Author: coinjoin

More Bitcoin than ever was just made private with this technique

A privacy strategy known as CoinJoin has been used to make roughly 70,000 Bitcoin private this month alone. That’s big deal, says Wasabi Wallet contributor Max Hillebrand.

More Bitcoin than ever was made private this month through an anonymization strategy known as CoinJoin. And if you own Bitcoin, but use centralized exchanges or other similar services, privacy experts say you should probably consider doing it too.

Bitcoin mixers that use the CoinJoin technique, such as Wasabi and Samurai Wallet, have seen huge growth in recent months, according to open source data shared by Wasabi contributor and educator Max Hillebrand

Non-custodial wallets (i.e. wallets which enable users to control the private keys to their own funds) like Wasabi and Samourai allow users to CoinJoin their Bitcoin by paying a small fee to have their Bitcoin mixed with others to obfuscate their transaction history and links to identities.

According to the data, around 70,000 BTC (roughly $644 million at today’s prices) were made private in May. This cumulative total may be off slightly for “false positives,” as a kind of CoinJoin called JoinMarket is difficult to track, according to Hillebrand. “I’m pretty confident that the numbers for Wasabi and Samourai are accurate though,” he told Decrypt

While the total number is impressive, “Fresh Bitcoins CoinJoined,” or coins that were mixed for the first time, are also on the rise again after peaking last year. “The more peers use CoinJoin, the higher the anonymity set,” he said. “Thus the higher the overall privacy.”

CoinJoin Too Strong For Europol

Open-source, non-custodial Bitcoin privacy wallet Wasabi is popular enough to catch the attention of the European Union Agency for Law Enforcement Cooperation (Europol), the Hague-based European Union’s law enforcement agency. As for what the law enforcement can do about this wallet’s privacy options – it’s not looking good for them.
(Updated at 11:20 UTC: updates in bold
Updated at 11:46 UTC: two last sentences have been added).

In a two-part report for the eyes of “law enforcement only,” one dated April and the other May, 2020, Europol’s European Cybercrime Centre (EC3), writes that they’ve noticed an “increasing number of investigations involving Wasabi Wallet.” EC3 notes the wallet’s use of the anonymization method for bitcoin transactions CoinJoin, integration of TOR software, that certain anti-money laundering (AML) legislation, such as the AMLD5, don’t apply to it, and other privacy-focused features. The news was first reported by Coindesk.

As to how popular Wasabi is, the agency says “certainly popular enough to spark our interest.” They go on to cite the data provided by blockchain and analytics specialist Chainalysis per which Wasabi stored keys to more than BTC 110,000 (USD 1 billion). Furthermore, almost USD 50 million in BTC were deposited in three weeks leading to the March report, with almost 30% from the dark web. “This is a significant amount, relatively speaking, given the dark web transactions are estimated to have only 1% share of total transactions,” EC3 writes.

The report proceeds to analyze the use of the wallet in detail; it demonstrates a transaction, and looks into “the possibilities for law enforcement investigations,” prefacing it with: “Spoiler alert: things are not looking good.” Suspects who use the wallet correctly “have a very high probability of staying undetected.”

Visually identifying a Wasabi transaction is possible and may be useful, it says, but if a suspect is consistently using the mixer, the commercial tracing tools should be able to identify them. However, they won’t demix them. Whether Wasabi transactions can be demixed, “realistically speaking, in most cases the answer is negative.” This may be possible, though, if a suspect makes a mistake and groups the mixed coins together. There also may be ways to do so in the future: Dutch financial crimes investigation agency FIOD started “promising technical research into behavior and demixing of Wasabi transactions […].”

While the transparency of blockchain is celebrated, it also prevents complete anonymity, given that one’s balance and transaction history is available for all to see. Still, when it comes to personal funds, privacy is also a matter of great importance to the Cryptoverse. To those outside it, this may seem like setting a stage for illegal activities, but it’s mostly about protecting funds from third-party attackers. There’s probably some defiance there too, standing against regulators/authorities who find absolute privacy threatening, as it wouldn’t allow identifying suspects, and are working to prevent it.

According to Wasabi, the technical details of the report are “dead on.”

“We cannot, however, verify the data they have provided with regards to usage patterns, it is, of course, plausible, but considering the sensitivity of the matter, we would like to refrain from speculation on this and also on some of your questions that require it,” Gergely Hajdu, CEO of zkSNACKs, the company behind the Wasabi wallet, told

He added that the company has also “pleasantly acknowledged that their assessment of our legal situation is coinciding with our interpretation of various international laws, too.”

“We have already known that we are providing outstanding security for our users, but their confirmation is certainly reassuring,” Hajdu said.

Europol confirmed that the document is an official Europol report that is aimed for a law enforcement audience. The agency declined to comment any further.

Updated Bitcoin CoinSwap Protocol Design Spurs Further Discussion

UK-based developer Chris Belcher has released a design document for a routed multi-transaction CoinSwap implementation, further developing his work on improving Bitcoin (BTC) transaction privacy and fungibility. The post, which comprises a detailed design of the first protocol version, has spurred further discussions, with various voices from the Cryptoverse inquiring on the protocol’s safety in using cryptography and ensuring the transactions would be safe for both parties.

The latest development “makes use of the building blocks of multi-transaction CoinSwaps, routed CoinSwaps, liquidity market, private key handover, and fidelity bonds. It does not include PayJoin-with-CoinSwap, but that’s in the plan to be added later,” according to Belcher.

The proposal builds on the developer’s design from last May in which he explained how CoinSwap’s implementation could ensure undetectable privacy to crypto transactions.

CoinSwap is actually not new. It’s an old privacy protocol originally created seven years ago by Greg Maxwell, co-founder of Blockstream and the creator of CoinJoin. It came back into public’s attention with Belcher’s implementation. It basically allows two or several parties to swap coins, while the end recipient’s address is not published on the blokchain, in theory meaning improved privacy and fungibility.

The August design has triggered a number of reactions on GitHub. While generally recognizing the innovativeness of Belcher’s code, some users have asked a number of highly technical and detailed questions about the protocol’s functionalities.

“In CoinJoin, since all participants sign a single transaction, every participant knows the total number of participants. Thus, in CoinJoin, it is fairly useless to have just one taker and one maker, the maker knows exactly which output belongs to the taker. Even if all communications were done via the single paying taker, the maker(s) are shown the final transaction and thus can easily know how many participants there are (by counting the number of equal-valued outputs),” wrote user ZmnSCPxj.

In principle, with CoinSwap, “no maker has to know how many other makers are in the swap,” so it “would still be useful to make a single-maker CoinSwap, as that would be difficult, for the maker, to differentiate from a multi-maker CoinSwap,” according to the user.

ZmnSCPxj also pointed to “a few potential leaks”:

“If paying through a CoinSwap, the cheapest option for the taker would be to send out a single large UTXO (single-output txes) to the first maker, and then demand the final payment and any change as two separate swaps from the final maker. Intermediate makers are likely to not have exact amounts, thus [it] is unlikely to create a single-output tx when forwarding. Thus, the first maker could identify the taker.”

Antoine Riard, a Bitcoin Core and Rust-Lightning contributor at Chaincode Labspointed to what he found to be vulnerability issues with the presented design.

“With regards to the fee model for contract transactions, AFAICT timely confirmation is a fund safety matter for an intermediate hop. Between the offchain preimage reveal phase and the offchain private key handover phase, the next hop can broadcast your outgoing contract transactions, thus forcing you to claim quickly backward as you can’t assume previous hop will honestly cooperate to achieve the private key handover,” Riard said.

With a number of questions around this privacy technique to be answered, the discussions continue.

New CoinJoin Design to Allow Bitcoin Mixing With Differing Values

Privacy-focused Bitcoin software wallet CoinJoin is getting a major protocol overhaul.

The CoinJoin team is working on a new protocol design, dubbed JoinSabi, in a bid to improve the user experience and privacy guarantees of the wallet’s CoinJoin transactions. The major design change would allow users to coinjoin with different values than their peers, a first for the privacy-minded technology that could lead to new (and more flexible) use cases.The development team has been conceptualizing the design in a research group since the beginning of 2020 and has hired team members to work on the implementation.