$93.96 0.70%
XMR · 3w

Estimating Anonymity Set Size

Is there any way to at least estimate what kind of anonymity set a user would have after churning Monero X times assuming the anonymity set of each individual transaction is the ringsize (i.e. there are no major flaws that would give an attacker any ideas about which inputs are decoys)? The adversary I'm thinking about in this case would be someone looking at a future transaction (say, a cash out to an exchange to convert Monero to fiat) and attempting to correlate that transaction to the earlier transaction where the same user converted fiat/another cryptocoin to Monero at an exchange. So basically an E-A-E attack. Intuitively, it would seem like if you waited a reasonable amount of time between transactions the anonymity set would be ringsize\^(number of churns), as each transaction has (ringsize) inputs and by the time you started your next churn each decoy has likely been used at least once giving another (ringsize) decoys for each decoy you used, and by the time you churn again each of those decoys has likely been used again giving another (ringsize) decoys per decoy etc, but the anonymity set in that case grows well beyond the total number of transactions on the entire blockchain with just a few churns so that can't be right.
Go to self.Monero
Recent news