I have a question about shadow-to-shadow transactions.
0) I own 0 shadow.
1) Person A sends me 1 shadow.
2) I then myself 1 shadow. (not sure if this step is needed).
3) I send A some of the shadow back, say 0.9.
Question: Is it possible for A using some offline techniques in the (far enough) future to tell this 0.9 shadow is mine with a high probability? Probably this depends on the number of transactions of the network and number of users. So if you answer this question feel free to go into this as well.
I know for instance that, as things are right now, with Monero this fails, i.e. person A can tell the money comes from me with a high probability.
Thank you.
Correct me if i'm wrong guys, this is what i've gauged from reading WP and slides of this brilliant system.
When you redeem Shadow token to SDC the Shadow is not destroyed but added to the pool of Shadow tokens. Say Bryan sends 1 SDC to Shadow and holds his Shadow in his stealth address, the 1 SDC is now destroyed. Phillip who is unrelated to Bryan decides to redeem 1 of his 100 Shadows to SDC, which would appear on the blockchain as a newly minted SDC. Clearly a Shadow-SDC transaction has happened but the token could have been redeemed by anyone holding Shadow. The 1 Shadow which Phillip used to redeem his 1 SDC stays in the network increasing the potential outputs.
Poor Bryan might be having fingers pointed at him if it wasnt for the stealth addresses/ringsig/Shadow token/SDC creation and destruction ensuring anonnymity.