Recently we've seen several articles on CashFusion. In this article, I'm going to try and explain how this new tool can enable better privacy for those of you who are non-technical like myself.
Let's start by looking at how Bitcoin Cash transactions work in general. Here's a simple transaction I recently made:
What you're seeing here is a transaction where I upvoted one of my own articles by generating an anonymous one-time QR code. The upvote is being sent to the address ending in "4ak" and the change is being returned to my wallet in the address ending in "gva". (Keep in mind this was done while I wasn't logged into read.cash. If you generate the one-time QR code while logged in, all funds go directly to read.cash, which they clearly state above the button itself)
If we click on the "4ak" address, you will see this transaction next:
As you can see above, the .00014378 BCH is now being split between two addresses. 10% is being sent to the address ending in "tk2" and 90% to the address ending in "fp4".
Knowing that all read.cash upvotes result in 90% of the funds going to the content creator and 10% to read.cash (we'll ignore affiliate fees), then it's easy to deduce that my read.cash wallet address is the one ending in "fp4" and the read.cash address is the one ending in "tk2".
Anyone can then go into a blockchain explorer and see how much BCH those addresses have sent and received.
So above is my read.cash address. At first glance you might think to yourself, wow Cain has made over 5.5 BCH through read.cash. But no, that's not how this works. For example, take a look at the below transaction where I upvoted someone else's article on read.cash:
On the left what you see are five UTXOs (unspent transaction outputs) that I've collected from different people upvoting my posts. On the right you'll see .00030259 BCH being sent to read.cash (10%) and .00272331 BCH (90%) being sent to the person whose article I've upvoted. The remaining .03337606 BCH is being returned to my address as change. The point is, simply looking at how much BCH my address has received is not a good indicator of how much I earned, as the vast majority of the received amounts are from getting back my own "change" after making a payment.
So now that you better understand how transactions work, let's talk about privacy. You will often hear people refer to bitcoin as a pseudonymous system. In case you're not sure what that means, think of an author that publishes something anonymously versus someone using a pseudonym. For example, back in the 90's someone published the book "Primary Colors: A Novel of Politics" anonymously. Last year, the book "A Warning" was also published anonymously. As both books were written by someone who wanted to remain anonymous, there was nothing to suggest these two books were written by the same person. The definition of the word anonymous is unknown, not named or identified. In contrast, when you publish something using a pseudonym, what you're doing is using a false name, and anything published using that false name can be connected to each other. For example, Stephen King published several books such as The Running Man and The Long Walk under the pseudonym of Richard Bachman. He did this because there was a time when he didn't want to oversaturate the market with too many Stephen King books, so he created an entirely new brand using a pseudonym. But once that pseudonym became linked to King, you could now link every book published under the Bachman name to him as well. Had he published each Bachman book anonymously, this wouldn't have been possible.
So how does this apply to Bitcoin Cash?
As stated, Bitcoin Cash is pseudonymous in that when you transact using Bitcoin Cash, you're essentially using a "false name", aka your public address. By comparison, when you use your credit or debit card, you're transacting using your real name written right there on the cards themselves and linked to the accounts you hold with those financial institutions. On the other end of the spectrum, when you use cash, that would be an anonymous transaction since there isn't a way for the person receiving the funds to know who you are or to connect those funds with any other transaction you've made. Bitcoin Cash transactions fall somewhere in the middle. When you transact using BCH, all you give up is a public address, aka your "false name", but any BCH sent from, or received by, that particular address can now be connected to the owner of that address (some argue an address can't be owned, but we'll leave that for a separate discussion).
Since "bitcoincash:qz3w5rmscdp8azgpvkmnud6fswfsrvdsdvtxd0yfp4" is now linked to me, I've pretty much given up my privacy as it relates to this address. For example, let's say I walked into a restaurant and paid using my read.cash wallet. If the merchant happened to know who I was, they could now link my real identity to my read.cash account. So how do you fix this? How can I spend my read.cash funds without giving up my privacy? This is where CashFusion comes into play.
Before I continue, I should let you know that I don't keep all my read.cash funds in my read.cash wallet. It's recommended that anyone that uses this site should transfer their funds to a more secure wallet whenever it reaches a threshold of your choosing. This is because it's a lot easier to hack into your read.cash account using your login than it is say a cold storage wallet. Below you'll see part of a transaction where I'm sending a bunch of my read.cash UTXOs to a new address I control:
Now I could pretend I sent those funds to another person or merchant, and this new address ending in "saq" doesn't belong to me, but the point is that it's still easy to see where the funds originated from. When the BCH in the "saq" address is spent, there is only one degree of separation between that transaction and myself. But what if I sent the "saq" funds to my electron cash wallet and enable CashFusion? Click the link below to check out a CashFusion transaction (a screenshot wouldn't do it justice):
https://explorer.bitcoin.com/bch/tx/f7826a04468c0381ca967bde4ee051ec48076093f264945896537937daefd368
What you're going to see is a transaction with 53 inputs and 79 outputs. Had I sent the "saq" funds directly to be "fused", it would be a simple matter of typing that address in the search field, but I actually added one more transaction in between, so it's not as easy.
Now let's say I use one of the outputs from my CashFusion transaction and pay for a meal with .1 BCH. Here's the transaction:
If the merchant was curious who I was, they could input the address ending in "wce" into a blockchain explorer and try and connect me to any known addresses, but where they're going to end up is that CashFusion transaction, and my funds could have come from any of the input addresses that had at least .1 BCH to start with. Good luck trying to figure out which one it is. If my transaction had been for .01 BCH, it would make their job even harder.
Since my read.cash address is known, it wouldn't be hard for you to trace the funds starting from my read.cash address all the way through the fusion and finally to the .1 BCH tx above. But if I happened to buy something online with BCH using that same .1 BCH above, and you didn't have any reason to suspect it was me, it would take a ton of work just to find out that maybe it was me, but maybe it wasn't.
Good luck trying to prove it one way or the other, and that's how you maintain your privacy with CashFusion.
Thanks for reading.
P.S. In case you're asking yourself what about CashShuffle? My understanding is CashFusion is the next evolution of CashShuffle and provides even greater privacy than its predecessor. Whereas CashShuffle requires all participants to start with the same amount of BCH to be shuffled, this is not the case with CashFusion, which is still in alpha testing but could soon replace CashShuffle altogether. If you're interested in learning more, or trying it out yourself, here are some helpful links to get you started:
Testing Instructions - https://read.cash/@sploit/become-a-cashfusion-tester-eb304ef4
More technical explanation - https://read.cash/@Read.Cash/cashfusion-on-bitcoin-cash-what-it-is-and-lets-try-to-crack-it-d626b8e3
On the combinatoric math behind CashFusion - https://read.cash/@jonald_fyookball/analyzing-the-combinatoric-math-in-cashfusion-146581f9
More math - https://read.cash/@jonald_fyookball/more-cashfusion-math-0f8781b2
was this on mainnet? i thought "shnorr" wasn't possible until after the 5/15 hard-fork .. anyway, can't wait for fusion to go mainstream, there's a few "nsfw" services i've been waiting to subscribe to