Yes, the wording is too strong. You SHOULD get familiar with the traditional RFC SHOULD/MUST etc keywords btw. They're really beneficial to know as they are often used and a lot of things are much clearer if you read some things with this background knowledge. Thank you @pavolrusnak for pointing this out.
AFAIK many of the P2PK addresses are thought to be his. But only a few that can be said with confidence to belong to him. However there are a bunch of research and research-ish blog posts/comments are dealing with this topic.
Wasabi counts it as linear, Samourai counts it as exponential. Wasabi tries to consider the worst case and Samourai considers the theoretical case. The theoretical case is pretty straightforward.
Even if the 50UTXO would be submitted to the same round, it’d still count as one participant. There’s no difference in regards to privacy of the rest of the participants between if someone participates with 1UTXO of 10BTC or 10UTXO of 1BTC.
Users pay for linear anonset growth while it’s closer to exponential with remixing. This and a host of other examples make the anonset calculation, the network fee and coordinator fee distribution imperfect. This address reuse is also an example, but compared to everything else its weight is insignificant.
So refuse output, wait until signing figures out which input corresponds to that registered output and ban that input.
Think about what you achieve with this. In this case you remove the bad egg from the round and make the coinjoin with everyone else. What if you keep the bad egg and make the coinjoin with it? It does not make a difference in terms…
How? If I refuse address reuse then I DoS the round. At input registration, where it’s safe to refuse registrations without DoS-ing the outputs are blinded, they’ll be only revealed at output registration, at which point it’s too late to refuse, because we don’t know which inputs to remove from the round, because we don’t know the links.
So what does whirlpool do?
You are right. It can be both ways and we really don’t know what Satoshi was thinking.
Anyhow, this old article of mine is not very informative, just analyzing an already forgotten debate, so I decided to unlist it to not waste the time of my readers.
I am planning to do that now. In the past I tried to avoid technical discussions, because I have seen what happened to those who dared to do so, but it cannot continue forever.
> I feel extremely uncomfortable about Samourai. They have been consistently misleading about their privacy properties, have many purely pre-textual…