From ee7cacaf90a7beb7d95d98a9a3a4f1095b6334b1 Mon Sep 17 00:00:00 2001 From: Dan Gould Date: Sat, 21 Aug 2021 22:25:52 -0400 Subject: [PATCH] fix incomplete sentance --- main.tex | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/main.tex b/main.tex index 844db6b..7e452d9 100644 --- a/main.tex +++ b/main.tex @@ -764,7 +764,7 @@ \subsubsection{Active attacks}\label{sec:active} Similarly the coordinator may delay information such as the set of ownership proofs or the final unsigned transaction. In the case of the latter, this can be used to learn about links between inputs. This is because a signature can only be made after the details of the transaction are known. If the unsigned was only known to one user but multiple inputs have provided signatures, it follows that those inputs are owned by the same user. -Since the coordinator must trusted with regards to denial of service a more practical variant of this attack would involve more subtle delays followed by sabotaging multiple successive rounds during the signing phase in order to learn of correlations between registrations while maintaining deniability. +Since the coordinator must be trusted with regards to denial of service a more practical variant of this attack would involve more subtle delays followed by sabotaging multiple successive rounds during the signing phase in order to learn of correlations between registrations while maintaining deniability. More generally denial of service can amplify attacks on unlinkability, as it can be used to perform intersection attacks. The coordinator always learns the requested inputs and outputs, even if a round fails, and is able to partition users. A malicious participant will also learn all the input and output registrations if they wait until the signing phase to defect\footnote{If \texttt{SIGHASH\_ANYONECANPAY} is set in the signature flags the full set of inputs could be kept known only to the coordinator until all signatures have been provided.}.