Hi all,
In the Monero Research Lab paper MRL-0004 it says:
The easiest way to obfuscate ownership of the funds from eavesdropping by Eve
during a combinatorial attack would be for Bob to simply send outputs owned by
himself to himself separately every few random periods of time. This skews the
blockchain analysis performed by Eve in Section 3.3 and, in fact, in Section 3.1. In
this section, we merely specify that no user resend all of her outputs to herself at
the same time. Furthermore, any receiver of funds, by contrast, should request that
the sender break the transaction up into pieces in a torrent and send the required
amount over a period of time . This way, if Eve is anticipating a certain transaction
amount within a certain window of time, she can not readily ascertain if some
combination of outputs from all transactions in a given block might correspond to
the exact amount which she expects the recipient to be sent.
By re-sending transactions to oneself iteratively over intervals of time with random
length, and by breaking all transactions (including a resend transaction) into
multiple smaller transactions, also sent over an interval of time, we dramatically
weaken the ability for an eavesdropper to glean information from the blockchain
based solely on block height. Notice that this recommendation is a wallet-level recommendation,
not a protocol-level recommendation.
this sounds good, but things that are not clear to me:
- Do i send the funds from one account i own to a seperate account or should i use the same account?
- if i use the same account, how can i be sure i've spent all outputs once?
an ELI5 style "best practice" would be really cool.
btw. i can feel the increased usabillity of the forum, good job, starts to get fun like this!