When most of us think think about block-chain and crypto-currency, we think of moving money either from ourselves to someone else, or visa versa as a single transaction, after all this is how most simple transactions work; Abdul owes Lucy some value, he gives her what he owes and perhaps if the denomination isnt exact, Lucy returns some change to Abdul.

This kind of immediate, cash equivalent peer to peer transaction is what most of us imagine crypto to be all about, but I am beginning to believe this is entirely the wrong way to do things.

Privacy

One big problem with Bitcoin style block-chains is that Lucy now knows what Abduls balance is, she can see his original balance, she can see her payment and she can see any change that was returned to Abdul, even if that is on a change address. Lucy can now watch all of Abduls transactions in the future, and potentially the past and see where he has been spending. Of course Lucy can only see addresses where Abdul was spending, but perhaps if they are with large retailers and they are well known addresses then she can quickly see how Abdul lived his life.

Abdul could have more effectively protected himself, if all his funds were not on the address he used to pay Lucy. If every time Abdul receives funds in, they come into a different address in is wallet, then he will never reveal his total wealth, or his full spending pattern. If Abdul received a large amount, he could quite easlily obfuscate that through sending random amounts back to himself over a number of weeks.

However whoever sends money to Abdul, can see that eventually some of their coin ended up on Lucys address. That is of course unless Lucy and Abdul never use the same address twice, if every transaction is always to a new address, even for those large retailers, then it starts to become hard to see who is paying whom.

Is It Practical?

This is where it all tends to go wrong. Lets say HugeMart put their address on their website as the one for payments, and millions of people are all paying to HugeMart address this becomes very quickly well known and trackable, from a practicality perspective Lucys small business does the same, and for Abdul to get his salary he has one re-used address from his employer, how is this all going to work?

Knowing if an address is new or has received past payments is incredibly simple, if you have used any block-chain explorer, you can type in an address and quickly see history, so Abdul cant be duped into paying HugeMart or Lucy on a "tainted" address, he can demand a new one for each payment.

Lets say HugeMart send Abdul an email asking for payment, and they give him a different address, how does he know that isnt a phishing attack, how does he really know that is where HugeMart want payment?

Sign It!

In every Bitcoin style core wallet is a function called message signing and verification, most people dont even realise its there. What this feature does is allow you to prove you own a specific address, by creating a digital signature that only the owner of the private key associated to that address can create.

So HugeMart dont need to receive your payment to their public address on their website, they give you another address and in the message they send they sign with their public address. You now can be certain that the single use address HugeMart gave you is in fact where payment should be sent. You can also keep that record for a later date if there is any dispute.

Lets say Abdul owes HugeMart 10 coins. Abdul doesnt actually have to make a single payment, he could pay 1 coin from address A, 4 coins ffrom address B and 5 coins from address C. But how does HugeMart know those 3 payments are from Abdul, well he can sign messages proving such using his public address. For example if HugeMart give Abdul a specific phrase to use, perhaps "Abdul settles his partial debt of Invoice 12345", that only Abdul and HugeMart know, that can be used by Abdul to sign his proof of payments.

If you think about it, if Abduls friend owes him 5 coins, Abdul could instruct his friend to send 5 coins to HugeMart on his behalf, Abduls friend can sign the message for that transaction with "Abdul settles his partial debt of Invoice 12345", to show it was settling Abduls debt, but HugeMart would never know that wasnt actually Abdul. It then becomes very unclear who is paying what to whom. Moreso, HugeMart has staff and suppliers to pay, why not get Abdul and his friend to partially settle those debts directly, and cut HugeMart out altogether, except for their profit-margin (and save HugeMart some transaction fees)?
HugeMart asks Abdul to pay 0.5 to address P, 3.5 to address Q, 4 to address R and the balance to their address Z. Abdul calls in some of his various debts for partial payments and settles the balances himself.

NastyCorp Want To Spy On Me

So lets say NastyCorp send you some coin, they want to see where it goes. Even with the above, it could be feasible that associations could be made with enough small transactions sent out by NastyCorp. The way this attack tends to work is that they "taint" one of your addresses, and your wallet uses the funds sent by NastyCorp and mingles it with other balances in your wallet to make a payment. For example Abdul needs to send his 10 coins as payment to HugeMart, he has an address A with 5 coins and an address B with 5 coins, 1 of those coins was sent from NastyCorp. If Abdul sends 1 transaction of 10 coins, using the 5+5 from addresses A+B, NastyCorp now know Abdul owns both addresses. Of course we already know that if Abdul is careful, he would send 2 transactions of 5 each. Another great defence against this is to just send NastyCorps 1 coin back to them, but burn it all in miner fees (because they are NastyCorp!).

Sounds Complicated

For humans, it definately would cause mayhem, but block-chain is a fully auditied, always correct ledger. All that we are missing is the messaging infrastructure to manage the exchanging of signed messages, this could be a simple as a specific form of email template, or XML, JSON or any other kind of scheme that organised data in a way that computers understand.
Except for Point of Sale, most payments could be settled daily, weekly or monthly in huge batch transactions and multiple layers of automated payment splitting and obfuscation are actually easily achieved, we just need to let our computers receive demands for payment, and let them follow simple rules to make sure our human traits dont give our identities away.

With the right user interface, the computer could display all the payments it has queued all day, and in the everning you check the aggregate numbers, unlock your wallet and sign all the payments and messages of confirmation. This really is just a problem of standards and protocols.

If you arent sure, look at what your Steemit Wallet says about your Memo Key:

"The Memo key because it is a bit of an outlier. The only thing the Memo Key can do is encrypt and decrypt private messages that are sent through the blockchain. While this could one day be a powerful feature, today it is not commonly used. If you have received a private message that you would like to decrypt, as always you should use the key with the minimum necessary authorities, which in this case would be the Memo Key."