Conversation

Replying to

I don't think banknotes or Zcash entail mixing. They're both natively private. (Btw I'm not criticizing privacy itself or Vitalik. I'm only trying to make a point about mixing as a way to get privacy.)

Replying to

holding is private, sure. Transacting in cash in the real world does functionally resemble mixing.

Replying to

I’m really interested in this conversation, because I think the biggest problem in crypto privacy tech right now is that 99% of people think that “mixing” is the only possible kind of privacy, but I think “mixing” can never succeed at providing privacy.

Replying to

To me, “mixing” means trying to hide the patterns of your choices in among the patterns of other people’s choices. Computers can already see through that, and they’re getting better at seeing through it faster than we’re getting better at “mixing”. It’s never gonna work. BUT…

Replying to

But, encryption works! Computers can’t see through encryption. Here’s a short talk I gave about this:

youtube.com

Zooko Wilcox: How to protect your crypto through privacy

ZCash inventor and digital cash pioneer Zooko Wilcox talks about how to reframe thinking about financial privacy, entitled a Better Way to Think About Financ...

Replying to

At the risk of rambling on, Imma say more. The fundamental distinction has to do with things on the order of 2^32 possibilities vs things on the order of 2^128 possibilities. Let me explain …

Replying to

Suppose you are one of 4 billion (2^32) users, and you let an AI watch the actions of all 4 billion of you, and then you ask it to identify you uniquely among all of them based on your patterns of behavior. Will it be able to do so? …

Replying to

Answer: yes, and it requires surprisingly little information. Just let it see a few bits of data about your behavior, and the AI will be able to identify and track you uniquely out of all 4bn (2^32) users. …

Replying to

Now, suppose you have a spending key which is 128 bits long — eg a seed phrase which is maybe 12 words. Can a computer “brute force” guess your seed phrase out of all possible seed phrase? …

Replying to

Answer: no way in hell. Not in a million years. …

Replying to

My simplified (perhaps over-simplified) way to think about this is: “Mixing (aka decoys) doesn’t work. Encryption works.” youtu.be/XpRzKqEfpP4

4:25 PM · May 1, 2022

Replying to

This is why attempts to “anonymize” your crypto by “moving it through” something typically fail. That action that you take is itself emitting information, and the haystack of other information that you’re trying to hide in is generously on the order of 2^32. …

Replying to

On the other hand, ZEC coins that are currently sitting at rest in the Zcash Shielded Pool emit zero information (that’s the “zero” in “zero knowledge proof”) about their origin when they move. Here’s such a transaction. No information about the origin: zcashblockexplorer.com/transactions/d

Show replies