Bitcoin Privacy

Privacy versus anonymity

Bitcoin is usually associated with black markets, and as the tool of bad people because of its anonymity or privacy. But this is not the complete picture, and far from the truth.

First we need to distinguish between private and anonym transactions.

anonym transaction: no identity is connected to a transaction, so it is not known which real person made it.
private transaction: only transacting parties know about the transaction, and its details.

Cash is the most private and anonym payment solution. Only transacting parties know about the transaction, and its details. When cash appears at someone's pocket, it is impossible to know where it came from. This property makes it possible to lose cash on the street, and anyone can start to use it without really knowing whose it was. So cash shall be assumed to make bad transactions.

Wire-transfer or card has lower anonymity and privacy than cash. The identity of the sender and receiver is attached to each transaction, so it is not anonym at all. Also a third party knows about it, so it is not fully private. Although not every people on earth can know each of your transactions, but at least the ones the third party shares this information with.

Bitcoin on the other hand is pseudo-anonymous and transparent.

Pseudo-anonymous: We can know all of the transactions one bitcoin address/person makes, however we don't know his identity. We don't know who that person is.
Transparent: Each transaction is broadcasted to the network for each participant to see it.

This means, bitcoin is not private by default, but has higher level of anonymity than wire-transfer or card payments. See following diagram for comparison:

https://i.imgur.com/H8fCm3t.png

This introduces the following problem:

Once the identity of an address is revealed, all of its transactions can be tracked by anyone, because the blockchain is public as discussed in transparency.

This can happen in different ways:

Your transaction history is revealed for each of your transaction partners. Imagine you buy something online at a shop. The shop owner will receive bitcoin from your address, so he can associate you with your address. From this point on, he can track all of your transactions that you already made and you will make.
You share your bitcoin address publicly.
Your IP address gets connected to your bitcoin address, and based on your IP, your rough location is known. Also you have KYC-ed when you bought your internet, so your ISP (Internet Service Provider) could connect your bitcoin to your identity.
A business may share their bitcoin address, where they accept bitcoin. Then if you share that you visited that place multiple times, the transactions of their bitcoin address could be analyzed to find the address that paid there on those days.
Publicly available bitcoin addresses are decreasing the number of unknown addresses helping the analysis of identity.
You buy bitcoin on a KYC-ed exchange.
You send bitcoin from an address with leaked privacy.
etc

So there are several ways that can break your privacy with bitcoin.

Does it mean we shall stop using bitcoin if we don't want our local grocery shop owner to know our online shopping habits? Short answer is no. Solutions are listed below.

Solutions

The solutions are education, and careful usage of bitcoin. We need to get used to the unprecedented level of transparency that comes with bitcoin, if we want to use it. So let's dive in.

Use addresses only once

Bitcoin gives the possibility to have infinite amount of addresses. Also you don't need to do anything special to get a new address. You can generate a new one locally without any third-party.

So a good way to increase your privacy is to only use an address once. If you want to receive bitcoin again, just generate a new address.

Good wallets do this by default, but please check this, when you start to use a new wallet.

If possible, don't share your bitcoin address online. Only share in case you would like to receive public donations.

If you do so, always remember, that if you send bitcoin to another address, it will be connected to you as well.

Also better not to share any information about your transactions, because that could help the on-chain analysis to find your addresses.

Hide IP address

Be sure to use VPN or Tor network when you deal with bitcoin. Meaning if you would like to use a service, where you have to share your btc address, use VPN or Tor, otherwise they will be able to connect your address with your IP.

Also a good solution to hide even your node's IP address behind a VPN or Tor.

Mixing and Coinjoin

Use mixing or coinjoin when you send bitcoin. Using them can break the connection between the sender and receiver. It achieves this by bundling multiple transactions with the same amount, so that it won't be obvious who sent the bitcoin to whom.

Be careful, because you have to trust a service or a third-party to do this.

Also using these methods can help to break the KYC connection to your bitcoin. Do coinjoin a few times on your bitcoin while you send them to your new address to make them KYC free or just buy them KYC free.

Conclusion

While bitcoin may seem an anonymous and private solution, you might need to do some extra steps to achieve it.

You can use new addresses each time to receive bitcoin, so that your past transaction does not reveal your identity. So by using new addresses each time, you increase your privacy for bitcoin receiving. Also if you use an address to receive and send once, you won't share your entire bitcoin history with the one's you transact with, only the history of that 1 or more addresses.

You can use mixing and coinjoin to send bitcoin to your own other addresses, or to buy stuff, to increase the privacy of your bitcoin sending. This way, the receiver won't be able to easily connect who the real sender address was, so your transaction history is not shared.

Additional steps could be using VPN or Tor to deal with bitcoin, because even wallet applications could log your IP and sell this information to other people for profit. So be careful revealing your IP.

Last but not least, do not share your address online, because that is the easiest way to degrade your privacy.

126 sats \ 1 reply \ @gunson 18 Apr 2023

Nice post, thanks!

This maybe deserves a full post itself, but let me try ask here first ...

Once you've gone through the setup and learning curve for coinjoin, how do you ensure your spending remains private?

By default in Sparrow with whirlpool your post-mix utxos are recombined when spending any amount above your pool amount setting (e.g. 100k sats). So it becomes much easier to work backwards to find the common initial coinjoin tx, and thus undo all the gained privacy.

What is the best way to deal with this?

Currently I send to Phoenix just the single post-mix utxos to avoid linking, and then gain the privacy advantages of lightning.

But I never see the option to pay with multiple individual utxos txs ? I.e. with BTCPayServer there is a single on chain payment address. Would be great if the default was to pay in a way that the merchant has a single tx for accounting purposes, but chain analysis doesn't have any clue that the payments are linked.

Cc @ODELL @Sethforprivacy

0 sats \ 0 replies \ @DarthCoin 22 Apr 2023

Use LN. Here I wrote how to do it: #167755

25 sats \ 0 replies \ @GrinSingularity 17 Apr 2023

The human factor in privacy and security issues is the most important. If any of the things you mention are not done in the right way then the traders are exposed to risks! The bottom line on what you have said above has to do with "default". Privacy by default, security by default, anonymity by default. I don't think bitcoin in its current form and according to the direction of its developers, exchanges etc is on that path.

Even mimblewimble extensions for example remain negative to developers. Maybe because they don't care.

In the bitcoin fever era, few will look to preserve their privacy. Besides, those who are serious about privacy will not choose bitcoin.

If you have time you can look at mimblewimble protocol and grin cryptocurrency. Transactions over tor, mimblewimble protocol, slatepacks etc.

However, a big thank you to you for presenting the ways to anonymize bitcoin at a time when the vast majority of bitcoiners are unaware of them.

We are all Satoshi (at least those of us who never ignored bitcoin whitepaper)!

10 sats \ 0 replies \ @lightcoin 17 Apr 2023

You may be interested in the Zerocash protocol, which end-to-end encrypts transaction metadata such as the sender address, recipient address, and amount being sent: http://zerocash-project.org/how_zerocash_works

We would need a soft fork to implement on bitcoin L1 or L2, but this would provide a level of privacy and anonymity that is as close to physical cash as possible for digital transactions.

3 sats \ 1 reply \ @joda 18 Apr 2023

Mixing is expensive, as is non-kyc.

Isn't lightning even more of a "mixing" than mixers? Couldn't one simply send/deposit BTC to their non-kyc lightning wallet, then send back?

10 sats \ 0 replies \ @DarthCoin 22 Apr 2023

Here some hints how to use LN for that #167755

0 sats \ 0 replies \ @llamabyte 31 Jul 2023

Cash has serial numbers that banks record. They are Tainted coins in a sense and similar to bitcoin.They know A -> B but not A -> C -> B.

Total anonymity is incomplete with cash.

0 sats \ 0 replies \ @billiam 19 Apr 2023

Both! Run your Node on a VM (virtualbox, vmware,...) with NAT network adapter where the host is connected to a VPN. Node on the VM runs on Tor. It basically means node using Tor is not seen by the ISP.