I noticed someone sending low-fee transaction to thousands of addresses. Fee rate is so small (1 sat/kbyte) that it won't get confirmed and will stay in mempool. BUT when someone sends tx to your address, your bitcoin core will pick it up as your own transaction. And it will treat it as your own transaction and so it will periodically rebroadcast it (because it stays in unconfirmed state due to low fee rate).
If attacker listens for those rebroadcasts over long enough time window they can connect UTXO owners to IP addresses with high certainty.
My recommendation is to add 'walletbroadcast=0' to your bitcoind config to protect yourself from this attack. It will disable the 'my own transaction periodic rebroadcast' feature.
Tor fixes this.
reply
Use only Tor + I2P with your Bitcoin Core wallet if you want to be private, no clearnet.
reply
Thank you for sharing. Good idea to post in ~privacy too
reply
Wtf? The p2p nature of transactions broadcasting is not an attack, it'simply how a p2p network works. Since things are as such, the logical conclusion is that basically you can never assume that the creator of the transaction is the one who broadcasts it. Or better, it's reasonable to say that the node that you see as the broadcaster to you of the transaction is not the creator of the transaction.
reply
Please read my post carefully with understanding.
The p2p nature of transactions broadcasting
I am talking about rebroadcasting. And rebroadcasting logic behaves differently for cases:
  1. you are the owner of public key (even if only on receiving site)
  2. you are not the owner of public key
And any externally visible difference for those two cases can be leveraged to deanonymize users.
reasonable to say that the node that you see as the broadcaster to you of the transaction is not the creator of the transaction.
And that's why I pointed out the 'repeatable rebroadcast' part. Single measurements obviously won't reveal the owner. But repeated measurements over time will do it faster than you would expect.
Tor and I2P probably help here. Maybe also the encrypted v2 transfer protocol available since v26 (https://bips.xyz/324#goals), but not so sure.