Hello list, Two points:
* The V^2 term is the only thing in the whole scheme that provides any sybil protection. I've already gone through the reasoning in an earlier email and the maths is clear; in a scheme with linear V honest makers have no economic advantage over sybil attackers. This is because only a sybil attacker needs to split up their money into multiple fidelity bonds, and that comes with a penalty under the V^2 rule. It's worth reiterating that including a single evil maker in a JoinMarket coinjoin does not ruin it's privacy. Privacy is only ruined if *all* makers in a coinjoin are controlled by the same entity. So if takers use one maker who has rented TXOs, then its no big deal as long as the other included makers are controlled by other people. Therefore when balancing the harms, consolidation into fewer makers is not as bad as having no sybil protection (which as a reminder means that *all* makers are controlled by one entity), and so the V^2 term does more good than harm. We can't condemn the V^2 rule because of consolidation without acknowledging the good it does in penalizing sybil attacks. * Regarding entities like exchanges running makers. They can also do this today with JoinMarket, the proposed fidelity bond scheme doesn't make that worse. It's an underlying assumption of JoinMarket that coinjoining power is proportional to bitcoin ownership (in a similar way that an underlying assumption of bitcoin is that transaction confirmation power is proportional to hashpower). If those big exchanges find that coinjoins involving them included just one maker controlled by someone else then their aim of deanonymization will have failed. And then those exchanges have to explain to their regulators why they helped hide the origin and destination of some black market money. _______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
