As you read in the previous issue, the blockchain is public. Even many data connections are public. You also read solutions: You can hide behind Tor or a VPN so people can’t see your transactions.
Then we come to the next layer: the transactions themselves. If you are not careful, you can also inadvertently leak data here. In this Bitcoin Focus you can read about blockchain-based attacks. There are lots of companies and investigative agencies that are happy to investigate your transactions.
Buy Bitcoin easily and quickly at Bitvavo. Get started and pay no trade fees for your first purchase up to € 1,000!
This week you will read what you can do about it! Next week is the last part of the privacy special, where we talk about protection techniques for the advanced user and privacy on Lightning.
- The effect of lost privacy: Why fungibility matters
- Amount: Recipient knows how much money you have
- Linking the identity-linked Bitcoin to expenses
- Changing registrations (and everything that comes with it)
- Round payments
- Addresses recycling
- wallet behavior
- Mystery Shopper addresses
Result: wrong bitcoin not welcome!
Before we talk about the (blockchain-based) attacks, the question: what is the problem? And what is the effect of all control?
Edward Snowden says: Liberty does not mean having to ask for permission (Liberty is freedom from permission). For freedom with your money, it is important that your transactions cannot be monitored or stopped.
Making your own choices, with what you do with your own money, is possible with bitcoin. That freedom diminishes if you do not pay attention: If surveillance companies or other agencies can see what you are using, you will adjust your behavior or you may get into trouble. It has happened often enough that incorrect conclusions are drawn from transaction data.
The subsequent effect of the monitoring is to reduce the fungibility, a very important feature of money. The term in Dutch is interchangeability or homogeneity.
The bottom line is that each bitcoin is similar to each other, just as euro coins are similar to each other. I do not care what euro coin I get, they all have the same value.
With more control, we will lose it with bitcoin. Many exchanges are already looking at bitcoin being traded: what was the story? Who has had them? Do they come from “scary” services?
If you are very aware of how to make bitcoin transactions, by following the tips from this newsletter you will use bitcoin more privately, while improving the fungibility! Two birds with one stone.
Your credit will be announced
Background: for bitcoin transactions you have input and output. The inputs are the bitcoin that will be used. The exits are the destination.
Problem: Someone asking for money from you is the destination of the transaction. The action becomes public and the recipient will see that he has received money. If he looks a little further, he sees input from the transaction (your money).
Solution: input selection: there are wallets that let you decide which bitcoin you want to use. Bitcoin on your wallet is not one amount (balance), but if you add several received transactions together, you may have received 500, 100 and 10 euros in bitcoin in one year. Your wallet shows that you have 610 euros (in bitcoin). Good wallets allow you to choose which bitcoin you use.
If you pay 500 euros for a croissant in the supermarket, the cashier knows that you have 500 euros. If you pay with 10 euros, you let us know less. The same can be done with bitcoin.
Identity information associated with your bitcoin
Background: you buy bitcoin on a Dutch stock exchange, you enter your passport information. Or there will be new European legislation.
Problem 1: these bitcoins are now linked to your identity. The exchange knows when to use it again.
Problem 2: If crazy things happen with those transactions, for example if the police see a transaction to a black marketplace with bitcoins that once belonged to you, then you may be linked if the police call the stock exchange where you bought.
Solution 1: Coin selection! Wallets increasingly allow this. For example, Wasabi and Bitcoin Core do this: When you receive money, you give a label. That label indicates who has knowledge “about” the bitcoin, that is, your stock market.
When you use, you make currency selections with these wallets: As soon as you start making a transaction, you choose which bitcoin you use (as input to the transaction). Because your wallet also shows the labels, you immediately see what can be linked (data-wise).
Solution 2: Another option, of course, is to buy or earn your bitcoin anonymously, and never link your identity! For example with Bisq or Robosats
More options to address this next week.
Background: The inputs to a bitcoin transaction must always be used in full. So if you have any bitcoin worth 500 euros, you can not take 10 euros from it, you should always send the 500 euros.
Suppose you want to spend 10 euros, then your wallet makes a transaction with ‘input’ of 500 euros and an output of 10 euros to the destination and 489 euros back to yourself. The last is the change, the change. And there are some problems with that.
Why 489 and not 490 euros? The “missing” euro is the transaction costs.
Problem 1: If the change is always sent to the same address (some wallets do), then the transactions are easy to link: all transactions with change to the same address are from the same user. See also next chapter.
Task 2: see round payments in the next chapter.
Solution: The better the purses handle, the better they change, they label it separately in your purse.
Background: Imagine a transaction that emits 652,301 sets (that is, total inputs), and there are two outputs, one of 500,000 sets and one of 152,301 sets.
Problem: It’s pretty clear that the 152,301 rate is the change, and the 500,000 rate is the payment. Analysis companies can draw conclusions from this, for example that the change belongs to you again.
Solution: often you just have to pay the amount stated and you have no choice. Most traders convert the euro value, and then there is, for example, 0.00441239 bitcoin. A nice random number.
But if you are exclusively involved in bitcoin, for example transferring to your node, then you are quickly inclined to transfer a round number like 0.0010000, consider making it more random!
Background: A bitcoin address remains valid, but should really only be used once.
Problem 1: If you have posted a bitcoin address, for example for donations, then everyone can see how much money you have received on it.
Problem 2: you use money from a known address, all your transactions are known, even if / when you use / send bitcoin.
Problem 3: one link is enough: if only one transaction at the address is linked to your identity, it is immediately clear that the address (and all other transactions) belong to you.
Problem 4: There is a potential security issue: When you use bitcoin, the public key becomes known. There are no quantum computers yet, but as soon as there are (don’t worry, it will take a while), there is a small risk of all payments to these recycled addresses.
Solution: Always use your addresses only once. For the advanced users, Silent Payments is under development, which allows you to post an ‘address’ that can be safely reused.
Wallet behavior recognition
Background: Wallets all have their own way of making transactions. By analyzing the transactions, it is possible to see which wallet is being used.
The differences in wallets are, for example, in:
- Which addresses are supported. Does anyone use only (old) 1 addresses? Then it becomes an old purse.
- What scripts are used? If a purse uses all multisigs, then we know that it will be one of only a few purses that use multisigs.
- How input and output are handled. Some wallets choose more input than others.
- R-values in the keys (a bit technical, but it is the DER format that matters). Bitcoin Core only uses low values, if a transaction has a high value, you know for sure that Bitcoin Core has not been used.
- Which fees are chosen and how / or they are rounded are also different from purse strings.
Problem: If people know which wallet is being used, they can target you more specifically on it.
Solution: This is a difficult one. It helps to use familiar purses, so “you go with the crowd”.
Mystery shopper and dust
Background: this is done mainly by investigating authorities and companies (“attackers”) who want to get more information about a party. For example about me: I sell stickers on bitcoinstickers.shop.
The attacker makes a small purchase, for example, 1 sticker. They pay me the small amount on the chain. That amount will be in my wallet.
Alternatively, they send a small amount to my address that was already known.
Problem: If I have to make a transaction, my wallet will (probably) also take these small amounts to spend.
These (small) amounts come on the input side of the trades I am about to make. The attacker now sees that ‘his’ amount (which he sent earlier) is being used. Because he knows the amount was mine (it was sent to MY addresses), he can also link the other inputs to my identity.
Solution: the better wallets recognize dust, so small amounts sent unsolicited.
Last week’s privacy special: what do you do if your coins have a history?
There are several (subtle) things that happen to recognize your bitcoin behavior, but we have now certainly had the most important. If you stick to all ‘solutions’, you can be pretty sure that your bitcoin will remain private.
Next week the final part of this privacy special, for Lightning users and with a more detailed explanation of what you can do with coins “with a story” to clean them up again.