Wasabi Wallet’s Implementation of Chaumian CoinJoin Deemed to Lack Privacy: Samourai Wallet

Wasabi was first launched as “an open-source, non-custodial, privacy-focused,” Bitcoin wallet for desktop uses.

It implements, a trustless method for combining Bitcoin payments from multiple spenders, typically referred to as coin shuffling – a service offered by CoinJoin.

At the time of launch, the Samourai team behind Wasabi deemed this implementation as increasing one’s privacy as the number of participants go up. However, a recent update from the Wasabi team seems to be concerned by CoinJoin’s lack of privacy reports Coin Telegraph. The company was referenced saying the following:

“With Wasabi, if you are mixing 10 BTC [Bitcoin], I can trivially track that 10 BTC as it is peeled down into smaller UTXOS (unspent funds) […] Additionally, Wasabi outputs are in the order in which they are registered, allowing you to make educated guesses that cluster outputs that you can later cross reference when inputs are inevitably merged to make a spend.”

As per a Wasabi’s executive, who goes by ‘SW’, in “Wasabi’s implementation of ZeroLink there is routinely 30 to 60% of inputs issued from the same, previous transaction,” and this is what causes a reduction in anonymity.

The anonymity feature supposedly gets lost, as traders remain in the entirety of the mixing (of transactions) process. It was further noted that:

“When viewed holistically and crucially with lack of PostMix spending strategy these architectural differences have serious consequences when common user behavior intervenes.”

SW believes that more emphasis needs to be placed on coin control techniques to ensure that anonymity is not compromised in any way.