Joinmarket is a P2P market-based coinjoin protocol and implementation that has typically attracted more advanced and technical users.
It differs from other coinjoin protocols because it doesn’t have a centralized individual entity coordinator, but rather two user roles in a P2P (peer-to-peer) environment: makers (who provide liquidity for a fee) and takers (who pay a fee for liquidity and coordinate the coinjoin transaction). Any user can be a maker or a taker.
The main drawback of Joinmarket is the poor user experience, and Jam aims to solve this.
The easiest way to use Jam is to install it as a package on various node systems such as Umbrel, Citadel, Start9, Raspiblitz, MyNode, and Raspibolt. You can also install it manually (through the terminal) with a docker image that packages it with Joinmarket and other required software, or just barebones.
Upon setup, you will be presented with a cheat sheet that lays out the 5 steps to using Jam: fund your wallet, send a (coinjoin) collaborative transaction to another Jar (explained below), optionally lock funds in a fidelity bond (explained below), earn sats by providing liquidity, schedule sweep transactions to empty your wallet. There are four tabs: Fund, Send, Earn, and Sweep.
In the Fund tab, you will need to select a Jar to fund your wallet. A Jar is a container that holds your bitcoin. Jars exist to segregate your coins into multiple buckets that are disconnected from each other, which aids privacy. They work like subaccounts for your wallet. To avoid compromising your privacy, you can only spend from one Jar at a time.
Coinjoin transactions occur when you spend bitcoin on the Send or Sweep tab, but you can also make self-spends by moving coins from one Jar to another. Coinjoins are on by default when you spend, but can be turned off. The recommended number of participants is between 8 and 10, but an advanced user can set this to a different value.
On the 'Earn' tab, you can choose to provide liquidity to the market (to be a maker), and you can customize your offer by setting either an absolute fee (a fixed amount) or a relative fee (%). You can also set up a fidelity bond, which the Jam docs define as a “long-term deposit that makes cryptographic identities deliberately costly. By cryptographically locking up funds for a specific duration, you signal that you are a serious market participant and increase the chance of your offers being taken.”
Your offers created on the Earn tab will appear in the Joinmarket order book. When other users go to Send or Sweep and choose to do a collaborative transaction, the software may automatically select your maker offer if it's competitive enough on fees and liquidity.
Finally, the Sweep tab allows you to completely empty your Jam wallet by spending all coins in all Jars. To avoid compromising your privacy, the sweep process is a series of many (9 seems to be the default) coinjoin transactions, one after the other, using random amounts and time intervals. The number of transactions may seem excessive, but this feature is still experimental. You can stop the sweep at any time.
There can be anywhere from 4 (theoretically as low as one) to 20 (10 is the maximum recommended to avoid problems) makers per transaction, but there can only be 1 taker at a time. Maker fees create economic incentives that attract liquidity and allow equilibrium to occur.
Percentage fees are variable, but they increase with increasing liquidity, with most high liquidity (+1BTC) orders being around 0.001%. Order sizes range from 0.001 BTC to 240 BTC, but there is no minimum or maximum protocol size.
Jam significantly improves the user experience by abstracting away the complexity of Joinmarket.
Joinmarket is the most censorship-resistant coinjoin on the market due to the competitive nature of a peer-to-peer free market with many takers and makers. There is no single coordinator in Joinmarket, but each round has a central coordinator (the taker).
You can get paid to gain privacy as a maker on the Earn tab. Also, a taker can pay low fees: as little as 0.05% to be part of 5 transactions with 10 participants each. Fees can be considerably lower than on other coinjoin protocols.
Amounts are very flexible on Jam (Joinmarket), you can enter a coinjoin transaction with as little as 27,300 satoshis (makes it accessible), and there’s no maximum amount.
Tor is enabled (by default) for the bitcoin network and coinjoin peer communication. Bitcoin network privacy is solved by forcing a user to run Bitcoin Core and connect it to Joinmarket (Jam). This process can be abstracted away if you have one of the node systems mentioned above.
Joinmarket (Jam) uses fidelity bonds to protect against sybil attacks. It creates a reputation system where makers who lock larger amounts of BTC over longer periods of time are considered more trustworthy.
Ring signatures are used by takers to anonymously prove ownership of UTXOs to makers, before entering into an agreement. This allows makers to collectively identify potential attackers and prevent takers from harming other makers.
According to the Github release page, '⚠️ Jam is considered beta software. ⚠️ While JoinMarket is tried and tested, Jam is new and things might break. Use with caution.' It is the only privacy wallet with a coinjoin feature (on coinjoins.org) that is not production ready.
Jam is not easy to install if you don't have a node system like the ones mentioned above, it requires technical skills. If a user doesn't buy the pre-built node systems, it also requires technical skills to DIY (do it yourself).
There is no concept of anonymity set / score on Joinmarket (Jam), and there is no difference between non-private and private UTXOs, except for the division of coins in Jars.
The lack of a centralized coordinator server run by an organization limits the amount of anonymity set / score a user can gain per transaction (compared to Wasabi 2.0), resulting in a longer process for a complete coinjoin experience.
Toxic change is present in Joinmarket (Jam) collaborative transactions, leading to higher coinjoin inefficiency.
Taker coordinator is completely unblinded, does not use any kind of zero-knowledge method or Tor identity update, which leads to takers being fully aware of their peers' input and output linkages.
Sybil attacks remain possible since mining fees for remixes are paid by the attack victims instead of the attacker, if the fidelity bond opportunity cost can be written off by the attacker.
If you have any comments or suggestions, please reach out to coinjoins@protonmail.com or open an issue on the GitHub repository. Thank you!