Everybody is always saying to churn by sweeping the coin. Makes sense, works neatly to keep coins apart.
But my thinking is when sweeping your tx only has 1 output. As most transactions have at least a second output for change, doesn't this make a sweep tx look like a high probability churn in the blockchain?
All transactions have at least two, so transactions with change will have 3.
or
A second bogus output is added only if needed to shield 1 output transactions from standing out.
?
Right thanks.
I buy small amounts of XMR whenever I have to spare and have lots of inputs. What exactly is visible when aggregating those if different sub addresses were used for all? Is it smart churn all inputs individually one time first before aggregating?
I wouldn't assume the right strategy for inputs. To an outsider they are all indistinguishable, but the sender, an exchange for example, can mark operations (withdrawals) done with the same account and store that information. Every input has 16 potential members selected from the blockchain. But if tx has many inputs, and each input has among the ring one previously marked input associated with the same exchange account, it will be likely that tx was created by the person with that exchange account. If the person later will try to deposit this coins to another account of the exchange, probably exchange could link two account, at least as potentially linked. So input aggregation can give additional hints for EABE attack.
Probably, it is better to aggregate inputs earlier, before churning, and don't mix churned coins with unchurned. But Monero need more general improvements as FCMP/FCMP++.