Welcome to the fifteenth issue of ‘This Month in Bitcoin Privacy’ newsletter. Enjoy!
Table of Contents
- Understanding Bitcoin Privacy with OXT
- U.S. Infrastructure Bill
- Privacy in Proof of Liability
- Atomic Swaps with Monero, Continued
- Nym Project Hires Chelsea Manning
- Mining Privacy
- Blockchain Commons Camouflage
- Node Support for Taproot in Majority
August 4th - UNDERSTANDING BITCOIN PRIVACY WITH OXT
OXT Research analyst Ergo began publishing a four-part series on blockchain analytics and transaction privacy. The first part focuses on clarifying that Bitcoin is not anonymous but pseudonymous, and introducing various heuristics for categorising payments and detecting change; the second part, on “the core concepts that underpin chain analysis,” clustering, and how OXT’s transaction graph works; the third part, on “the methods for undermining chain analysis,” essentially by increasing ambiguity and uncertainty that a given interpretation about a transaction or wallet behaviour is accurate; and finally, the fourth part, on various features of Samourai Wallet that “can be used to maintain privacy when interacting with bitcoin,” including stealth addresses (TMIBP09, TMIBP10), coin control, Ricochet (TMIBP02, TMIBP10), STONEWALL (TMIBP02, TMIBP04), Stowaway aka PayJoin (TMIBP03), and Whirlpool (TMIBP01), which has since been integrated with Sparrow Wallet as well.
It is likely that the typical user reading this guide is not looking to become an expert in chain analysis. Rather they are looking to improve their privacy when sending and receiving payments. The act of sending and receiving payments necessarily reveals UTXO set information about a sender’s wallet to a payment recipient. As a result, payment senders and receivers are able to evaluate the respective past and future spending of these known UTXOs, which can reveal additional information about their counterparty.
Users armed with knowledge of chain analysis are better prepared for evaluating the implications of spending and receiving and can begin to take steps to protect their privacy.
August 10th - U.S. INFRASTRUCTURE BILL
Discourse this month has been dominated by the U.S. Infrastructure Investment and Jobs Act, a bill introduced back in June that “addresses provisions related to federal-aid highway, transit, highway safety, motor carrier, research, hazardous materials, and rail programs of the Department of Transportation (DOT).” While this now 2,700 page document was not a place where one would expect to be dealing with cryptocurrency regulations, a small section of ‘Other Provisions’ concerns “Information Reporting for Brokers and Digital Assets.” Electronic Frontier Foundation (EFF) chief program officer Rainey Reitman and legislative activist Hayley Tsukayama explain:
As EFF described earlier this week, this vaguely worded section of the bill could be interpreted to mean that many actors in the cryptocurrency space — including software developers who merely write and publish code, as well as miners who verify cryptocurrency transactions — would suddenly be considered brokers, and thus need to collect and report identifying information on their users.
The inclusion of this provision was based on a presumption that “by engaging in more rigorous surveillance of the cryptocurrency community, the Biden administration will see more tax revenue flow” – specifically, $28 billion – because “huge swaths of cryptocurrency users are engaged in mass tax avoidance, without providing any evidence of that.” I have previously covered the EFF’s advocacy on third-party doctrine issues relating to cryptocurrency (TMIBP02, TMIBP04, TMIBP05, TMIBP06, TMIBP09, TMIBP11). On August 4th, they addressed a civil society letter to two senators, expressing their support for an amendment. “We urge Congress to not rush to legislate as complex a topic as the privacy rights of cryptocurrency users.” Just as they had for the FinCEN’s proposed rulemaking (TMIBP07), Fight For The Future has also launched a campaign to encourage representatives to oppose the provision. Unfortunately, the Senate passed the bill, by a Yea-Nay Vote of 69 to 30 and no amendments. It is now waiting to be considered by the House of Representatives.
Our responsibilities to our customers’ privacy and security are too great to accept such regulation should we be forced to adopt new reporting processes. Quite frankly, the company would likely rather shut down and let Trezor live on as the decentralized community-focused project it has always been. This would limit access to the critical security tools the space needs, but since the project is fully open source, more technically adept users could simply build their own.
According to CNBC reporter Taylor Locke, an official from the U.S. Treasury Department claimed they “will not target non-brokers, such as miners, hardware developers and others, even if the provision isn’t amended.” Coin Center executive director Jerry Brito commented:
… the bill would allow Treasury to require reporting from brokers not just on trades, but on mere transfers; and not just broker-to-broker, but from a broker to a non-broker (i.e. a person with a self-hosted wallet). That’s similar to the Mnuchin midnight rule. The bill would also create an obligation for all crypto transactions over $10k to be reported to the IRS along with personal information of the counterparty. This is a massive change to make outside of regular order.
On August 14th, Blockstream co-founder and CEO Adam Back was interviewed for Livera’s SLP300 about the bill and Bitcoin privacy. “[The provision] doesn’t make a lot of sense to me, the whole thing, really.” On August 25th, the Wall Street Journal reported that “some intelligence and law-enforcement officials are joining industry leaders in warning policy makers against overly aggressive regulations that risk exacerbating national-security hazards.”
Overregulation “may push illicit use and criminal actors deeper into anonymizing methods and corners of the internet that would make it more difficult for law enforcement,” said Jeremy Sheridan, assistant director of the U.S. Secret Service’s investigations office.”
On the threat of ransomware attacks – “the most urgent national-security issue of our time” – the article also quotes former Treasury under-secretary for the Office of Terrorism and Financial Intelligence (TFI) Sigal Mandelker, who was previously featured when she joined Chainalysis’ board of advisors (TMIBP02).
August 12th - PRIVACY IN PROOF OF LIABILITY
The BitMEX Research and Wallet teams have proposed a new proof of liability scheme for custodial exchanges that maintains customer privacy, building off discussion between Gregory Maxwell and Peter Todd in 2013 and then Zak Wilcox’s informal standard from 2014.
The core idea is that individual account balances are randomly split between multiple [Merkle tree] leaves. Each user balance is split at least once and therefore goes into at least two leaves. At each snapshot point, perhaps every month, a random real number between 0 and 1 is generated for each user. The user balance is then split according to this fraction, for example if a user had a balance of 200 satoshis and the number 0.400 was chosen, the balance would be split into two chunks, the first with 80 satoshis and the second with 120 satoshis. This splitting strategy happens to the list until a sufficient amount of padding is achieved, resulting in two or more splits for each user balance. To verify your balance, you would need to find it in multiple leaves of the tree (or multiple entries in a list) and then sum them up to check it matches your total expected account balance.
… The positions of the leaves are shuffled for each snapshot. A liability balance is displayed in plain text on each leaf in the tree, which adds up to the total liabilities at the top of the tree. At the same time the hash digest of each leaf is conjugated with a neighbouring leaf and hashed again, to move up the tree. Each hash includes both the hash digest and the balances in the branches below as inputs.
… The combined impact of the two privacy techniques, shuffling and splitting, ensures many privacy characteristics for the exchange and users are preserved. It is no longer possible to see a distribution of all the account balances or track the balances of any users over time.
August 17th - ATOMIC SWAPS WITH MONERO, CONTINUED
In TMIBP03, TMIBP05, TMIBP07, TMIBP11, TMIBP12, and TMIBP14, I have followed development of BTC-XMR atomic swap protocols, namely Farcaster and the similar Hoenisch / del Pino implementation. On August 17th, Opt Out podcast host Seth Simmons shared that he had “just completed my first mainnet atomic swap (as the broker/XMR-seller).” As a provider, he soon published a guide on how to perform an atomic swap from bitcoin to Monero, using the Hoenisch / del Pino tool on Linux. At the time of writing, the MVP’s latest release is v0.8.2.
The process took 34min, was done entirely over Tor, required no interaction by me, and was peer-to-peer with no middle-man or custodian.
Relatedly, on August 9th, in his sixth episode, Simmons interviewed ‘Diverter’ about “the importance of hosting tools for friends, family, and online communities.” And in his seventh episode, he interviewed Paralelní Polis co-founder Juraj Bednar about “what role Bitcoin plays in building up a parallel economy around us.” On August 10th, Simmons joined Matt Odell’s Citadel Dispatch e0.3.4 to discuss mobile privacy, particularly in response to Apple’s proposed content scanning tools and policies (the roll-out of which has since been “delayed” to “collect input and make improvements”).
August 25th - NYM PROJECT HIRES CHELSEA MANNING
Nym Technologies announced that they had hired former U.S. Army whistleblower Chelsea Manning in July “as a security consultant, focusing on auditing… before the Nym network launches on mainnet later in the year.” I have been following the project’s development since they are testing the use of bitcoin as a reward system.
Over the next month, Manning is tasked with discovering new privacy leaks and setting parameters for “cover traffic” on Nym’s mixnet. Cover traffic is traffic that can help confuse an internet service provider or other centralized entity that can attempt network-level surveillance.
According to Forbes, CEO Harry Halpin had reached out to Manning back in February to review their new whitepaper (TMIBP09), which coincidentally involved a design similar to the schematic she had drawn while still in prison. The article also mentions that “even Tor itself is exploring how to use blockchain to create the next generation of its software,” in the form of “anonymous blacklistable credential[s]” (TMIBP04, TMIBP06).
August 26th - MINING PRIVACY
Braiins, operator of the oldest Bitcoin mining pool, wrote a thread on “how miners can better protect their hash & privacy.” This was a repost of their guide from November 2020, “Data Privacy and Security for Bitcoin Miners.” Attack vectors include eavesdropping and hashrate hijacking by malicious ISPs or neighbors. They recommend using HTTPS (you can automatically select this on all websites using the HTTPS Everywhere browser extension), VPNs, DNSCrypt, and the Stratum V2 pool mining protocol.
Extra note: the above points are for mining activity, but don’t forget about general web browsing best practices either. For example, using a VPN or Tor when visiting a mining pool website is still a good idea for those who value privacy.
For information on the viability of independent, at-home mining to acquire non-KYCed bitcoin (U.S.-focused), read here.
August 27th - BLOCKCHAIN COMMONS CAMOUFLAGE
Blockchain Commons contributor Prayank announced on the mailing list that they would be building and maintaining a website that aggregates “issues and PRs related to privacy from different Bitcoin projects. I have added [a] few from Bitcoin Core (full node implementation), Bisq (DEX) and LND (LN implementation) right now.” The list indicates whether those issues and pull-requests are open or merged. Dubbed ‘Camouflage,’ the repository states that it “respects the Gordian Principles, which are philosophical and technical underpinnings,” namely: Independence. Privacy. Resilience. Openness.
August 30th - NODE SUPPORT FOR TAPROOT IN MAJORITY
In TMIBP13, we saw the Taproot / Schnorr soft fork lock in for scheduled activation this November; in last month’s TMIBP14, early preparation for Taproot in various wallets was documented. This month, based on data charted by core developer Luke Dashjr, over 50% of nodes now support the Taproot soft fork and activation through running v0.21.1.
Check out Bitcoin Optech Newsletter #160, #161, #162, and #163 for a “weekly series about how developers and service providers can prepare for the upcoming activation of taproot,” and other technical developments beyond privacy.