PRIVACY
How to improve privacy in Bitcoin, explaining through real scenarios
By P_hold November 1, 2024
Privacy is necessary for an open society in the electronic age. Privacy is not secrecy. A private question is something we don't want everyone to know, but a secret question is something we don't want anyone to know. Privacy is the ability to selectively reveal yourself to the world.
" Eric Hughes"
Bitcoin is software designed for the transfer of value that works without the need to trust a central entity. This allows people to use it as a digital cash system. To achieve this, Bitcoin uses a public registry called blockchain, which ensures the transparency and security of transactions.
The Bitcoin database has a fundamental characteristic: its ability to be auditable. However, this can cause security problems for those users who are not familiar with the privacy issue. Without an adequate level of privacy, all transactions become easily traceable, making them vulnerable targets for criminals and scammers.
In this article, I will introduce you to various techniques to improve the privacy of your transactions. Some of these strategies are basic and available in most modern wallets, while others require the use of more advanced wallets. In our full course, participants will have the opportunity to practice using each of these techniques.
Avoid reuse of addresses.
Address reuse refers to using the same address for multiple transactions. Modern wallets provide a user interface that makes it easy and guaranteed to generate numerous new addresses. Therefore, only a lack of basic privacy knowledge could justify the use of a single address.
Reusing addresses puts user privacy at risk by exposing their balance and previously made transactions. This action is common in users who fear losing their funds by using a different address than the one initially provided by their wallet. Novice users often associate bitcoin addresses with bank account numbers, believing they can share a single address without compromising their financial information.
- Savings scenario exposed due to address reuse:
• You save on Bitcoin using a single address from your hardware wallet.
• All your Bitcoin savings are stored at that one address, which, for example, is worth $500,000.
• You buy an additional small amount of Bitcoin and deposit it at the same address.
• The person who sold you the Bitcoin tracks the transaction on the blockchain and discovers that you have $500,000 stored at that address. In addition, it has your personal data that was leaked during the banking transaction.
• Discuss this information with someone in a cafe or bar, where the risk of theft, fraud and extortion spreads.
Some poorly designed wallets and exchange platforms force their users to reuse a single address for their transactions.
The most private and secure way to use Bitcoin is to give a completely new address to each person who makes a payment or shipment to you. Once the coins received have been spent, that address should never be used again. Additionally, when sending Bitcoin, it is advisable to request a new address to ensure greater privacy.
Coin control.
Bitcoin wallets display transaction history and total balance on their home screen, similar to a bank account interface. However, using Bitcoin is more like handling physical money. Each entry in the digital wallet is known as UTXO, which is equivalent to one bill or currency.
Just as in a physical wallet you can choose which banknotes to use to make a payment, some Bitcoin wallets allow the user to select which UTXOS will be spent on an outgoing transaction. This feature is known as coin control.
- Privacy leak scenario due to lack of coin control:
• Your wife surprises you with a bitcoin gift on your birthday.
• You receive the funds in the same wallet where you already have bitcoin, information that she does not know.
• Now you want to surprise her with a trip to the Maldives to celebrate her wedding anniversary.
• The travel agency has a unique, publicly visible address for the sale of tickets, which can be easily found online.
• You paid the travel agency without using currency control, which allowed your wallet to use the bitcoins sent by your wife. This could reveal the purchase of the tickets, thus ruining the surprise.
• Now you have to convince your wife that you are not trying to run away with a lover.
By using coin control, you would have ensured that only coins that your wife didn't know about were sent to the travel agency. This would have prevented her from finding out about the transaction.
Coin control aims to minimize, to the extent possible, transactions that may lead to privacy leaks related to amounts, exchange addresses, transaction graph, and entry ownership heuristics.
Multiple transactions.
Bitcoin transactions are unencrypted messages, allowing you to explore and extract information from them. For example, transferred amounts and commissions paid are not confidential; Anyone can see the amount that is moving from one direction to another.
Amount-based privacy attacks, such as quantity correlation and the use of round numbers, can be decreased by using multiple transactions, sending the total amount through two separate transactions. Although this technique may seem somewhat complex, it is not entirely unusual; It is similar to paying for a purchase partly with cash and partly with a debit card.
- Scenario for creating a starting point due to the correlation of amounts:
• You tell your friends at the bar that you bought a product using Bitcoin.
• Someone hears that you spent $2,000 on the item.
• You can search all transactions on the blockchain within the appropriate time period and find those with exit amounts close to $2,000.
• If multiple matches are found, the spy may have a good idea of which Bitcoin addresses might belong to you.
• If you also mention that you spent $1 on the mining fee for the transaction, the spy can use that information to more accurately identify which addresses belong to you.
• Now you can find out if you have additional funds at other addresses.
If you had made the payment in two separate transfers, one of $1,500 and another of $500, which together add up to $2,000, it would be more difficult for the spy to find your transactions.
Another option is to use both Bitcoin networks to carry out transactions. For example, you can make part of the payment through the Bitcoin on-chain network and the rest using the Lightning Network.
Avoid change.
Most payments in Bitcoin generate changes, since not all of the UTXO is spent. It is similar to using a $20 bill to purchase an item that costs $15, resulting in a $5 exchange rate.
Unlike physical bills received as exchange, exchange UTXOs contain information about past and future transactions. Misuse of these UTXOS could cause serious privacy losses.
- Privacy leak scenario due to a UTXO change:
• A woman suspects that her husband is unfaithful to her, but she has no concrete evidence.
• The man uses Bitcoin to pay for the motel room where he meets his lover.
• When carrying out the transaction, the man spends a UTXO equivalent to $1,000, while the cost of the room is $100.
• The man receives a UTXO exchange equivalent to $900 in BTC.
• To calm his wife's suspicions, the man sends her $500 in BTC as a gift, which comes from the UTXO exchange he obtained when paying for the motel.
• The wife notices the previous transaction and realizes that it took place just the day her husband assured her that he would be out of town for work.
• The woman finds the payment address and investigates online, discovering that she belongs to a motel where her husband has never taken her.
• Now the wife has the necessary evidence to claim financial compensation for the damages caused by the infidelity.
If the man, first, should not be unfaithful to his wife, second, from a privacy point of view, had carefully selected the UTXO to spend, the transaction would not have generated any changes, which would have allowed him to maintain good privacy.
In situations where generating a change cannot be avoided, techniques such as CoinJoins or Atomic Swaps can be used.
Multiple shift outputs.
Since it is assumed that there is an amount corresponding to the change in a payment, one way to generate uncertainty is to add additional changes that act as decoys.
Sometimes the amount of a payment in a transaction can be a round number, either in terms of BTC or when converted to another currency. This analysis has been used to identify the country or region from which payments have been made.
- Privacy leak scenario due to an amount with round number:
• You need to convert a portion of your BTC to your national currency and are considering exchanging 0.02 BTC.
• You make the transaction to deposit on the exchange platform using a UTXO of 0.05 BTC.
• Whoever initially sent you the 0.05 BTC can now deduce that you have fiat money under your control.
• A casual observer of Bitcoin transactions can easily identify which UTXO corresponds to the change.
One way to generate uncertainty in transaction analysis is to decompose the exchange UTXO to create a decoy with an amount identical to the payment. Simultaneous shipments are a manual way to carry out this procedure, while an automated option is to use STONEWALL.
Transactions outside the blockchain.
Most privacy leaks are due to the public and transparent nature of the Bitcoin blockchain, so it is clear that transacting on less transparent networks, such as the Lightning Network, could help reduce them.
Off-chain transactions are not visible as they are not recorded on the blockchain. Transaction amounts and other privacy-relevant data are kept confidential.
- Scenario for using Lightning Network to carry out transactions:
• If you are receiving funds, your wallet will generate a Lightning Network invoice. The sender will not be able to see if you have received transactions previously.
• If you make a payment, the recipient will only be able to see that you have enough balance to cover the amount to pay.
• Transactions on the Lightning Network are ephemeral, meaning no traceable logs are generated.
• To go from Bitcoin on-chain to LN , you can use Atomic Swaps, where you don't lose control of your funds.
The use of technologies that allow transactions to be carried out outside the Bitcoin blockchain entails various complications. First of all, you need to have an additional wallet, which can make management difficult. Additionally, transactions that involve exiting and re-entering the blockchain leave a trail that can put user privacy at risk. And finally, these operations tend to increase commission costs, which can negatively impact the profitability of transactions.
If you got this far my goal is achieved. I hope it helps you to see cases of privacy risks when making transactions in Bitcoin and to know the strategies available to reduce them. If you want to form a criterion that allows you to select and use the appropriate strategy without losing money on commissions, participate in our next complete course.