Thanks for digging into this @rnbrady! Since you answered your own questions, I’ll just add some comments: An anonymity set of 2 is pretty dismal, and that’s in the best case (assuming the user didn’t send it straight to one of the attacker’s nodes) – for low-resource attackers – before other attacks/analysis. E.g. if the transaction spends a CashFusion output, and you’re broadcasting using the same node or Fulcrum server you were using before the CashFusion – you’ve probably helped attackers...
Both are spreading FUD about churning. The 2 wallets method is also churning, but “easy” version because you’re separating the results. The end result is still dangerous: you could spend 2 of your “Outgoing” coins in the same transaction, which is really easy to identify, provided both coins are from the same source.
I’d argue the stastical risk of establishing a trace thanks to a serie of churns is extremely unlikely. Nobody will churn 6+ times anyways, and the advantages of churning far outweighs the ones of not churning.
Sadly, they also don’t state anything about how that “MAP Decoder Attack” works. After searching, it’s pretty interesting, and we come onto the pretty well known issue that decoy distribution isn’t perfect.
FCMP will fix this. In the meantime, please churn for any sensitive transaction. Either method (2 wallets or classic churning) works and the effects are always good, even if other mistakes are made (except if sweeping all).
I have to say I haven’t really checked much of Rucknium’s work, but it’s pretty damn precise. Guy knows what he’s talking about. Our next big threat will be malicious remote nodes, like he said!
The website’s article completely bases itself on https://duke.hush.is/memos/6/
Both are spreading FUD about churning. The 2 wallets method is also churning, but “easy” version because you’re separating the results. The end result is still dangerous: you could spend 2 of your “Outgoing” coins in the same transaction, which is really easy to identify, provided both coins are from the same source.
I’d argue the stastical risk of establishing a trace thanks to a serie of churns is extremely unlikely. Nobody will churn 6+ times anyways, and the advantages of churning far outweighs the ones of not churning.
Sadly, they also don’t state anything about how that “MAP Decoder Attack” works. After searching, it’s pretty interesting, and we come onto the pretty well known issue that decoy distribution isn’t perfect.
FCMP will fix this. In the meantime, please churn for any sensitive transaction. Either method (2 wallets or classic churning) works and the effects are always good, even if other mistakes are made (except if sweeping all).
I have to say I haven’t really checked much of Rucknium’s work, but it’s pretty damn precise. Guy knows what he’s talking about. Our next big threat will be malicious remote nodes, like he said!