This is why ring signatures cannot deliver privacy, unlike zk-proofs

Spot which inputs in each ring signature are real:


I’m interested in this question but don’t know where to look, or I don’t understand the vulnerability you’re pointing to well enough!

Can you explain a bit more? (Thanks!!)

1 Like

Hopefully they’re just consolidating all these inputs (christmas gifts?) via a self-spend and not directly depositing it an exchange…


Likewise, what am I looking at here?

1 Like

@secparam @holmesworcester You are looking at temporal correlation between real transaction inputs. Since it is a large merging transaction (120 ins, 2 outs) the correlation on the in side is pretty obvious:

Possible scenario - someone sold a lot of Bibles over a two month period between end of December '19 and February '20. Waited a bit thinking that will make the transaction more private. Then merged their earnings, possibly by sending it directly to an exchange. Obviously that totally destroyed their privacy.


Ideally, their wallet would have warned them about an obvious loss of privacy in this tx. Even then, the wallet would have a hard time suggesting good alternatives that don’t take lots of extra time and/or fees.

The problem you describe about monero is not even half problem.
How about you focus on solving your privacy first before claiming another privacy coin has a problem? Oh wait, you cant … privacy is optional.

But hey, maybe its also time to remember this:

to properly utilize XMR a user needs to practice coin control - which is a form of opt-in privacy

1 Like

If you would spend as much time on ZCash as you spend on looking for those small crumbs on other projects … Seems you also forgotten this already:


dude used zcash as an immediate passthrough. should’ve let it marinate in a Z-addr for a while, and split amounts up when moving them out of Z-addr… plus dude gave out his txid. wouldn’t have been successful if i was the one involved in this wager.

my point stands, tho. XMR users need to practice coin control. that is a form of opt-in privacy.


99.99% of users don’t need to.
And for those 0.01%, which most likely know what they are doing, they even have a warning message:
“Transaction spends more than one very old output. Privacy would be better if they were sent separately.”

doesn’t matter, coin control is a form of opt-in privacy. this conversation is becoming tedious, and boring. my point stands. have a good one!

Just wanted to relay your orders to chill out and lay off.

Screenshot from 2020-08-20 16-10-27

Try my twitter if you need “somewhere to attack on”, I check it every fortnight. :smile:

1 Like

If ring signatures cannot deliver privacy, prove it by solving this:
Otherwise you’re a dog that only barks.

You still owe me for the last “competition” I’m not solving any more until you pay out.

You have your orders, run along now.

2014 lmao, sadly you will always be many many years behind.