Today bitcoin.com release an article titled Over 67,000 Fusions: Cashfusion Participants Have Fused Billions of Dollars in Bitcoin Cash that got caught my eye. I think it was partly because I just had read Edward Snowdens tweets regarding bitcoins lack of privacy that got me thinking about the level of fungibility within BCH. 67k fusions is awesome but in the grand scheme of things, and considering that most users surely do multiple fuses for each coin, it is far from a state where Bitcoin Cash could be called a privacy coin.
Ever since the inception of CashFusion in the Electron Cash desktop wallet and the tremendous work done by Mark Lundeberg, Jonald Fyookball and Calin Culianu it has been seen as the solution to get a decent degree of fungibility for our beloved coins. CashFusion itself is built on top of the current BCH protocol and did not require any form of network upgrade to researched, developed and released which helped a lot since no toxic discussions around consensus upgrades needed to take place.
One downside is that CashFusion, and similar CoinJoin protocols such as the predecessor CashShuffle, is a optional add-on. This means a user, or at least his or her wallet, has to explicitly take additional actions for a coin to get a more obfuscated history than it otherwise would in a base protocol where it's strictly mandatory to take these actions. This means that the anonymity set in Bitcoin Cash can only be as big as the number of users and transactions that participates in these CashFusion rounds. So for CashFusion to be effective it needs to be well used by a big share of the Bitcoin Cash participants.
Putting aside the theoretical and mathematical attacks to the protocol as such and whether or not transactions can be de-anonymized by chain analysis, that might be some article from someone else, I feel that the biggest issue is the size of the anonymity set. Too few users are fusing their coins!
The crux of the issue is in my opinion the fact that there is virtually no way for a normal user to casually participate in CashFusion. As I stated above, it's implemented in the desktop version of Electron Cash which for all intents and purposes is nerd wallet. It's almost a play ground for new features where User eXperience and ease of has to stand back for flexibility and feature richness. The people we all hope to target with Bitcoin Cash as a medium of exchange, money for the world and bank the unbanked and so on, should in all honesty really not have to boot up the Qt interface on their computers and import seed phrases from their wallets on their smartphones. Normal people don't use desktops these days, so if it's not on a phone it's crap.
This brings me to my main question: Why hasn't CashFusion been implemented in any mobile wallet yet? I'm not trying to criticize anyone in particular here since no one needs to do it. I sure haven't done it myself so I am in no position to point fingers but I am a little baffled that someone else haven't done it. It's getting more and more cringe worthy when random (more or less well known) people boast about the tremendous privacy of BCH because of the wonders of CashFusion and we all know how unavailable the actual user environment is.
Last year 1000s of BCH has been pledged and donated for development of various Bitcoin Cash related software and still I haven't seen one person seek funding for doing the obvious work of implementing this flagship feature in a product that most people could actually use. Why is that? I believe that the main reasons are the technical challenge and some that I have heard whispers about are (in no specific order):
The protocol is poorly specified.
The protocol is very complex.
Using a TOR socket (mandated by the protocol) on a mobile phone is hard
Keeping a background network connection running for a long time is hard
I encourage developers from all around the space to edit this list above. Add bullets, remove bullets, clarify points and find workarounds. The list above is probably inaccurate and I would love for people to fix it. I want a discussion to take place so we all know the feasibility and challenges going forward. What are the commercial actors views on this? Have they reached any conclusions that might be good to share with the broader community? Has any of the open source projects any specific need for funding to implement this? What's the hold up?
If CashFusion for some reason is impossible to do with a reasonable UX on a standard Android and/or iOS phone I think we should take a breather and regroup. Is CashFusion really the solution to the fungibility problem? Is it really safe to use even though the anonymity set isn't really that big? Is there any other options? What does the solution space look like if we are able to take into consideration a consensus upgrade, i.e. a hard fork?
Excellent questions asked, Jonas. It would be nice to see that developed as a mobile app as you suggest. It would no doubt increase adoption.