Bitcoin is often regarded as digital cash, but this statement is open to question. If Alice pays Bob $10 in cash, Bob has no way of knowing where the cash came from. When Bob transfers the $10 to Carol, Carol has no way of knowing that the $10 originally came from Alice.
However, the inherent public nature of Bitcoin determines that the situation is different. The history of a given token (Unspent Transaction Outputs, or UTXOs to be precise) is available for everyone to see. This is much like writing the transaction amount and the names of the participants on a bill.
However, public addresses can be made anonymous, allowing users to easily hide their identities. However, Bitcoin cannot completely hide its traces. Analysis technology for blockchain is becoming increasingly mature and can effectively match addresses with identities. In addition to other surveillance techniques, dedicated entities can also de-anonymize cryptocurrency users. In order to solve this problem, a variety of technologies for unbundling transactions have emerged in the market.
Broadly speaking, token mixing refers to all operations that mix funds through replacement. However, in the cryptocurrency space, token mixing is provided by third parties. The service provider typically takes the user's tokens (along with a small fee) and later returns some tokens that have no relationship to the tokens sent. Such services are also known as tumblers or coin mixers.
Of course, the security and anonymity of this centralized service are questionable. Users have no guarantee that the mixer will return funds or that the returned tokens are not tainted in some way. In addition, when using a mixer, IP and Bitcoin addresses may also be recorded by third parties. The result of token mixing is that users give up control of their funds in the hope of obtaining unrelated tokens.
There is currently a new solution called "CoinJoin Transaction" that gives users a large degree of room for denial. In other words, after using CoinJoin, the exact evidence of the connection between the user and past transactions is erased. Many CoinJoin solutions become decentralized alternatives to mixers. While it is possible for a coordinator to intervene, users do not need to give up rights to fund management.
CoinJion trading came out in 2013 and was first proposed by Bitcoin developer Gregory Maxwell. In the post, he briefly introduced the structure of such transactions and how to obtain high private returns without modifying the protocol.
Essentially, CoinJoin transactions incorporate input from multiple users. Before explaining how this technology works, let’s first understand the structure of the underlying transaction.
Bitcoin transactions consist of inputs and outputs. When a user wishes to transact, they take a UTXO as input, specify the output and sign the input. Please note that each input is independently signed, but the user can set up multiple outputs (targeting different addresses).
We input from four ways (each input is 0.2 BTC) Taking a given transaction consisting of two outputs (0.7 BTC and 0.09 BTC) as an example, a series of assumptions can be made about it. First watch a payment take place - the sender sends one of the outputs to someone and then receives the change. This transaction uses four inputs, so the larger output should be directed to the receiver. Please note that we need to pay the miner a fee and the output will lose 0.01 BTC.
The sender may also want to create a large UTXO, thus combining small inputs to obtain a target output of 0.7 BTC.
We can also assume that each input is independently signed. This transaction has at most four parties signing the input. This is exactly how CoinJoin works.
The core idea is to create transactions through multi-party collaboration, with each party providing inputs and expected outputs. When all inputs are blended, others cannot identify the correspondence between the output and the user. Let's look at the following diagram:
As shown in the picture, four participants Want to break the correlation between transactions. They coordinate with each other (or through a dedicated coordinator) to declare the inputs and outputs they wish to be counted.
The coordinator will take all this information and draw it into a transaction, which each participant will sign before broadcasting it to the network. Once signed by a user, the transaction cannot be changed until it becomes invalid. Therefore, the coordinator cannot steal funds.
This transaction acts as a black box for token mixing. Don’t forget, we destroy the initial UTXO to create a new UTXO. The only connection between old and new UTXO is the transaction itself, and of course we cannot distinguish the participants. The ideal situation is just to know that there are participants who provide input and possibly be the owners of the output results.
Even so, we can't be 100% sure. Seeing the transaction described above, who can be sure that there are four participants? Or is there just one person sending funds to his four addresses? Or do two people buy twice each, and each address receives 0.2 BTC? It’s also possible that four people sent funds to new participants, or that the funds flowed back to the individual. We are unable to determine the specific circumstances.
The advent of the CoinJoin implementation is enough to make people Be suspicious of trading analysis methods. In many cases you may infer that a CoinJoin occurred but cannot determine the output owner. As this technology becomes more common, the assumption that all inputs are owned by the same user gradually weakens. In a broad and comprehensive ecosystem, privacy has improved dramatically.
In the above example, we assume that the anonymous set of the transaction has 4 input persons, and the output owner can be any one of these 4 persons. The larger the anonymity set, the lower the probability of finding a correspondence between the transaction and the original owner. Fortunately, the recent CoinJoin solution allows dozens of users to fuse inputs in a trustless manner, significantly improving "deniability." Recently, CoinJoin successfully executed hundreds of trades.
For users who pay great attention to privacy, currency mixing is a very effective supplementary method. Unlike proposed privacy upgrades such as confidential transactions, this technology is compatible with existing protocols.
For users who trust the integrity and effective methods of third parties, currency mixing services are simple and convenient. For users who prefer a verifiable or non-custodial solution, CoinJoin is an excellent choice. Tech-savvy users can abstract away more complex mechanisms manually or by using software tools. Today, as the need for privacy increases, such tools will become increasingly popular in the market.