Do CoinJoin Mixes Really Require Equal Transaction Amounts for Privacy? Part Two: Knapsack

Although Satoshi Nakamoto’s white paper suggests that privacy was a design goal of the Bitcoin protocol, blockchain analysis can often break users’ privacy. This is a problem. Bitcoin users might not necessarily want the world to know where they spend their money, what they earn or how much they own, while businesses may not want to leak transaction details to competitors — to name some examples.But there are solutions to regain privacy, like CoinJoin. Some of the most popular mixing solutions available today use this trick, including Wasabi Wallet (which leverages ZeroLink) and Samourai Wallet (which leverages Whirlpool). In both cases, users chop their coins into equal amounts to mix them with each other. Using equal amounts is considered a crucial step for the mix to be effective.Part one of this miniseries covered a new mixing protocol in development for Bitcoin Cash called CashFusion, which challenges the assumption that equal amounts are necessary for a successful mix.But even in 2017, in a paper analyzing the privacy of non-equal amount CoinJoins in depth, researchers from RWTH Aachen University and Karlsruhe Institute of Technology proposed a solution to gain privacy through CoinJoin without the need to use equal amounts: knapsack mixing.Author’s note: If you do not know what a CoinJoin transaction is or why equal amounts are assumed necessary for mixing, you should first read part one of this miniseries — or at least read the first two sections of that article.Mixing Versus PayingAs explained in part one of this miniseries, equal-amount bitcoin mixing probably offers the best achievable privacy on the Bitcoin blockchain today. But it does leave users with unequal-change outputs. These don’t offer the same level of privacy and could even be a privacy risk. CashFusion could help deal with these unequal outputs.But there’s another problem. The requirement to use equal amounts prevents users from making actual payments through CoinJoin transactions: It’s unlik...
