The new coinjoin.org site offers great resources to choose between different wallets to anonymize your bitcoins.
The bitcoin “problem”
All transactions are public. We know at any time how many bitcoins are on which addresses. This transparency is essential. Nodes need it to verify the authenticity of transactions.
And we need the nodes to decentralize the network and thus protect the limit of 21 million bitcoins.
Each node has a copy of the addresses with their bitcoin balance. We speak of utxo (“Unspent Transaction Output”) in the jargon.
All bitcoins exist in the form of utxos which are scripts (pieces of code) linking a public address to a quantity of bitcoin. The addresses are themselves linked to private keys generated by the wallets.
Utxos are crucial to understanding how a bitcoin transaction works.
Let’s say you want to send 1 BTC but your wallet only holds a single private key linked to a single utxo of 2 BTC. Well this utxo will have to be spent in its entirety. The transaction will be constructed so that the difference (1 BTC) is sent to another address in your wallet.
The transaction contains one utxo of 2 BTC as input and two utxos of 1 BTC as output. One of the two constitutes the payment and the other the change given.
It is very rare to own a utxo exactly equal to its transaction. In 99.99% of cases, it is necessary to consume one or more utxos whose amount is greater than the transaction amount.
There is no real limit to the number of input and/or output utxos. This is also what makes it possible to carry out so-called “coinjoin” transactions.
Transactions are added in a block which propagates to all nodes so that they can update their utxo list.
Chain Monitoring
The public nature of bitcoin transactions makes transaction monitoring possible. An exchange can track your bitcoins after you withdraw them.
Many techniques allow utxos (addresses) to be associated with unique entities. All you have to do is cross-reference what we call “heuristics” which are deductions from the information revealed in each transaction.
For example, it is very likely that the utxos provided as transaction inputs all belong to the same person. We speak of “Common Input Ownership Heuristic”.
Likewise, several utxos linked to the same address are likely to belong to the same person. Hence the imperative to use new addresses for each transaction.
Another monitoring method aims to find which utxo at the transaction output corresponds to the change given. This is essential for knowing the remaining balance of an entity after a transaction. There are several ways to guess it:
-If one of the output utxos is a round quantity of BTC. There is then every chance that it is not the change given, but the payment.
-If one of the output utxos includes a different type of address from the other two utxos, it is because it is the payment. Indeed, the utxo of the change returned necessarily includes a type of address identical to the utxo or utxos provided as input.
[Il existe plusieurs types d’adresses. Il y a par exemple les adresses P2PKH (Pay-to-Private-Key-Hash) qui commencent par « 1 », les adresses Segwit P2SH (Pay-to-script-hash) qui commencent par « bc1 », etc…]
Self-transfers to another address in one’s own wallet can also be identified since they do not generate an utxo corresponding to the change given.
There are other more or less reliable heuristics. Their intersection makes it possible to match addresses to unique entities. And possibly real identities!
The coinjoin solution
Monitoring bitcoin transactions is easy and cheap. Public block explorers allow anyone to monitor, record, and analyze transactions.
Fortunately, some wallets offer the possibility of covering your tracks thanks to what is called a coinjoin.
A coinjoin is nothing more than a transaction bringing different people together. Each will bring one or more utxos as input, the goal of the game being to create numerous utxos of the same amounts as output.
It is then impossible for a surveillance firm to guess which bitcoins belong to whom. The cards are redistributed, so to speak. You must make a coinjoin as soon as you withdraw your bitcoins from the exchanges.
Two wallets in particular offer high-performance coinjoins. Samurai with Whirlpool, and Wasabi with Wabisabi. In the case of Wasabi, it is the “company” zkSNACKs which coordinates the transaction.
However, coinjoins are not the miracle solution. You must also get into the good habit of marking your utxos. A good wallet should allow you to distinguish your utxos based on their origin. For example, this utxo comes from my friend Bob, or from the Coinbase exchange, etc.
The objective is to avoid mixing compromised utxos (coming for example from an exchange that knows your identity) with private utxos coming from entities you trust.
Not all wallets offer the possibility of making coinjoins. The different solutions also present different compromises. The coinjoin.org site set up by @thibm_ reviews the essential elements to take into account.
Bitcoin, which wallet to choose?
It is obviously necessary to take into account the number of transactions necessary to achieve a satisfactory level of confidentiality. Since Bitcoin block space is precious, Wasabi coinjoin is a superior solution thanks to its large coinjoins bringing together several hundred participants.
The functioning of the coordinator is also important. Wasabi once again has the advantage with a zero knowledge system that prevents the coordinator from deanonymizing the coinjoin after the fact. This is done by generating new Tor identities at each stage of the coinjoin.
Regarding fees, there are those collected by the coordinator and those collected by minors. Small utxos (less than 0.01 BTC) do not pay fees on Wasabi. They are otherwise 0.3% against 5% at Samourai which does not charge for the following coins. It is the new arrivals who pay all the expenses of the old ones.
This system encourages you to leave your BTC in the pool to participate in new coinjoins for free. More than 9,000 BTC are currently in Whirlpool:
Thus, for an overall similar result, the costs in terms of block space and transaction fees are currently higher at Samourai.
Negative point (or positive, it depends…), Wasabi censors the utxos of risky users. ZkSNACKs uses the chainalysis blacklist to sort utxos resulting from criminal activities.
But the best thing is to try both wallets to make up your own mind. Install Samurai And Wasabi.
Don’t miss our article Coinjoin – Wasabi vs Samourai to go further.
Receive a summary of the news in the world of cryptocurrencies by subscribing to our new service daily and weekly so you don’t miss anything of the Tremplin.io essentials!
