mczarnek posted this 9 years ago
So, this is purely theoretical, let's say that you wanted to blacklist a coin, you know a past state of the coin before it's been mixed and sent to a new account.
Is this possible? I realize requires programming changes, I just don't fully understand the algorithm and am trying to figure it out. I'm imagine an asset that could ride along a similar system and wondering how it would work.. there are reasons you'd want it in that scenario.
Basically I know that account A, whose public key is known, has a coin in it. The account holder passes it on a few times, including a couple of ring signature anonymizations, then wants to disable it so it can no longer be passed on.
Is it possible or does the anonymization unlink it from the original account?
Could you maybe state your use case a different way? What are you trying to accomplish? Is the "account holder" passing it on to himself or others? If to others, he loses control of the coins immediately and can do nothing more with them.
On the other hand, if you want to "disable", as in permanently, i.e., burn, we can do this easily.
Once you send the coin, your private key to it can't control any outputs created that had this coin as input. It's not a coin that moves around, it's a coin that gets deactivated (for the purposes of spending) when it is spent (but the rest of the network does not know that if it was spent with mixin > 0 and the others in the ring signature aren't also known spent). So you can't "follow" that coin, since it stops when spent. Whether you can follow each new coin depends on whether they use ring signatures when spent, too. If they do, you don't know if/when they're spent, only when they could possibly have been spent. Moreover, since every output (and paid amounts typically consist of many of them since they're split into denominations first) goes to a separarate address (which can not be linked to the standard address except if you have the matching view private key), you don't know which outputs are change and which are not, for later transactions which might or might not have spent an output created in the original transaction.