Blockstream Testing Engineer Jonas Nick recently gave a presentation on Bitcoin privacy at Blockchain Meetup Zurich. After first providing an overview of the in-depth, technical realities of privacy in Bitcoin, Nick shared a list of seven tips users can follow in order to protect their own activities on the blockchain from various onlookers.
Keep Your Wallet Up to Date
The first privacy tip noted by Jonas Nick during his presentation was for users to keep their wallet software up to date. He stated, “Many of the wallets [in use] are really, really old, and they have worse privacy properties.”
Users are only able to take advantage of new improvements in Bitcoin privacy if they download those updates as they become available.
Avoid Wallets with Bloom Filtering
Bloom filtering is a method used by SPV wallets to lower bandwidth requirements. This is achieved by only downloading transactions that are relevant to the user’s wallet (although the precision of transactions chosen is adjustable).
During his talk, Jonas Nick discussed a research project in which he and his peers were able to extract addresses from bloom filters. This attack is still possible today because fixing the bandwidth and privacy issues involved with the attack would not be a simple task. Nick added, “If you’re privacy conscious, unfortunately, you should not use wallets with bloom filtering.”
In a message to CoinJournal, Nick also pointed out one of the most important points of the research project, which was also his master’s thesis. He explained:
“The simplest strategy that uses the blockchain to link transactions works quite well already. If you have five addresses and I know one of them, I can find, on average, one additional address that you own. If you have ten addresses, two additional addresses can be uncovered by analyzing the transaction graph.”
Don’t Reuse Addresses
Address reuse is one of the most well-known privacy-related mistakes that should be avoided on the Bitcoin network. By reusing the same Bitcoin address, it becomes trivial for anyone who knows about your Bitcoin address to track all of your transactions. A new Bitcoin address should be used for each payment.
Other Parties Play a Role
In addition to thinking about one’s own privacy, users must also make sure their colleagues on the network are taking care of everything on their end. Nick noted, “If the other party reuses addresses, then it is easily distinguished, with the shadow heuristic, which one is the change address and which one is the destination address.”
The shadow heuristic Nick referred to is a method of identifying change addresses. If you send some bitcoin to another person on the Bitcoin network (and you are not spending an entire output value), then you’ll need to receive the change from the output to a new change address. If you’re sending a payment to an address that has already been active on the network, then it becomes obvious that the change address in the transaction is the newly created address.
Separate Your Funds with Accounts
Jonas Nick also believes in the practice of maintaining multiple accounts in a wallet for different purposes. In Dark Wallet, these different accounts are known as “pockets”. The idea is that maintaining separate accounts in a single wallet will help the user avoid mixing the histories of transactions that are unrelated to each other.
The Open Bitcoin Privacy Project
The Open Bitcoin Privacy Project (OBPP) was mentioned by Jonas Nick as a potentially valuable resource for newcomers to Bitcoin privacy. He stated, “I don’t agree, mostly, with their conclusions, but they list a lot of criteria on how to evaluate wallets, so I still think it is valuable.”
Although the OBPP found Ledger to have the most private wallet on the market, Nick sees Bitcoin Core as a better option. When asked for his thoughts on the best bitcoin wallet for privacy-minded users, Nick responded, “Bitcoin Core with Tor, maybe. But you still have to generate a new address every time you use it.”
“This is actually not that good because you can easily see [what is happening] on the blockchain — using just some values (there was an outflow of bitcoin and then you see the same inflow again with a similar value). I don’t think that this strategy really helps.”
Nick added that these privacy-focused altcoins would be more useful if they had their own economies. Specifically, he mentioned Monero and Zcash as bitcoin alternatives with interesting privacy features.
Obviously, it is still rather difficult to remain private while using Bitcoin. In the future, new privacy-enhancing features, such as Confidential Transactions, may help users protect their finances from surveillance more easily.