Fungibility Fun!

I’m creating this thread as a place to post links to discussions, articles, videos, or basically anything related to the fungibility property of money.

Of particular interest are examples where fungibility is already breaking down in bitcoin and related cryptocurrencies and causing problems for people now.

The general goal of the thread is to bring wider awareness of the importance of fungibility, and also to keep up to date with the arms race between companies creating blacklists and developers of privacy coins such as monero, zcash, etc.

Lets keep this topic focused on links to external resources. Please create other thread(s) for discussion.


I saw this discussion on hackernews yesterday showing that merchant(s) are starting to understand the fungibility problems inherent with btc history and blacklists, and that it is a real problem now.


Lightning network seems an improvement on bitcoin’s fungibility and privacy due to off-chain transactions, but it appears to have some weakness.

But according to two academic papers published in March and April, relatively straightforward cyberattacks could unearth balances on the Lightning Network. Authors of the March paper also unraveled pathways and parties of hidden payments.

Piecing together changes in balances learned from the first two attacks, the third attack constructed snapshots of the Lightning Network at different time intervals to detect payment movements and their senders, recipients and amounts.


Bitcoin optech has some good info about output linking

From their most recent email they point out how a Pay-To-Tap-Root (P2TR) output making a transaction to two new outputs, a P2TR and non-P2TR, the new P2TR output is most likely to be the change address, which makes it simpler to track coins than if both outputs were the same type.

Might also be good to move this out of Related Projects since that topic is hidden from the front page for anyone not logged in and it’s a great topic that shouldn’t be hidden.


What is fungibility?

Jimmy Song quickly lays out what Fungibility is and discusses the problems with current crypto. Video from 2018.


The solution is interesting though
“For strong and good privacy, cryptographic solutions such as zero-knowledge proofs and confidential transactions are needed,”


Aztec is using a ZK ZK Rollup (not a typo) to help Ethereum users transact privately, which relates directly to fungibility.

1 Like

Aztec is built on PLONK, the new superfast standard in universal SNARK technology — created by our world-class cryptography team

Dr. Suess would be proud! lol … It, as well as many other crypto projects, certainly have interesting approaches and tech … but the terminology, sometimes makes me chuck a brain sprocket or two.

1 Like

I wonder, is there any argument for how effective additive tech to help with the fungibility of a coin or token is as opposed to base layer fungibility?

Can additive tech be banned? Is base layer banned just as easily? Or is the cat entirely out of the bag and both options effective?


It seems to me that there is an extra cost involved in fees or computation. SN DBC’s should have a clear advantage in the fungibility department. But I’m just intuiting here and have a bias.


Anything can be banned. Mass adoption by politicians will help limit the calls for a ban.

1 Like

I’m curious about the idea that governments can really blacklist bitcoin (as the best example) wallets/coins in the long run.

Assuming they track “bad” coins through the network, these will be split and spread, much like a virus … and we’ve seen how effective government is at containing a virus - something that people themselves don’t want to spread … but money, people do actively work to spread/trade it.

It seems to me, that even if they can track it all - and I assume they will be able to do so, it won’t take too much time before only the protected wallets are clean … which really would drive black markets in earnest - where the vast majority of trade would eventually take place.

Innovation occurs in free markets, not closed ones as closed markets don’t have to innovate - they have trapped users. So eventually all innovation would go to the black markets … and thus eventually all trade would flow there too.

I don’t want to discount the power of DBC’s here though as I reckon many black markets will come to exist on SN due to it’s inherent security. But I’m thinking that the fungibility solution offered by DBC’s isn’t perhaps that BIG of an issue longer term.

All just speculation of course and the more pluses we have for SN the better.


This makes me think about how traces of cocaine can be found in almost any accumulation of hard dollars, even if in minuscule amounts (much like the illicit bitcoin dust considered here). After a while, it’s not about whether any transaction has some fragment of “illicit” bitcoin as part of it, but who wishes to-can make an issue of the fact.


It’s something I debate a wee bit too, but seems in bitcoin that coinbase has a black BTC list and if it’s in an ancestor of your current UXTO then it seems they can do this insane thing of tainting your whole wallet. I am still not certain this is possible as it would take just a few transactions to traint every wallet.

If this were the case then I would see bad guys getting tainted coins and send as much dust to every known address and exchange thereby shuttering all bitcoin wallets, or at least the vast majority.

However, in these days, absolutely nothing surprises me. Logic and fairness are now only in books of fiction and found nowhere else. I find this tainting all decendants of a transaction incredible, especially when you cannot tell which part of which “coins” went to which ancestors etc. As I say though, nothing, absolutely nothing surprises me.

It’s like going into a shop and then your bank account is frozen as it was discovered some counterfeit cash was in that shop at some time in history (even though they cannot tell how much you spent or how much change you got). So every person to have used that shop now has no money, it’s all tainted.


The big players (e.g., gov and financial institutions) use “money laundering” a the reason to crack down on individual use of cash/crypto, etc., though they are the biggest, most unaccountable launderers. So SNT and DBC are vital to level the playing field. The “big players” can’t be big players without cheating everyone else.


Seems you are describing a dust attack in which the dust is proceeds from blacklisted address(es). I don’t think I’ve heard of that specific thing happening yet, but it certainly could and probably will.

edit: there certainly have been numerous btc dust attacks, sometimes prolonged. Some could have been from blacklisted sources… hard to know! I just haven’t heard about exchanges freezing funds because of it.

Unfortunately users don’t have complete control over the payments they receive. In a dust attack, an attacker sends small amounts of bitcoin to addresses that have already appeared on the block chain, producing address reuse even for conscientiousness users who tried to avoid it.

One mitigating factor is that such dust is very small. Any reasonable exchange could/should have a filter to weed out dust. So eg if you try to deposit $500 from a “bad” input, the funds get frozen, but if the “bad” input only contributes $.000002, then it would be ignored. So that might be why it hasn’t become an issue (to my knowledge).


Excellent analogy and great point.

1 Like

Yeah, this is a good ingredient/candidate for the great crypto crash of 2023.


The great crypto swap of 2023 BTC+ETH → SNT !!! :grin:


Tangentially related to this thread… The FBI just arrested somebody attempting to sell classified secrets. The seller was only willing to accept Monero. The seller was apprehended despite using a fungible/private token. Just as crimes can still be solved when cash is used. Seller reportedly stated:

I will give you a monero address … I am very aware of the risks of blockchain analysis of bitcoin and other cryptocurrencies, and believe monero gives both of us excellent deniability.