How Private is CashFusion in Practice?

At one time, I was wrestling with the question of whether coin-mixing privacy protocols were “good enough” in practice that they would make more privacy-focused coins irrelevant. Privacy is never absolutely perfect. If mixing was good enough for 99% of people 99% of the time, would they ever bother accepting the UX trade-offs of something like Monero?

In the spirit of Crypto for Conservatives, I decided to do some real-world testing instead of just guessing. One good experiment is worth a pound of theory.

I did some CashFusion transactions on a BCH wallet, then I put up a challenge on the Monero subreddit. I offered to give $20 worth of Monero to anyone who could trace my transaction history. I knew the Monero community would want to prove how useful the privacy features of Monero really are and would rise to the challenge. I was right. Loads of people jumped right in. I didn’t tell them that I had used CashFusion. I honestly didn’t think anyone would be able to trace my transactions. I figured I would eventually tell them “don’t feel bad for not finding the answer, I was using CashFusion” and then I would send out small tips to the people who tried, just to be a good sport.

But I was wrong. Within a few hours, someone had examined the transaction graph and had figured out some of my transaction history. Good for them, they won the money.

What did I learn from this? CashFusion is a neat idea, but it’s not very effective unless most of the people you do business with are also using it. If you spend money with merchants who are not very good with their privacy practices, you leak an awful lot of metadata that can be used to disentagle your fusions. In short, CashFusion (and really all mixing protocols) really depend on an extremely high level of voluntary participation, which is just not happening in practice today.

The key reason Monero works so much better in comparison is because all transactions are private by default. Everyone using that chain is part of your anonymity set. Bitcoin Cash has plenty of advantages. I hold some. But the fact remains that if you need to be private today, Monero is definitely the tool for the job.

You see the full challenge on Reddit here: https://www.reddit.com/r/Monero/comments/q1mkfa/realworld_test_ill_give_you_20_of_xmr_if_you_can/