 in transcript](https://diyhpl.us/wiki/transcripts/london-bitcoin-devs/2020-05-05-socratic-seminar-payjoins/))
+      2. Random Ordering - is there a standard? verifiable? deniable?
+2. If the `nLockTime` in the transaction or `nSequence` of the inputs are set
+  - locktime type (absolute/`nLockTime`, [relative/`nSequence` (BIP 68)](https://github.com/bitcoin/bips/blob/master/bip-0068.mediawiki), and their [interactions](https://b10c.me/mempool-observations/1-locktime-stairs/))
+  - locktime value type (blockheight, [MTP (BIP 113)](https://github.com/bitcoin/bips/blob/master/bip-0113.mediawiki))
+  - [RBF opt in (BIP 125)](https://github.com/bitcoin/bips/blob/master/bip-0125.mediawiki)
+
+## Routing Transaction
+
+- Should use Tor
+  - Research Dandelion
+- If an attacker has enough nodes in the network it can determine the location of where the transaction was broadcasted.
+
+## Methods
+
+### Coinswap
+
+Privacy through a swap for another users coin history.
+
+### Coinjoins
+
+Privacy by combining of coin history.
+
+#### Censoring
+
+- Some exchanges may not accept deposits from coinjoins
+- Adding hops — *see Samourai Wallet's Ricochet*
+
+#### Components
+
+##### Rounds
+
+- Role of the coordinatior
+
+##### Coin Selection
+
+- Post-mix wallet MUST prevent joining inputs together. [cite_1]
+
+---
+
+#### Techniques
+
+Types of coinjoin techniques...
+
+##### Equal Output Coinjoin
+
+- All parties mix the same output denominations
+
+##### PayJoin
+
+A type of coinjoin which involves two parties adding their inputs, and outputs on the same transaction so the direction of payment cannot be determined.
+
+- is not obviously visible as an equal-output [CoinJoin](https://en.bitcoin.it/wiki/CoinJoin)
+
+> If [PayJoin transactions](https://en.bitcoin.it/wiki/PayJoin) became even moderately used then it would make the [common-input-ownership heuristic](https://en.bitcoin.it/wiki/Common-input-ownership_heuristic) be completely flawed in practice. As they are undetectable we wouldn't even know whether they are being used today. As [Transaction surveillance companies](https://en.bitcoin.it/wiki/Transaction_surveillance_company) mostly depend on that heuristic, as of 2019 there is great excitement about the PayJoin idea.
+
+[1]: https://github.com/nopara73/ZeroLink#i-introduction
+[2]: https://zmnscpxj.github.io/bitcoin/coinjoinxt.html
diff --git a/coinjoins/process.md b/coinjoins/process.md
@@ -0,0 +1,92 @@
+# Coinjoin Process
+
+## Events
+
+### Start
+
+1. Connect to the coordinator
+2. See how many rounds are active
+
+### Check Active Rounds
+
+- Fee Rate
+- List of Preferred Denominations
+
+Rounds have a fee rate
+Maximum input number
+
+### Request Registration
+
+Every registration request needs you to present credentials.
+
+- Request 0 credentials
+- 0 credentials have no value
+
+### Input Registration
+
+- Show coordinator the inputs (outputs )
+- Prove you can spend it (sign round params)
+- Show crednetials (0 credntials at first)
+- Difference = Sum(10000 * )
+
+### Connection Confriamtion
+
+- Keep telling the server that you're interested in the round — so others don't rely on your inputs if you are not available.
+  - How often must this be done?
+
+### Output Registration Phase
+
+- Everyone needs to query the status once more
+  - They learn all of the input signatures
+    - They want to know that everyone is seeing the same key for the server
+      - They wanna make sure everyones inputs is legit
+        - Everyone gets the signatures and verify them
+          - Then register outputs
+            - Same like registering inputs except it is negative
+              - Credentials as change
+                - Prove output amount is the same as the presented and requested credentials
+                  - Everyone runs out of credentials
+                    - All of the outputs are registered
+
+### Transaction Signing
+
+1. Now the round proceeds to transaction signing
+2. They check for their own outputs, and sign for everyone of their inputs
+
+### Broadcast
+
+1. Coordinator broadcasts transactions with all signatures
+
+---
+
+
+
+## Challenges
+
+### Time-staggered batched coinjoin payments
+
+- what is the problem
+- what is the proposed flow
+- what is the goals
+
+### Handling Change
+
+Change after a mix poses a problem as it can be tracked — so how do you dispose of very small outputs?
+
+#### WabiSabi
+
+- Dispose them through the coordinator — so someone doesnt know what charitiy. `wabisabi`
+
+- - Change can be tracked
+
+- Fee Credentials
+
+- Prepaid Fees
+
+- Opt in to donations using change
+
+
+### Coin Selection
+
+- Wallet is able to select intelegently for you in cost effeicent ways but pershaps not in private ways because it does not understand the meaning of the labels.
+- High anonimity coins can be auto-selected.