Although Bitcoin is pseudonymous, it is not a totally anonymous payment system. The fact is, there are an increasing number of ways for forensics and government audits to be done on your Bitcoin transactions. Today, we delve into a financial privacy technology called, CoinJoin.
Bitcoin transactions leave a kind “digital fingerprints.” There is a fingerprint because transactions can be traced to specific IP addresses. Moreover, because they rely on blockchain, the transactions are immutably stored on the public blockchain. That means that transaction information is readily available for forensic analysis.
The diminished privacy of Bitcoin transactions is the unfortunate consequence of nefarious uses of Bitcoin to pay for illegal activities. It is also because Uncle Sam is missing out on his piece of the pie. The lack of anonymity also makes resisting DoS attacks harder.
It is no surprise that in response to privacy concerns there has been an increase in available technologies to recreate privacy by restoring anonymity.
The idea of CoinJoin is one such project. It was proposed by Gregory Maxwell, and essentially CoinJoin anonymizes Bitcoin transactions. CoinJoin anonymizes Bitcoin transactions as it allows transactions to remain private by employing a coin mix.
To increase privacy the basic idea of CoinJoin is to perform a “coin-shuffle.” This is the process of adding transactions together, without a third party, to send as one transaction.
However, CoinJoin works by operating first with a central provider that coordinates joint transactions. CoinJoin also holds the user’s information during negotiations.
The method also defrays the cost of a transaction. If you combine two transactions into one, then there is only one fee. Moreover, once combined, one CoinJoin transaction takes up less room than two separate ones, and it uses up less work from the network as a whole.
The Basics of a Bitcoin Transaction and the Multisig
Here is an image of a basic transaction: below we see both a varied number of inputs and outputs. The important take away from this image is that all such combinations work with the Bitcoin script.
For starters, because Bitcoin transactions are a combination of UTXOs, there is nothing in the original script that makes CoinJoin difficult or atypical. A Bitcoin transaction concerns one or more inputs and creates one or more outputs with specified values.
CoinJoins use a multisig, which means that no one person can have common control over the transaction. Each signature, one per input, within a transaction is independent of the other signature. It is, therefore, possible for Bitcoin users to agree on the collaboration of inputs to spend and the outputs to pay.
To perform a CoinJoin, the transaction needs more than one signature, it is written as a straightforward multisig, where multiple digital signatures are needed for the transaction to be approved.
Moreover, each input is an output from a past transaction. That means that for each input there is a separate signature (scriptsig). The past signature was created in conformity with the rules of the specific past-output (scriptpubkey).
At no point is it necessary for the scriptpubkeys for the multiple inputs to use the same key. The design of the script allows that even when transactions are sent from the same address no transaction will be identical, and therefore there is no problem with a multisig.
As mentioned, a Bitcoin transaction is essentially just a combination of transactions that make up a new UTXO. So, it is entirely possible to combine transactions from multiple accounts or people to make a new output sent to one address.
A transaction is not valid and will not be accepted by the network until all signatures for the multisig are provided. The Bitcoin system relies on the inevitability that no one signs a script they do not agree with.
A CoinJoin can, as a result, increase privacy. The primary reason is that there is a mandatory number of signatures required from all of the senders. So, all of the parameters of the transaction must be agreed upon, or one or more participants will simply not agree to sign it.
Bitcoin’s Fungibility is at Risk
Another reason to want to improve the security and privacy of Bitcoin is to preserve its fungibility.
Bitcoin is often considered a fungible asset. Like gold, it does not represent a unique item of value. Fungible assets are assets that have an interchangeable value. This is the case with Bitcoin each transaction is unique, however, they are all valued and exchanged in the same way. This is the basis of the design, to function the same way that one dollar is the same as another dollar.
Conversely, a non-fungible token (NFT) is a token that represents something unique, which reduces their interchangeability. This is because each coin is not valued in the same way. Real estate can be a non-fungible asset, as the property has a relative value based on many variables.
However, as I mentioned, autonomy is becoming an increasing concern as there are more frequent investigations into the specific uses of Bitcoin. The problem is that if a certain Bitcoin transaction or a certain address becomes blacklisted, Bitcoin loses its fungibility, because all Bitcoins no longer have interchangeable value.
Companies like coinsquare have made Blacklisting certain addresses possible. Coinsquare helps forensics companies, specifically Chainalysis run a trace of transactions.
Mixing Things Up
The desire to use a CoinJoin method, such as a Wasabi wallet, is, therefore, a growing trend.
The basic argument is that most people are using the currency for legal purposes, and therefore those holders should not have to suffer as a result of those who do not.
Therefore, making Bitcoin less traceable is appealing in order to retain is value and ubiquity, as well as the user’s privacy.
By using mixers, the CoinJoin method, the privacy of Bitcoin is returned. This is because it becomes harder to follow the trail of transactions. The challenge with many mixers is that a trusted third party is required.
For the sake of security and simplicity, CoinJoin digital wallets are now available.
Trustless CoinJoin with Wasabi
The process of a private CoinJoin is carried out using a Wasabi digital wallet. Wasabi is an open-source, non-custodial, privacy-focused Bitcoin wallet, that is built for your desktop. The wallet creates trustless coin shuffling via Chaumian CoinJoin.
Wasabi Wallet is a Bitcoin (BTC) digital wallet. Using this wallet, users can store, manage and monitor their BTC with the Windows version used by the wallet. To support Bitcoin, it facilities trade and the private key is personalized. This means that only the user is the one to hold the private key.
This wallet uses a type of validation, which relies on a central server. However, the central server is anonymously operated with Tor AND the Bitcoin P2P network.
The wallet is an open-source coin mix, which uses a trustless third party approach. To increase security, it works with Tor as a default. Wasabi wallets mixe coins from all wallets users between one another. To do this a multisig script is used. Using a multisig script to eliminates the need for trust from the other party.
Most Bitcoin wallets generate keys from a single seed, which is a private phrase. This means that transactions are all coming from one place, your wallet, but with different addresses for each transaction for privacy.
Rather than share wallet addresses, Wasabi mixes coins on all wallet users. The mix is done between each wallet and uses a multisig script. A multisig eliminates the need to trust the other party.
The idea of Wasabi is that you may want to combine transactions. And using a Wasabi, there is no need to share private information, but the transaction can still be made together.
So, when a joint payment is made the input and outputs are not shared. Rather they are combined so they arrive as one Bitcoin transaction. By using this mix the exact direction of money movement remains unknown to third parties.
Wasabi’s Dojo Belt System
Wasabi has also applied a proprietary “dojo belt system.” Essentially this system allows users to vouch for one another.
The belts are listed from most junior to most senior: White, Blue, Yellow, Green, Brown, Black
Only those with higher levels of blets can promote others, and you can only promote those who are two belts below you. For example, a Blue belt can promote any user to be a White belt.
The system is devised so that you only promote those who are deserving. Promotions occur via “Pull Requests.”
How the Wasabi Wallet Protect Transactions and Addresses
- Each user’s wasabi wallet is connected to the other wasabi wallets using Tor. Connecting to other wallets makes it harder to track IP addresses.
- Once the user is ready, they can add their coins to the “queue.” This signals the other wallets that are ready to join.
- Once the 50 wallets (the current minimum) have joined the public queue, an unsigned Bitcoin transaction is created.
- Before signing off, all users must check that their inputs and outputs are valid. Only after the validity is checked does the signing begin. At that point, all users must sign off on the multisig transaction. After all required signatures are collected the transaction gets broadcasted to the network.
- This process is secure for each user because before they must submit their input and output addresses before they sign off.
Security issues with CoinJoin
To CoinJoin, users need to negotiate the terms of the transactions they wish to join. Early services were centralized servers. These centralized servers required users to trust the service operator with their coins, as the transaction was sent to the third-party first. The problem users face is the risk of theft while the service coordinates the joint transaction.
With centralized services, there is always the risk that privacy is compromised, as private information is stored by the service.
More recent projects that are decentralized CoinJoins, such as JoinMarket, aim to circumvent the problems related to centralization.
In the past, there was a security issue with the SharedCoin service. Security consultant Kristov Atlas, suggests that SharedCoin should be used merely as a light protective measure for financial privacy. Atlas created a tool he called ‘CoinJoin Sudoku.’ This is a program that can detect relationships between certain payments.
Using Wasabi’s wallets reduce the chance of a Sybil attack, according to Aviv Milner. This is because there is a fee to run coins through the mixer. So, if someone Sybiled the wallet, they would actually end up funding the wallet, thereby making it more usable.
Benefits of CoinJoin
- Security is increased because with a CoinJoin tracking the IP addresses or blacklisting address/transactions is increasingly difficult.
- Increased forensics of Bitcoin transactions threatens not only privacy but also the fungibility of the asset.
- CoinJoin is built into the design of the script, so it does not require extra engineering.
- It uses the basic method of a mulitsig but offers more flexibility.
- Because the collected transactions in a CoinJoin are signed only after the script is deemed valid, there is no risk of losing your coins to other users, and you can save on transaction fees.