Hello Zooko-Wilcox. Yw. Thx for reading. I had a thread on your Zcash forum bookmarked and was intending to alert you there, but I’ve been so busy past days.

Btw, I’m going to want to talk to y’all about implementing your technology on my upcoming Hypermesh. I will contact you as my project nears the juncture where I want to implement the anonymity technology. I need a cryptographer. I am not.

I'd like to see a more rigorous analysis of what exactly the requirements are for safety of schemes like the one Monero currently uses, under adversarial conditions.

I would also.

Monero transactions would accidentally choose your transactions as decoys, thinking that they were getting privacy that way, but actually since those are your transactions, it doesn't provide any privacy from you. Right?

That is the gist of it, and the prior Monero Research Labs report (MNL-001) only considered the case where the decoys were not being continuously populated. I discussed that in more detail in the comments section of this blog.

P.S. there was some discussion (also archived here) of this comment.