this post was submitted on 29 Jul 2023
3 points (100.0% liked)

Nano Community Projects

1 readers
1 users here now

Discussions about nano-related projects from the community

founded 1 year ago
MODERATORS
[email protected]
3
NanoFusion (digitalcashtools.com)
submitted 1 year ago* (last edited 1 year ago) by [email protected] to c/[email protected]
4 comments fedilink hide all child comments
 

NanoFusion is a pretty neat project that attempts to add an additional layer of privacy by implementing a trustless mixing protocol.

I am investigating more about it. The github repo has not been updated since 2021, so I'm not sure about what the current status is.

According to the github project, step (1) of the trustless mixing algorithm is the following:

  • create an account that can only send funds if all the parties sign the send transaction.

If anyone understands how that is done without sharing private keys, please let me know because I'm having a hard time understanding that.

Another doubt that I have is: how is it possible to pre-sign the Mix -> Out transactions if the hashes of the blocks to be signed are only known after the mixer signs the receive blocks?

all 6 comments
sorted by: hot top controversial new old
[–] [email protected] 3 points 1 year ago (1 children)

I believe the sending funds only if all parties sign the send transaction is done through a multisig account. I've tried this a while back on Nault (explanation here https://docs.nault.cc/2021/04/20/multisig.html), but I found it to be fairly complicated. That said, I'm not very technical, so that might just be me.

[–] [email protected] 3 points 1 year ago* (last edited 1 year ago)

Thank you!

The Nault explanation was practical but it did not get into the details of what is actually happening behind the scenes. However, by clicking through the links I eventually arrived to PlasmaPower's musig-nano.

The README.md of this repository points out precisely where the original algorithm was described:

Maxwell, Gregory, et al. "Simple schnorr multi-signatures with applications to bitcoin." Designs, Codes and Cryptography 87.9 (2019): 2139-2164.

A slightly more compact blog post about the algorithm is also referenced:

https://blog.blockstream.com/en-musig-key-aggregation-schnorr-signatures/

I will try to find the time to read through these. It will probably require a good amount of focus to understand them... Again, thank you for pointing me in the right direction!

[–] [email protected] 2 points 1 year ago* (last edited 1 year ago) (1 children)

Oh, I just realized, if you layer mixing so each participant has more than one address, you can also obfuscate total balances / transaction amounts. the more layers, the more obfuscation, but more accounts and transactions would be needed. and you would have to do this on the receiving end and the future send, or the risk of correlating accounts increases.

[–] [email protected] 2 points 1 year ago

Yeah. And if there is a unique sum of inputs that equals a unique sum of outputs, those accounts can be correlated. So it is a probably good idea to split several inputs and outputs into equal amounts.