[swensel]

Why Monero specifically though, with all the options in crypto available?

If you want privacy there are also Zcash shielded transactions. Or if all you want to do is eliminate central parties then why not just Bitcoin?

My understanding with Monero is if you don't run your own node there's not that much privacy guarantee anyway (otherwise you have to trust the third party node you point to). Someone please correct me if I'm mistaken about that.

[xvector]

Monero is much more private than Zcash.

The issue with Zcash shielded transactions is that something like 14% of transactions are shielded, but only 1% are truly private. Optionally shielded transactions make chain analysis much easier and immediately make said transaction suspect. So you cannot comfortably use Zcash for private transactions. See the report by Chainalysis [1]:

> 14% of the ZCash transactions use a so-called "shielded pool", but in only 6% of all cases both the sender, recipient and the number of transactions are fully encrypted. The report states: “So even if the concealment on Zcash is stronger due to the zk-SNARK encryption, Chainalysis can still provide the transaction value and at least one address for over 99% of the ZEC activities.”

Clearly, optional privacy is not privacy at all. It needs to be on by default, which is the philosophy behind Monero.

Re. Monero nodes - if you’re using a remote node you can just use Tor, which I believe is soon to be baked in by default. Otherwise, Monero is still quite private. Your transaction history, transaction amounts etc are not revealed to nodes. Some metadata like restore height is, but that’s not a big deal.

[1]: https://www.kryptokumpel.de/en/kryptowaehrungen/chainalysis-...

[Wistar]

"IRS offered $625,000 bounty to anyone who could 'crack' Monero; no one succeeded"

https://news.ycombinator.com/item?id=25752042

[R0b0t1]

You can analyze the dust spend in transactions to deanonymize Monero users. You need to be processing a lot of transactions to do this, or have the ability to spy on the processing of a lot of transactions.

[reedjosh]

Even if someone could _see_ the transaction and identify the user behind the wallets, at least a crypto still prevents fund holding and transaction blocking.

[R0b0t1]

Putting someone in jail is effectively fund holding and transaction blocking.

[reedjosh]

Jailing people would generate backlash far quicker than transaction blocking and fund holding. As a tool of control it can't be used as liberally, so I'd still argue crypto is a net benefit here.

I'm not saying privacy isn't great, just that even without it, crypto is still useful. Privacy is absolutely an amazing force for freedom.

[nootropicat]

>Clearly, optional privacy is not privacy at all.

This is a marketing term without actual meaning. There's a system with some anonymity. Then there's the external world. There's no 'optional' anonymity. The error lies in incorrectly comparing monero to zcash as a whole, instead of shielded transactions themselves. Names themselves are irrelevant. Depositing xmr to an exchange is equivalent to withdrawing from the anonymity pool.

From the design perspective, the mixin model is vulnerable to an active adversary that has spent output data from exchanges and spams the chain to generate recent known outputs when the target makes transactions. Full zk-snark anonymity is fully resistant to this.

A problem of both xmr and zcash is that they have no other use than anonymity, making it easier to ban and impractical for larger amounts and forcing commerce to hedge price risk, generating deanonymizing metadata. For actual commerce anonymous dollar is the ideal, for as long as dollar remains the main unit of account in the world.

https://zk.money supports dai, although it's still in alpha with a limit of $1000 per external deposit.

https://aztec.network/index.html

[reedjosh]

Arrr or Pirate is Zcash, but with always on privacy BTW. I like it a lot, but it's relatively new.

Also, the ZKSnark method that provides the privacy requires that the devs threw away their initial PKs. If you trust they did, then it's a great option.

[Wistar]

I think VRSC is similar to ARRR and Pirate.