Bitcoin Privacy: Wallets

SHARE:

Translation of an   article by   Eric Walla, Chief Investment Officer at Arcane Assets. The previous article   aims to give the user...

Translation of an  article by  Eric Walla, Chief Investment Officer at Arcane Assets.
The previous article  aims to give the user a general idea of ​​the level of anonymity on the bitcoin network. This article is more practical and introduces the applications that we use to send and receive coins - Bitcoin wallets.
At the time of this writing,  bitcoin.org  contains perhaps the most up-to-date and  unbiased  list of bitcoin wallets. Overall, this website is a good starting point for any Bitcoin user.
Please be aware that while bitcoin.org strives to provide as objective information as possible, all websites are essentially subject to centralized control and their content can be compromised at any time. Always take extra care during the bitcoin software installation process to make sure you are downloading the “correct” software.
Below are two methods you can use to avoid this. The "advanced" option gives you much better security guarantees; The “simple” option is still better than no additional steps.
  • Just an option:  When downloading the wallet app from the website, always try to make sure that you have been redirected to the correct domain.
  • Advanced option:  prepared installation files for software are often called "binaries" (binaries). These binaries are often signed with PGP keys from one or more project developers. Examples:  instructions  for downloading Bitcoin Core,  instructions  for downloading Electrum. (Easy way to verify PGP signature in Bitcoin software).

Privacy rating

For each wallet on bitcoin.org there are currently four different privacy levels: enhanced, basic, weak, and variable.
To obtain an increased level of privacy, the wallet must use a new address for every transaction, avoid disclosing user information when receiving or sending payments, and be Tor compatible.
We know from the first article that while the wallet qualities described here definitely increase the chances of staying anonymous, they should not be considered as absolute protection. For example, if you use a wallet to receive bitcoins, and then one day decide to send your full balance to a new wallet, the shared owner login heuristic will allow the blockchain analyst to link all the addresses you used.
Two wallets in the "high privacy" category - Bitcoin Core and Wasabi Wallet - are able to ensure that the above linking of transactions does not occur. With Bitcoin Core, you can use  the coin management feature to manually send one output at a time in separate transactions, and continually make sure your addresses never get mixed up in subsequent rounds. Wasabi also has this feature, but this wallet also gives you the ability to send your coins through a CoinJoin transaction, where the clustering technique mentioned in the previous article becomes unusable or inaccurate.
Basically, you should consider the "enhanced privacy" feature as a baseline for any bitcoin wallet. Here is a complete list of wallets in the privacy-enhancing category:
  • Armory (Linux, Mac, Windows);
  • Wasabi Wallet (Linux, Mac, Windows);
  • mSIGNA (Linux, Mac, Windows);
  • Bitcoin Core (Linux, Mac, Windows);
  • Bitcoin Knots (Linux, Mac, Windows).
In an ideal world, we could focus solely on the privacy features of wallets and leave all aspects of security outside the scope of this article. In reality, however, security and privacy concerns are inextricably linked. Without security, there is no confidentiality - while most crypto wallet exploits today are aimed at stealing coins, they can also be used to obtain sensitive information about a user.
The question then becomes: How should a user interested in privacy look at the issue of security when deciding which wallet to use? How can we know which projects will have good security practices and which ones should be avoided? In the open source world, we can rely on one rule of thumb: the more competent eyes have looked at the code, the more secure it can be. Here are  Bruce Schneier 's  words on the topic (1999):
First, just publishing your code doesn't necessarily mean that people will scan it for vulnerabilities. Security researchers are fickle and busy people. They don't have time to study every piece of source code that is published. Therefore, while open source is a good thing, it is not a guarantee of security. I could name a dozen open source libraries that no one has ever heard of or evaluated. On the other hand, Linux code has been reviewed by many very good security professionals.
There is no reason to believe that open source is more secure than closed source at the time of writing. The point is for as many people as possible to evaluate open source for vulnerabilities. Fast. Then they must be corrected. Thus, a two-year piece of open source code is likely to have far fewer security vulnerabilities than proprietary code   simply because so many of them have been found and fixed during that time. Security flaws will also be found in proprietary code, but this will take longer.
Since these words are as relevant today as they were two decades ago, we are faced with a dilemma: if privacy and security are inextricably linked, does this mean that a wallet like Wasabi (which has more advanced features to increase anonymity, but much less vetted codebase than Bitcoin Core) could have non-trivial risks to user privacy?
Bitcoin developer Peter Todd put it this way:
“Overall, I can say that Bitcoin Core has gone through a very thorough audit, and for this reason it is probably more reliable than most. But this is just one of many factors. I pay more attention to the development process, standards and what incentives they have. Therefore, I am less concerned with this sort of thing in Wasabi because the project goals seem to be good and the privacy features could be improved overall. For cold storage, I use Bitcoin Core on a separate computer to minimize dependencies. "
Tools specifically designed to evade surveillance are given particular attention by certain organizations. For example,  it is known that the NSA has been developing in the last  honeypot  as privacy tools for Bitcoin users.
Bottom line: yes, wallets like Wasabi Wallet are subject to a higher security risk and associated privacy risks compared to Bitcoin Core, but ultimately these risks and usability need to be weighed. For example, running Wasabi Wallet on top of Tor works without any configuration, while a user wishing to do the same in Bitcoin Core has to do some additional configuration.
No one wants to recommend anyone to settle for weaker security (relative to what is theoretically available) when it comes to something as important as privacy and financial independence, but we also need to be realistic about how complex the operations are. the user can or wants to execute with the software.

Different recommendations for different situations

  • Storing savings in bitcoin
To store money in a bitcoin wallet, you need to get BTC somewhere - buy on a crypto exchange or receive bitcoin from another user. In the last part of this series, we'll look at the platforms and methods for buying bitcoin in confidence (which is a daunting task in itself), but in this scenario, we'll assume that the method has already been chosen.
In this case, you only need to take care of accepting bitcoins, since it is your counterparty who transfers the bitcoin transaction to the blockchain. It will be your responsibility to provide the address and ensure that the coins were delivered securely. In this case, safety is paramount.
There are many ways to do this, and the choice depends on the desired level of security and privacy. You can generate an address at  bitaddress.org  and wait for the transaction to be confirmed using a browser, but then you need to trust that bitaddress.org has not been compromised. If you do not anonymize the origin of your IP address with Tor, you will associate your IP address with that specific bitcoin address when you search in the block explorer, and you will also need to trust this browser (to provide you with the correct information) ...
Ideally, you should run a full Bitcoin Core node on your computer, if you have the option ( instructions ). This will allow you to generate an address and securely verify that Bitcoin has been received (without looking up your address in the block explorer). Memory requirements are currently ~ 200 GB, but they can be  "reduced"  and the blockchain data will not exceed 4 GB. We recommend doing this on a freshly installed Ubuntu.
A possible addition to this (to avoid the risks associated with storing your private keys on an internet-connected computer) is to create an address on a hardware device. Hardware device compatibility with Bitcoin Core appeared in version 0.18.0. In the hardware category, Bitcoin developer Jameson Lopp has  two recommendations : Trezor or Ledger Nano S.
If you are unable to run a full node, an alternative approach might be to search for your address in several different block browsers using the Tor browser. After making sure that the coins have been received, you need to create a backup of your wallet so that you can subsequently restore access to your bitcoins, wherever you are. The advantage of hardware devices is that they are BIP39 compliant and allow you to regain access to bitcoins by simply memorizing 12 English words.
After you have received the bitcoins, you still have one potential problem: the sender still knows that you received these coins and can track the address on the blockchain. Ideally, we would like no one but ourselves to know the status of these coins. One method might be to simply send coins to yourself. The idea is simple - if you send coins to another address that you control, then the original sender will no longer be sure that you still control these funds.
  • Receive donations in bitcoin confidentially and convert them to local currency
For this scenario, we're going to make two important changes to the situation above. First, we need to receive transactions regularly, so ideally we should have some way to hide the aggregate amounts of what we receive. Secondly, we will regularly convert these bitcoins to local currency by sending them to some organization.
We analyze three different ways to achieve this goal:
  • Using software that generates a new donation address for each visitor ( BTCPay Server );
  • Reusable BIP47 payment codes so that the sender can create a new donation address on their side ( PayNym.is );
  • One address for donations.
Each of these methods has advantages and disadvantages.
You can set up custom address generation on BTCPay ( zpub ) - this will allow you to receive donations directly to the Wasabi wallet for further mixing in CoinJoin transactions. However, CoinJoin is currently available to users mixing at least 0.10 bitcoins. Moreover, Wasabi charges a commission for this service. A more affordable alternative might be JoinMarket, but it's much more difficult to use. Traditional mixers are not recommended because the privacy they provide requires trust in a third party and exposes your coins to theft.
BIP47 reusable payment codes are arguably the most elegant method, but only a few wallets currently support this feature. In addition, these are mobile wallets, which means that servers see your addresses (the developers of the Samourai mobile wallet suggest using an application with their implementation of a full node called  Dojo ).
Even if you use a Wasabi wallet and mix the coins you receive at one address, everyone can still tell how many coins you received at that address (no matter what you do with them after).
In the world of economics, there are no “solutions”, only trade-offs. - Thomas Sowell
There is no ideal option. However, multiple options will at least give us the opportunity to choose the best compromise. Perhaps your identity is already known, but you do not want everyone to be able to view the donations you receive - then BTCPay Server is an acceptable solution. However, if your work is controversial and you run the risk of revealing your identity through an IP address, this is not acceptable. In this case, it is better to receive donations to a static address. Yes, you will disclose all donation transactions to the general public, but if no one knows who you are, then it may not be the end of the world. You can try to regularly change the deposit addresses and thus limit the disclosure of this information.
  • Online shopping with bitcoin
The ability to carry out transactions on the Internet without a payment company that collects our personal data is one of the reasons why Bitcoin was created. However, the collection of analytic data on websites can help to reveal you through your IP address, browser fingerprint or cookies. You can prevent this by using the Tor browser for online purchases that you want to keep private.
In the coming years, more and more stores will start accepting payments through the Lightning Network. As discussed in the first article, Lightning has many privacy advantages over regular bitcoin transactions. For such transactions, you can use the Lightning App desktop application   - it is developed on the  Lightning Network Daemon (lnd) , which you can configure to work through Tor.
Despite the fact that Lightning payments are not publicly broadcast, and the payee cannot know which channel the payment originally came from, it is considered a good habit (in terms of privacy) to hide traces in the blockchain by mixing, or send a transaction to himself before funding Lightning -channel.
Another technology to look out for is sidechains, which allow Bitcoin transactions to be made with a higher level of privacy compared to transactions on the main network. For example, the Liquid sidechain already supports confidential transactions today  .
  • Offline purchases with bitcoin
For offline purchases, cash is still a good option in terms of anonymity. But for many reasons, not everyone may find it convenient to keep their money in physical currency (for example, people who suffer from hyperinflation in their country).
When making such purchases, we are usually limited to our smartphone. Bitcoin.org does not currently have mobile wallets in the privacy-enhanced category. This is due to the fact that mobile wallets broadcast transactions to external servers that know the IP and Bitcoin addresses of users.
There are several ways to get around this, and more solutions are likely to appear in the coming years. The best current solution is to use a mobile wallet that can be connected to your node. The following wallets support this feature:
  • Bitcoin Wallet  for Android (also known as "Schildbach wallet");
  • BRD  for iOS;
  • Green  for iOS and Android.
In the mobile wallet category, Jameson Lopp recommends Green for iOS from Blockstream and Samourai for Android. Green is currently not listed on bitcoin.org as it does not provide the user with full access to their coins. Instead, it uses a 2-of-2 multisig in which Blockstream stores one of the keys and co-signs the transactions if the user verifies it through 2FA.
Samourai cannot be used with your own full node (despite having a 'set trusted node' parameter; the developers have been accused of confusing users with this option ( 1 ,  2 ,  3 )), although they  claim that the amount of information they can collect about users is very limited, as this wallet has built-in support for Tor.
Samourai is the only mobile wallet in the CoinJoin implementation (called  Whirlpool ). A potential problem with Samourai's CoinJoin is that many users will likely still be using Samourai without a full node, which can reduce mixing efficiency.
You can also launch the Spark Lightning wallet through Tor  .

conclusions

While it is theoretically possible to achieve a relatively high level of privacy on the bitcoin network, from a user-friendliness perspective, there is still a lot of work to be done to make this privacy available to everyone. For most users who do not want to learn commands in the Linux terminal, run donation servers, or whose economic situation does not allow them to get enough bitcoins to safely mix through a CoinJoin transaction, achieving privacy on the bitcoin network remains a challenge. And even those users with the necessary skills still have to make certain security trade-offs.
However, privacy in bitcoin is under active development today. Moreover, do not forget that not always someone will spend time and money matching bitcoin addresses with user IP addresses. Bitcoin can still be seen as a significant improvement over traditional payment systems, even if it is used without regard to privacy.
In the next part of the series, we will look at the so-called "anonymous cryptocurrencies" and compare them with Bitcoin in terms of ensuring financial privacy and economic freedom.

COMMENTS

Name

ARTICLES,65,CRYPTOCURRENCY,65,
ltr
item
Crypto Currency Magazine: Bitcoin Privacy: Wallets
Bitcoin Privacy: Wallets
https://1.bp.blogspot.com/-LhXHJVokOSg/X0861p-EmtI/AAAAAAAACO8/dq16oTw8IjIvyhhijhO48Jw-WXm6KIeVwCLcBGAsYHQ/s1600/wallet-bitcoins-640x425.png
https://1.bp.blogspot.com/-LhXHJVokOSg/X0861p-EmtI/AAAAAAAACO8/dq16oTw8IjIvyhhijhO48Jw-WXm6KIeVwCLcBGAsYHQ/s72-c/wallet-bitcoins-640x425.png
Crypto Currency Magazine
https://www.cryptocurrencymag.com/2020/06/bitcoin-privacy-wallets.html
https://www.cryptocurrencymag.com/
https://www.cryptocurrencymag.com/
https://www.cryptocurrencymag.com/2020/06/bitcoin-privacy-wallets.html
true
6872684351681791482
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy