Fork dero, remove rings, do a fair launch (they cannot sue you, I will tell you why at the end). Let it be your gift to the people of the world. Let me explain why.

While Dero’s tech has the potential to be the best privacy tech, it’s very far from realizing its potential. Today you can easily trace transactions on Dero, even with the bug fix.

The Derolytics explorer, for example, makes it very easy to know when a wallet moves money. Dero’s current decoy picking algo also sucks, because it seems to be entirely random so by spamming the chain with 1M addresses (like someone did in 2022), it’s highly probable that most decoys will be spam addresses and easily discardable.

Monero is still more difficult to trace because wallets and explorers don’t let you query for specific TXOs. This of course doesn’t mean the tech is better.

But ok, the chief scammer Captain has said that he wants to give people time to understand Dero. Damn Cap, where are you? We understood it so well that we even caught you stealing from your own users! On one side your minions preach on the importance of integrity, privacy, freedom and on the other side there is you stealing your users’ freedom to feed your greed! I bet you paid/pay some of those minions with your stolen coins!

Anyway, if Dero is not already the product of some CIA/NSA/FBI lab of devs with God complex (it sure looks that way right now, and if so then "waiting on Cap" is just the current stalling strategy), then the idea/tech will eventually be captured by the deep state anyway.

What happens next imo is that they will stall development for years, like they did with Monero. The upgrade Dero badly needs is removing rings. But I fear that once they capture it (Captain Baba and the 40 thieves have made it extremely easy), Dero will linger in its deprecated state forever and they will only upgrade it when it will no longer make a difference.

So if any capable devs are reading this, if you can be anon and take care of your opsec. Study Dero, fork it, remove rings, relaunch it. If somehow they find you through their friends at the NSA, and sue you, you can refer to their Xelis scam as precedent where the license was not enforced.

If you can but you don’t then we will be at the mercy of the deep state either way. So I sincerely hope someone reading this has got the backbone to do what it takes. Don’t even message me if you do it, let me find out on my own.

It looks like some individuals are referencing my previous post to take aim at the Dero Foundation. To be clear, there is 0 evidence to blame the Dero Foundation for anything other than for waiting too long. I included it in my previous post only because it is a concerned party within Dero, but I've zero reason to doubt the word of anyone from the Foundation.

There is, on the other hand, evidence that Captain betrayed his users. Therefore as far as I'm concerned, this is how Dero should move forward:

1) The Dero Foundation (Kryptoid, Azylem, Dank and maybe expanded to include other trusted members) should take over development and everything from Captain

2) The Dero Foundation should hire a 3rd party to conduct an audit of the Dero blockchain to confirm whether there are other exploits or not. To date the only audit is the one done by Derolytics, who gives off controlled opposition vibes (since he shills Xelis and Xelis founders seem to overlap with Captain by quite a bit)

Finally, I ask readers to please avoid using my posts as evidence to support their own speculations.

Dero, Palantir, Chainalysis, In-Q-Tel, Monero are all part of the same family.

That’s why a noob like me had to be the first one to really break down the differences between Dero and Monero, because nobody in Dero really cares about Dero. They’re all puppets in the hands of puppet masters that make money tracing Monero. So Dero’s bad/low-tier Ponzi marketing, and wishy-washy building with clunky interfaces (if any at all), isn’t really bad marketing. It’s strategy.

The Masters of Monero (and Dero), those that control even Captain and close an eye when he scams (like with Xelis), want to keep Dero as low profile and as Ponzi oriented as possible for as long as possible. They make money tracing Monero, and Monero is really easy to trace, so why make their own life harder if they don’t have to? They actually hope people never realize how bad Monero is and never move to something better.

When/if people start looking for better options, the Puppet Masters will feed them Dero. Dero’s tech is better than Monero (and any other privacy coin today) on paper, but still almost as easy to trace in its current state. When Dero’s day comes, it will come with a lot of stalling and I personally don’t think we will ever see any of Dero’s upgrades come in a timely manner.

That said, get Whitney Webb's book One Nation Under Blackmail. To save time go straight to the Chapter "The Private CIA". I’d still try to read as much as possible of her writings, even if in the beginning you will struggle to follow. What matters is that at some point, despite struggling to keep up with names and who did what, you will start to understand how deep state’s web of deception works. And once that realization kicks in, the way you look at crypto will change forever.

The whole crypto industry is most likely made of ex-NSA engineers and ex-CIA spooks teaming up to grift through sheer Ponzis, inflation scams and meme coins. Their deep knowledge of loopholes allows them to get away with impunity. That's all crypto is really about.

(Note: Whitney Webb was the first journalist to go after and expose Epstein fearlessly. Bear this in mind in case some CIA troll tells you she said nothing new and is a limited hangout.)

🚨This is not a conspiracy theory by the way, there is plenty of proof. The key piece of the puzzle is Kayaba.

First things first, why does Kayaba matter? Because we know Luke Parker is funded by Magic Grants, which is directly funded by Chainalysis.

Now let's look at events in Q1-Q2 2024. We know Captain (and/or DF) received 400K DERO from Kucoin and was planning to dump those DEROs before Dero entered accumulation (zero point prices) to bootstrap funding for his scam Xelis.

Captain conducted the dump and Luke Parker disclosed the critical bug right after Captain dumped his bag of DEROs from Kucoin.

Now there are 2 possible explanations for such a sequence of “right after” and "right before":

1) Either a 1 in a million coincidence that Luke found the bug right after Captain was done dumping Kucoin’s residual balances, and right before Dero entered accumulation. Because nobody was going to buy Captain’s Dero in March for $5 if the bug had already been disclosed.

2) Or a 99 in 100 chance that the bug was known in advance but those who knew needed to dump the free coins they would get from Kucoin first.

Kucoin’s unlocking of the residual Dero balances was a scheduled event. Everything else happened in sequence quickly after that scheduled event: Dero pump > Coinex dump > Xelis launch > Disclosure of dero wallet bug > Dero enters accumulation

Since Kayaba coordinated with Captain, to Captain's benefit, then that proves they are the same family. And since Kayaba is controlled by Chainalysis, then that proves Captain is controlled by Chainalysis too.

The proof was always out there, hidden in plain sight. We were simply not paying attention.

🚨Don’t use Monero (bad, old tech, CIA honeypot). Don’t use Dero (good tech but kept in deprecated state, CIA honeypot). Use ZEC shielded transactions. They offer the best privacy by far today.

Does FCMP close the gap between Monero and Zcash? No, absolutely not. Even with FCMP++ Monero is still much worse than ZEC.

Even with FCMP, a Monero transaction ID will reference specific key images published onchain with it, and specific new outputs. They are tied together onchain forever.

Whereas a ZEC shielded transaction ID references nothing onchain, it’s just a proof that valid inputs were spent and valid outputs were created out of the spent inputs. It's not linked to anything else.

Of course the CIA/Palantir shills like Zachxbt will try to confuse you with how they traced a ZEC transaction on NEAR connect because of “static” outputs. But NEAR connect (and any other bridge/cross chain swap for that matter) has nothing to do with ZEC's tech, and Monero’s outputs are just as static as those of ZEC. Not only that, but they will always be linkable to specific key images (even with FCMP++) which gives the full transaction structure which makes them much easier to trace.

ZEC’s only true weakness is that CIA’s and Monero’s disinformation shills successfully control its narrative so very few people use it because they believe their FUD. However, today ZEC has the best privacy in production by far.

And yeah, I don't care if it has a CEO, it has the best privacy full stop. Just because the CEO of Monero and Dero sits in an office at some CIA/Palantir office building doesn't mean they are "cypherpunk". Having a CEO hidden in the shadows, that reviews backdoors and approves inflation exploit operations, is far less cypherpunk than having a public CEO that anyone can ask questions to and hold accountable.

To be cypherpunk you need good tech, no backdoors, and to put the privacy of users first. Not your own greed.

It’s time to stop being nice to scammers. It’s time to stop pretending you don’t understand what the scam is. It’s time to stop hanging out in their groups, validating their personas, and their projects. It’s time to stop parroting their blatant lies to protect your bags.

Centralization is a scam. If 99% of your circulating supply was mined in 4 years and the project was marketed only after that, then that project is a scam.

Inflation bugs are scams. If you minted illegal tokens behind everyone's back, that's a scam. Haven, Xelis, Dero, Zephyr, Salvium and others. All scams. I don't care if you minted only 1% of the supply or 1000%, if a project did it then that project is a scam.

Misleading marketing, when your coin can be traced but you shill it as untraceable, that's a scam. Monero is a scam.

Stalling is a scam. When you don't deliver, it's either because you can't (many such cases in crypto), or because you just want to milk the narrative without ever delivering the actual product (ringless upgrades in Dero, FCMP++ in Monero).

And it’s time to stop tolerating censorship, scammers only thrive because of censorship. Censorship is how the CIA/NSA hijack projects, turn them into honeypots, and stall them to death. We have seen it over and over in crypto’s history. From Bitcoin to Monero to Dero.

Notice how my X account was suspended? Who suspended it, was it Monero or Captain and the other thieves in his team whom I doxed by reminding all victims that the scammers behind Xelis, that we now know are part of Captain too, checked in with their ID at Nonsensus from October 31st through November 2nd 2023 at Wild Horse Pass Casino in Phoenix, AZ?

Stalling, censorship and lies are the signature moves of when a project has been captured by a three letter agency.

Let deep state agents stick out like sore thumbs. Let them be the only ones believing their own bullshit, peddling their own scams to each other. Create your own community and refuse to let any scammers in. Refuse to let anyone shill a scam “because scams pump the hardest”. Scams go to 0. They pump the hardest because nobody but the scamming founder holds them. You’re not going to make any money with scams.

Only scammers make money with scams, and the reason they make money is because there are way too many dummies out there that (don't) fall for their lies but still believe they will make money with the scammers if they repeat the lie.

Name and shame proven scammers, insult them, spit on them if you see them in the street, kick them out of your groups, educate/warn others on their scam. The admin in your group will never do this, it’s you the guy with no admin rights who has to do it.

Or don’t, and find out.

Conflict is good because it brings out information and it exposes all CIA/NSA dummies at once. They forget about plausible deniability, and all of a sudden they start parroting the same script.

Monero and Dero shills are repeating the same line: “Zcash is a Fed coin”, “Zcash has backdoors”, “Zcash has a CEO”, “Zionist Cash”. You will never hear a single technical argument, just endless gaslighting because ZEC's tech is really the best there is today. ZEC also shipped the Orchard upgrade, which mitigates a deep privacy issue (UTXO heuristics) nobody is even talking about in Monero, let alone address it.

That said, Monero, not Zcash, is a Fed coin. We have proof it’s promoted to track people from DNMs. There is proof of various Fed companies, such as Chainalysis, TRM Labs and Palantir involved in Monero tracing and the selling of Monero tracing services to the US government.

There is proof of this, dummies, there’s an actual video. It’s not an opinion. Of course all the high flying CIA shills like shitcoin scammer Tyler Turd-en or Chainalysis persona Zachxbt will never mention any of it, because they feed on this scam.

Zcash Zionist cash? Maybe, but if so that makes it even better for privacy since Zionists have proven to be a separate lobby from the endless army of CIA minions who exchange information with each other behind everyone’s back targeting anyone who steps on the toes of any of their toxic minions.

At least Zionists only care about Israel. And I’m for #freepalestine, make no mistake. But I’m for peace and I’m no Hamas either, so when it comes to my privacy it’s 100% safer in the hands of Zionists than all the CIA/NSA inbreds that make fun and scam anyone who is not CIA/NSA.

For the same reason I’d trust a Chinese privacy app 100% more than any US privacy app, because guess what? Even if there is a very deep backdoor, it’s certainly much deeper than in the US counterparts where backdoors are there for CIA's VCs to monetize them by selling surveillance services to the US gov, and most likely accessible only to the CCP. And guess what, dummies? I don’t live in China, so I don’t care.

Dero is Monero’s little brother, supposedly better on paper but they will never deliver the tech, because they simply can’t trace it. The current version of Dero, gentlemen, was caught having a bug that deanonymizes all transactions. One might call that a CIA/NSA move/backdoor. Since Captain turned out to be a scammer, that might well be the case.

Dero, was also caught having an inflation bug exploited by its very founder. One may call that too a signature CIA/NSA coin move as well.

Ok, end of rant. Buy $ZEC. Ignore the US deep state trying to push you into their honeypots.

🚨Some Kaspatards are trying to get my voice censored from Zcash. For anyone wondering, let me explain. I’m simply the guy who found first that there is not a single Kaspa full node out there.

Somehow they turned me into Kaspa's public enemy #1 over this finding. I actually did them a favor. Thanks to my work, I gave Kaspa a real shot at flipping Bitcoin. Yes, BTC. I basically took their founder's Don’t trust, terrify! mantra to the highest ranks of cypherpunks. If only Yoni had Shai’s balls to fight for his ideas, maybe Kaspa would have had a chance at flipping Bitcoin one day. But no, Yoni flip-flopped. And Shai's balls whithered as soon as he saw Yoni couldn't articulate any convincing argument in front of the big guys.

So to us in private Yoni said we were all dumb to fall for the full node cult, and then when we took him to debate Nick Szabo (figuratively speaking) he starting mumbling.

And I am the bad guy?

Instead the cult should be wondering: does Yoni believe in what he says, or did he say it just to prey on unsophisticated retail? One would think that IF Yoni wasn’t throwing brain farts at unsophisticated retail crypto users, then Yoni would have dreamt of the opportunity to debate legendary cypherpunks about his Don't trust, terrify.

So shame on you, ungrateful bunch. Let's not forget that I also wrote the first viral article on Kaspa when it was only $1M mcap. And even then you were ungrateful.

Cheers and remember: sell Kaspa, #buyZEC

Hear, hear. Remember that little project Sir trading I told you about 2 months ago? I got a lot of doubters in private calling me an idiot for shilling a project with only 12 holders (66 now!).

-Too good to be true, TL.
-What's the catch?
-Collapse imminent, TL.
-It will get hacked, TL.
-I want to see more TVL before I pull the trigger, TL.

Guess what? Nobody holding longs on SIR got liquidated on Oct 10. Because on SIR, you don’t get liquidated. Simply, the share of the tokens you own in the leverage pool increases or decreases. It decreases when price goes down (if you are long), and goes back up when price bounces back.

Did I tell you I’ve known the dev for a long time and he is a solid guy and a genius? Well, now you know. You will find many other defi OGs are all over it, if you do some digging.

So I just wanted to check in to say: two months later SIR is still here. Dev still building. TVL piling up, some huge meme coins have deployed leveraged tokens here (like PNKSTR). They also just deployed on Hyper this week (Proof)

If you aren’t in yet this might be a good time to start playing with it.

Sir is good defi. It's a new primitive, and it works as intended. And that's huge.

It will moon. (NFA!)

Start playing with it before the Eth foundation deploys an Eth vault there for longing/shorting Eth with leverage permissionlessly.

Azylem dropped this huge turd in the Dero Discord.

Put aside the condescending tone and read what Azylem says. Azylem argues that the sender probably isn’t the sender the payload points at because Captain could be using a "different client".

Unfortunately, that changes nothing. And for the record, I thought of that: what if the real sender handpicked decoys and somehow manipulated information in the transaction payload to make it look like the sender was another address?

Even if that is the case, then the real sender would still have to be one of the other 15 addresses. And the thing is that NONE of the addresses in that transaction could be spending 2.2M coins. So even if the payload lies, any other address would still be doing an inflation exploit. Because all other members are spam accounts.

So the verdict is the same: Dero is a scam, and Captain is a scammer.

He exploited Dero, and the proof is onchain. Forever. For anyone to verify.

🚨FOR DERO HOLDERS: WHY THE DERO BULL THESIS IS BACK 🚨

1. There is no bug in the Dero code today, I told you 1 month ago and Mmarcel has just confirmed this (check community Discord)

2. I will say again that the bug was in the pre-compiled binaries and was removed the moment Dero became reproducible (few days after the exploit). Maybe one day an advanced coder will be able to prove this too.

3. The inflation exploit is real, but it was internal and reversible. Captain did create 2.2M coins, but Captain also didn’t touch the premine.

4. How to reverse it: Captain has to burn 2.2M coins of those he still controls and everything will be back to where it’s supposed to be. Like the exploit never happened. Poof.

THE MOST IMPORTANT PART

Why did this happen? Both the wallet bug and the 2.2 inflation transaction were planted and supposed to come out for re-accumulating the distributed coins from the 2021 bull.

The way everything came out, from the very top, means this was planned ahead a long time ago. Let’s face it, we the community would have never found out on our own. We know because they wanted us to know. And why would they want us to know if not to buy our coins back for cheap?

So no, this was NOT done for marketing to boast about Captain not having moved coins. Because if so then we wouldn’t know about the malformed transaction today. Derolytics’ disclosure would have stopped short of reporting it. They would have only told us that Captain still controls 3M coins.

The only logical explanation, and I have thought about this for a really long time, is that this was done to FUD, to shake out as many people as possible.

Another important cue is that a lot of those 2.2M coins are still sitting unspent (as of the time of the deanonymization). In a true inflation exploit they would have all been dumped in 2023 when Dero pumped to $150M mcap. Go through the addresses in the derolytics explorer and calculate amount spent-amount received for the addresses where the 2.2M coins flowed. In many the balance is still positive, sometimes even by several hundreds of thousands.

Last but not least, I’d have never been able to connect the dots without the stuff about compilers Azylem taught me. He taught me a lot of stuff before Chatgpt came around, so I’ll always be grateful. Credit where credit is due. But that doesn’t mean I won’t call him out when I see fit.

That said, the fact that they went to such great, great lengths to re-accumulate Dero speaks volumes. I mean, what are they doing here? Why do they want these coins so much? Because Dero has the best privacy tech and everything else is 10 years behind.

That’s why they did all this.

Now we have really come full circle.

🚨IS CAPTAIN A SCAMMER, OR ANOTHER SNOWDEN?🚨

Let's go back to October 2022. Dero’s network consisted of 2 types of nodes: nodes of users who had compiled from source themselves, these nodes didn’t have the bug. Then there were the nodes of users who had simply downloaded the pre-compiled binaries, these nodes had the bug and would accept the inflation exploit transaction.

Considering how things went, it’s clear that most nodes (in October 2022) were running on pre-compiled binaries. This is because most nodes accepted the exploit transaction, and those who did not stuck out like sore thumbs and were told to “POP” by a few blocks because there is a “node bug”. And they did it without asking any questions.

What if the majority of nodes had compiled from source? If the majority of nodes had compiled from source then Captain’s exploit transaction wouldn’t have passed through, it would have simply been rejected by the network except for the minority of nodes running on precompiled binaries which would have ended on a forked chain.

Lesson here? Always compile from source yourself, do not use pre-compiled binaries. Do not trust. Especially when dealing with a privacy coin where a pre-compiled binary can have a bug that enables an inflation exploit. If you run a node on pre-compiled binaries then you’re no longer contributing to decentralization. Your node is not only worthless, but a potential attack vector.

Who the fuck is Captain? Is he deep state, or is he a Jason Bourne that has turned on the deep state? Was the bug an exploit, or was it Captain trying to show us how much damage a cultivated habit, such as "blindly trust precompiled binaries", can potentially do if used against Dero one day?

Only time will tell. In the meantime, learn your lesson. Compile from source.

Or your "I'm running my own node", means shit.

Why do they want to keep up the bug denial narrative at all cost? My answer at the bottom of the post.

I just checked the latest ZeroPoint episode covering, among others, "the bug that doesn't exist". This guy Marcel apparently has been investigating the bug for months, and he is the first one after me to have said that there is no bug in the public source code. Which I concluded through simple logic without even looking at the public code, simply because Dero wasn't reproducible at the time so the bug doesn't have to be in the source code.

Marcel, if you're reading this, is the source code the first place to go looking for the bug with everything that we know? Any proper investigator would have found that Captain published reproducible binaries 10 days after the bug exploit. So as an honest investigator, your first suspicion should be that the bug was in the precompiled binaries.

STEP 1: Recover the pre-compiled binaries, inspect them for differences with the source code. Or decompile them (if that's an option)
STEP 2: If you can't retrieve the original pre-compiled binaries, then simply take the flagged transaction proofs and run them against the current proofs. Do they pass? But you have never done this test. And why not, if I may ask?

Anyway, let me break it to you: No, the flagged transaction proofs will not pass verification with the current proofs or with ANY proofs in the public source code.

I think these guys want to do a fugazi pump by keeping up the bug denial narrative, so they suck in some new retail. And then Marcel will drop the bomb, finally, that the bug was real (just like techleaks said 5 months ago). So then they will buy back for cheap what they can from that retail that got sucked in. And then later everything will proceed as if nothing happened, with the implied understanding that this bug is inconsequential because Captain didn't spend the premine.

I can't think of any other reason why they are fighting so hard to keep the bug denial narrative when the bug is there, undeniably. And, by the way, the transaction amount is not part of the payload. So it cannot be manipulated by manipulating the payload.

Also will there ever be an Atlantis burn, or is Captain left the burn everyone's been waiting for? Time will tell.

Any Dero pump that doesn’t follow as result of increased awareness of the unfixable inherent weaknesses of single use outputs and Pedersen Commitments is a Fugazi pump. Fade/ignore it because it will retrace 100%. Any pump that doesn’t follow from increased understanding of the fact that Pedersen Commitments are a fundamental & unfixable weakness because they are single use and require UTXO, and that homomorphic encryption/El Gamal cyphertexts are the way forward, is a Fugazi pump. Fade/ignore it.

Any privacy blockchain relying on Pedersen Commitments is updated through new outputs after every transaction. New outputs, and the fact that they are single use and require UTXO, leak patterns that make transactions traceable. With homomorphic encryption and El Gamal cypher texts, account balances are updated in encrypted state and the recency heuristic is killed. Rings in homomorphic encryption blockchains are an attempt to keep the recency heuristic alive, but it is still much weaker.

Anyway, for as long as not everyone around you who considers himself/herself a privacy expert doesn’t openly say and/or cannot explain/understand this, nothing has changed. We’re in suppression. The deep state has won. The honeypot paradigm still rules. Surveillance thrives. The manipulation will continue. The stalling too.

If you want the surveillance nightmare to end, you need to start educating everyone around you about the fact that single use outputs/PCs are old tech. And no privacy chain that relies on Pedersen Commitments/single use outputs will ever be private.

Don't wait for gov controlled ETFs issuers like VanEck or KOLs in 3 letter agency payroll to explain this to the masses. You, the little guy, have to understand this. And then explain it through word of mouth to a friend. And your friend to another friend. Until the world wakes up.

Good luck to all the little warriors out there.

The difference between Dero and the dinosaurs boils down to Pedersen Commitments vs El Gamal

I published an article on Substack today explaining why El Gamal is the quantum leap forward for privacy coins. I recommend everyone who cares about privacy tech to read it. That said, there are 2 big issues with Pedersen Commitments that lead to all the privacy flaws we see in Monero and other privacy chains that use them:

ISSUE 1

Pedersen commitments, while homomorphic mathematically speaking, are NOT updatable from the outside from the public key alone. If I want to send some coins to your stealth address, the protocol cannot update the balance of that address without having the blinding factor of the commitment tied to that specific address. Since blinding factors aren’t public, then homomorphic updates are not possible in a blockchain using PCs.

El Gamal, contrary to PCs, has this super feature. I can update the El Gamal commitments of any account without knowing their blinding factor. It can be done just by knowing the public key, and anyone can verify that the update is conform to the protocol.

ISSUE 2

Pedersen commitments are not public key re-randomizable. This boils down to the fact that even if I were to update my own output, since I could know its blinding factor, I wouldn’t be able to have sender privacy. This because anyone looking at the transaction from outside would see that among the input ring members of my transaction, only my cyphertext changed while the rest remained the same. Because I’m not able to re-randomize the cypher texts of other decoys.

El Gamal has this super feature too. When I spend Dero, the El Gamal cipher texts of all decoy ring members are re-randomized by adding 0 in encrypted form. Since all cypher texts change it’s impossible to tell which one was updated by a non zero amount and which one was just re-randomized.

Because of these 2 issues, any privacy blockchain relying on Pedersen Commitments to hide balances is forced to rely on UTXO and single use outputs/addresses. Single use addresses means that every time you want to spend some coins from an address, you have to empty it completely and generate a new address for the receiver and a new address for your remaining coins.

These two forced design choices as result of PC limitations leak patterns that bypass encryption to reveal the flow of funds.

The single-use aspect enables the recency heuristic and allows the filtering out of decoys (black marble attack). Since outputs are always emptied completely when spent, if we know they were the real spender in a transaction we rule them out as decoys in all other rings where they appear as members.

The UTXO model has no receiver privacy (no decoys) and also enables the co-spend analysis heuristic.

El Gamal commitments, being public key re-randomizable and updatable from the public key alone, eliminate these attack vectors completely because a privacy blockchain using El Gamal doesn't have to opt for UTXO and doesn't have to opt for single use outputs.

This is why El Gamal commitments are the big quantum leap in privacy chains.