Bitcoin Payment Privacy: New Private Crypto Transaction Techniques Are Coming
The average person on the street might believe bitcoin is an anonymous, private type of money. Bitcoin, however, is one of the least private cryptocurrencies in the world. New technologies could change that.
Aaron van Wirdum at Bitcoin Magazine recently explored the issue of bitcoin as a “privacycoin”. Van Wirdum explains that bitcoin isn’t an anonymous currency, but that new technologies – like tumblers and other obfuscation techniques – can make bitcoin surprisingly private:
“Ever since its inception Bitcoin has never really been private. Although Satoshi Nakamoto’s white paper suggests privacy was a design goal of the protocol, government agencies, analytics companies and other interested parties — let’s call them “spies” — have ways to analyze the public blockchain and peer-to-peer network, to cluster Bitcoin addresses and tie them to IP addresses or other identifying information.”
This lack of privacy is seen as a problem by many. When you buy a 6 pack of beer with your credit card on a Tuesday afternoon, that transaction isn’t broadcasted to the world for everyone to see. On the bitcoin blockchain, anyone who knows your bitcoin address can track your purchase history.
With that in mind, van Wirdum highlights some of the ways we’ve been able to make bitcoin more private.
Bitcoin Payment Privacy New Crypto Transaction Techniques
TumbleBit was a highly-anticipated privacy solution for bitcoin. It’s a coin-mixing protocol that uses a centralized tumbler to create off-chain payment channels between participants in a mixing session.
These “mixing sessions” occur when all participants send coins and receive an equal number of different coins in return. You’re putting 10 BTC in and getting 10 BTC out. The 10 BTC you put in, however, have been split between 100 different participants, and you’ve received bitcoins from 100 different participants – at least, that’s the idea.
The purpose of solutions like TumbleBit and other bitcoin tumblers is to obfuscate the source of your bitcoins. If you received bitcoin from a known drug marketplace, for example, then you might want to obfuscate the source of your bitcoins.
TumbleBit is more legitimate than many other bitcoin tumblers on the internet today – many of which are shady, anonymous websites where you simply have to trust your bitcoin will be returned to you. TumbleBit was proposed by an academic research team from Boston University, George Mason University, and North Carolina State University.
Today, TumbleBit is one of the more accessible tumblers available. Stratis’s Breeze bitcoin wallet, for example, was first released earlier this summer, and that wallet includes TumbleBit.
Chaumian CoinJoin And ZeroLink
CoinJoin was first proposed all the way back in 2013 by Bitcoin Core contributor Gregory Maxwell. The purpose of CoinJoin is to combine multiple transactions into a single larger transaction. The large on-chain transaction doesn’t include details of the receiving addresses or sending addresses.
CoinJoin works as long as the participants in the CoinJoin session are sending the same amount of coins. If everybody is sending 1 BTC to one recipient, for example, then CoinJoin makes it difficult to track where those coins came from and where they’re going. If one person is sending 100 BTC, however, and another person is sending 5 BTC, then it’s easy to see where the coins went based on the BTC received at the destination address.
There’s an improved CoinJoin protocol called Chaumian CoinJoin. Chaumian CoinJoin uses Chaumian blind signatures to verify unblinded addresses match with binded addresses. Users connect using a hidden connection protocol like Tor.
Today, Chaumian CoinJoin is finally accessible. Over four years after it was first proposed, Chaumian CoinJoin has been implemented into the privacy-focused Wasabi Wallet, which was just launched in beta.
A similarly privacy-focused wallet called Samourai Wallet also uses Chaumian CoinJoin to obfuscate the source of coins.
Stonewall doesn’t use CoinJoin, but it makes it look like it uses CoinJoin. The concept was first introduced by Samourai Wallet in May 2018.
Stonewall transactions seem like regular transactions. Bitcoin is sent from one person to another. However, Stonewall transactions use a unique strategy to obfuscate details. Here’s how van Wirdum explains it:
“STONEWALL transactions do something odd: They include an unnecessary number of sending addresses (inputs) and change addresses (outputs). This makes the transaction look a lot like a CoinJoin transaction — a transaction where two people are combining their transactions into one — even though, in reality, it isn’t.”
The idea is to break – or “stonewall” – the assumption that spies make when analyzing the bitcoin blockchain. Spies – like a law enforcement organization investigating the transaction – can view the transaction on the blockchain, but they can’t determine whether it was a CoinJoin transaction or not. This makes any conclusions based on the transaction data worthless.
Blockchain investigators can analyze peer-to-peer network data to identify bitcoin users. That’s why a group of academic researchers from MIT, Carnegie Mellon, and the University of Illinois proposed Dandelion.
Dandelion changes how transactions are propagated over the peer-to-peer network. With Dandelion, the protocol sends a new transaction to only one peer node. In a typical bitcoin transaction, new transactions are sent immediately to as many peers as possible.
The first node to receive the new transaction will randomly decide whether it also forwards it to only one peer or if it propagates the transaction to the entire network. The end result is that it’s significantly harder for spies to determine where a transaction originated.
Dandelion could be included in an upcoming Bitcoin Core release. The idea has received positive feedback and may be added to Bitcoin Core in 2019.
BIP 151 Encryption
Bitcoin Improvement Proposal (BIP) 151 was proposed by Bitcoin Core maintainer and Shift developer Jonas Schnelli. BIP 151 would let bitcoin nodes encrypt traffic (including transaction and block data) between them.
Theoretically, this system would prevent ISPs or open Wi-Fi networks from monitoring bitcoin traffic.
BIP 151 first appeared online a couple years ago. Today, however, the proposal has received renewed attention. Schnelli recently re-drafted an “official” BIP with suggested inclusion in the next Bitcoin Core release.
Compact Client-Side Block Filtering
Light clients like mobile wallets allow users to access bitcoin without downloading the entire bitcoin blockchain.
There’s a problem with these light clients: addresses are typically shared with a central server or a random network node. Blockchain investigators can spy on these sources to get information.
Yes, strategies like Simple Payment Verification (SPV) can minimize this attack vector. However, compact client-side block filtering takes this a step further.
Compact client-side block filtering was originally designed for Lightning Labs’ Lightning-focused Neutrino wallet. However, we’ve also seen the protocol added in privacy-focused solutions like the Wasabi Wallet.
Compact client-side block filtering uses a similar strategy to SPV. Here’s how van Wirdum explains it:
“Compact, client-side block filtering essentially inverts the trick that current SPV wallets use. Instead of SPV wallets requesting transactions relevant to them by creating and sending out a Bloom filter, full nodes create a similar filter. SPV wallets then use this filter to establish that relevant transactions did not happen. If the filter does produce a match, Neutrino fetches the relevant block to see if the match really concerns the exact transaction, instead of a false positive.”
Liquid is another privacy-focused bitcoin protocol. Liquid is a commercial sidechain created by Blockstream. The goal of Liquid is to create transaction channels between exchanges and other high-volume bitcoin users – like brokerages.
Because it’s a sidechain, Liquid transactions don’t have to be posted to the public bitcoin blockchain. This could help keep transactions hidden from blockchain investigators. Over time, it could even prevent blockchain investigators from viewing balances on the sidechain channels.
Bitcoin Payment Privacy Conclusion
Ultimately, van Wirdum has an excellent write-up on the number of bitcoin privacy systems in place today, including protocols that have been proposed in the past and techniques we may see in the future. Bitcoin may be one of the least private cryptocurrencies available today, but there are certainly ways to make bitcoin more private.