Author

Topic: [2020-05-13] An old privacy trick could solve Bitcoin’s privacy problem (Read 764 times)

legendary
Activity: 3122
Merit: 1492
@Carlton Banks. The developers should implement it perfectly and there should be no excuses. It would be life or death for people in some countries to be using a privacy technology that can really be traced by the government.



Announced via a HRF blog post, the foundation is spearheading the initiative “to support software developers who are making the Bitcoin network more private, decentralized, and resilient so that it can better serve as a financial tool for human rights activists, civil society organizations, and journalists around the world.”

Source https://decrypt.co/31899/human-rights-foundation-activists-worldwide-bitcoin
legendary
Activity: 3430
Merit: 3080
would blockchain analytics firms know what utxo came from a coinswap?

in principle, no.

But it depends on:

1. How privately the Coinswap is negotiated

If Coinswap is to work as a public marketplace, the marketplace app must be able to secure the information about the specific UTXOs being swapped, otherwise there is no privacy gain. Belcher's model appears to handle this problem firstly by making the Coinswap marketplaces and makers use Tor hidden services, and secondly by open sourcing the server software such that anyone can run a Coinswap marketplace server.


2. Sybil resistance

Your immediate partner in any given Coinswap inevitably does know which UTXO was yours, and so any adversary may use this to collect some portion of the information about coinswapped UTXO's by participating in the Coinswap marketplace themselves (i.e. acting as a Sybil in the CS network). Belcher's model has a remediation for this issue too: firstly, routing Coinswaps through multiple participants, so that no one Coinswapper knows whether they are the first in a sequence of swaps, or the last. And then secondly, to avoid adversary-market-makers saturating the marketplace, market makers can purchase BTC denominated fidelity bonds as assurance. The bonds are simply "large" amounts of BTC timelocked for a "long" time, along with signed proof that the market-maker has the spending keys for the timelocked funds. Users decide how long a "long" time and how much BTC constitutes "large" in order to be sufficiently convincing. The marketplace board's Makers must provide some minimum bond amount in order to make their offers available on the marketplace (which you would think will be a configurable minimum, given that anyone can run a Coinswap marketplace server)


Assuming the above 2 points are well implemented in a Coinswap protocol, then this would be a huge privacy win for Bitcoin. A very small amount of Bitcoin users might be performing Coinswaps, but it would be very very difficult to ever detect which ones (and to do so might involve spending more money than makes economic sense, honest providers can price the analysis firms out of the market using high valued fidelity bonds)
legendary
Activity: 3122
Merit: 1492
@Carlton Banks. However, would blockchain analytics firms know what utxo came from a coinswap? That might be a weak point because some exchanges can freeze accounts of users that deposited coins that did a coinswap.
full member
Activity: 670
Merit: 120
TIME TO BAN THE YOBIT SCAM!!
With the Coinbase f*ckers giving (selling) all their transaction data to the IRS, DEA & god knows who else, this is needed now more than ever before - great stuff!
legendary
Activity: 3430
Merit: 3080
Cryptocoin anonymity and privacy will only be as good as how large its anonymity and privacy set is.

that's not true for this particular method (nor is it for the privacy gains when using payjoin)


Coinswap breaks a fundamental assumption that blockchain analysis employs. When people can swap their BTC with each other off-chain, it's impossible to trace the ownership of coins simply by following patterns in the on-chain transactions, as there's no way to know if those coins were recently swapped with someone else's. This possibility has in fact always existed, but should an actual marketplace app for Coinswaps become available, it effectively gives everyone the same privacy improvements (as it's impossible to know how much BTC is having it's ownership swapped)

this is great for Bitcoin, as it gets us back the privacy that most people assume that Bitcoin has, and without adding any new features to Bitcoin node software. Coinswap worked in 2013 (when it was proposed), and it works the same way today. It's so simple that it could've even worked in Bitcoin version 0.1 in January 2009 as a clunky manual operation (and I'm pretty sure that at least some people probably did swap BTC even before Coinswap was conceived)
legendary
Activity: 2310
Merit: 1422
CoinSwap, an old privacy trick created by Greg Maxwell, is back with a new design that could solve Bitcoin’s privacy problem for good.
An old Bitcoin privacy protocol has found new relevance with a new design implementation by Chris Belcher.

a small correction to the text here: an updated design for a coinswap-like protocol is being scrutinized amongst Bitcoin developers, but there is no published implementation as of yet.




really gotta commend Chris Belcher, AdamISZ and ZmnSCPxj for their work on this new update. I must confess that I couldn't see the potential for developing a protocol around the coinswap process when I read the original Coinswap thread post by gmaxwell, it seemed more obvious that coinjoin would be developed into an actual working privacy solution. Looking at the spec and at the conversation on the bitcoin-dev mailing list, it seems that coinswap could be a big improvement over coinjoin for large sums of BTC, but that lightning payment channels can function in a similar way using fewer on-chain transactions (but only for smaller sums of BTC).

You can follow the thread on the Bitcoin-dev mailing list archive

You are always spot on Carlton. Thank you very much, I will further look into it
legendary
Activity: 3122
Merit: 1492
I like the enthusiasm, but we also need to add a touch of realism.  To say it "could solve Bitcoin’s privacy problem" is a tad oversimplified.  It solves one aspect, but there are plenty of other privacy issues to consider as well.  This Bitcoin Wiki page has enough material on the matter to keep people busy for a while.

Agreed. Cryptocoin anonymity and privacy will only be as good as how large its anonymity and privacy set is. Similar to an anonymity coin as zcash, its privacy score is bad because of its very small set of shielded transactions which should begin on the exchanges, I reckon.
legendary
Activity: 3430
Merit: 3080
CoinSwap, an old privacy trick created by Greg Maxwell, is back with a new design that could solve Bitcoin’s privacy problem for good.
An old Bitcoin privacy protocol has found new relevance with a new design implementation by Chris Belcher.

a small correction to the text here: an updated design for a coinswap-like protocol is being scrutinized amongst Bitcoin developers, but there is no published implementation as of yet.




really gotta commend Chris Belcher, AdamISZ and ZmnSCPxj for their work on this new update. I must confess that I couldn't see the potential for developing a protocol around the coinswap process when I read the original Coinswap thread post by gmaxwell, it seemed more obvious that coinjoin would be developed into an actual working privacy solution. Looking at the spec and at the conversation on the bitcoin-dev mailing list, it seems that coinswap could be a big improvement over coinjoin for large sums of BTC, but that lightning payment channels can function in a similar way using fewer on-chain transactions (but only for smaller sums of BTC).

You can follow the thread on the Bitcoin-dev mailing list archive
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
My point was rather that if given a choice between staying true to bitcoin but creating "enemies", or compromising on not allowing third parties to take control of our money in exchange for less opposition from governments, than I'm sticking with the first.

I don't see it a way to "betray" Bitcoin, nor weakening it.

I know I am an outlier when it comes to the bell curve of "concerned about your privacy". I know most users are happy to complete KYC for the convenience of using a centralized exchange, whereas I am not. I know most users accept that these exchange make rules as to where their deposits can come from and where they can withdraw to, whereas I see such behavior as antithetical to bitcoin itself. My concern that is if we go too far down route number two and compromise what bitcoin is, it will be impossible to turn back and undo the changes. Bitcoin may end up popular, but it also ends up no better than fiat.

I think I am neither too strict, neither too lax in the privacy matters. And I see now, here is where the difference of opinion comes from.

I'd much prefer bitcoin's popularity to come from more people realizing the benefits it brings, rather than compromising on those benefits for an "easy ride", so to speak.

Touché. Here you are right. (iou +1 sM) (edit: handled)

The thing is Bitcoin has become too big and way too many big papas are getting onboard. People, companies and institutions which are now in crypto like convenience, they see bitcoin just as an alternative asset class to have in their over complex portfolios.

Maybe indeed Bitcoin is way bigger than I was thinking (still much smaller than deserved) and I was worrying for nothing.
legendary
Activity: 2310
Merit: 1422
Somehow people seem to understand that I am against anonymity in Bitcoin. I'm not.
Don't get me wrong - I understand that. My point was rather that if given a choice between staying true to bitcoin but creating "enemies", or compromising on not allowing third parties to take control of our money in exchange for less opposition from governments, than I'm sticking with the first.

I know I am an outlier when it comes to the bell curve of "concerned about your privacy". I know most users are happy to complete KYC for the convenience of using a centralized exchange, whereas I am not. I know most users accept that these exchange make rules as to where their deposits can come from and where they can withdraw to, whereas I see such behavior as antithetical to bitcoin itself. My concern that is if we go too far down route number two and compromise what bitcoin is, it will be impossible to turn back and undo the changes. Bitcoin may end up popular, but it also ends up no better than fiat.

I'd much prefer bitcoin's popularity to come from more people realizing the benefits it brings, rather than compromising on those benefits for an "easy ride", so to speak.
The thing is Bitcoin has become too big and way too many big papas are getting onboard. People, companies and institutions which are now in crypto like convenience, they see bitcoin just as an alternative asset class to have in their over complex portfolios.
I wonder how many of them have ever made a simple Alice-Bob transaction. I guess less than 5%
So my point is that with growing popularity comes all of that we don't quite like from the outside but I guess it's inevitable.  Roll Eyes
legendary
Activity: 2268
Merit: 18711
Somehow people seem to understand that I am against anonymity in Bitcoin. I'm not.
Don't get me wrong - I understand that. My point was rather that if given a choice between staying true to bitcoin but creating "enemies", or compromising on not allowing third parties to take control of our money in exchange for less opposition from governments, than I'm sticking with the first.

I know I am an outlier when it comes to the bell curve of "concerned about your privacy". I know most users are happy to complete KYC for the convenience of using a centralized exchange, whereas I am not. I know most users accept that these exchange make rules as to where their deposits can come from and where they can withdraw to, whereas I see such behavior as antithetical to bitcoin itself. My concern that is if we go too far down route number two and compromise what bitcoin is, it will be impossible to turn back and undo the changes. Bitcoin may end up popular, but it also ends up no better than fiat.

I'd much prefer bitcoin's popularity to come from more people realizing the benefits it brings, rather than compromising on those benefits for an "easy ride", so to speak.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
I'm not sure if the anonymity is wanted anymore. There are exchanges that were delisting anonymous coins because of government rules, so more anonymity could make more enemies also to Bitcoin, which is not a great step forward now.
Speak for yourself. After the government has successfully removed your privacy, the next thing is for them to exert control. This has already begun with some exchanges refusing to allow deposits/withdrawals to gambling sites, among others, for example. If I wanted a government to be able to monitor every transaction I make and decided whether or not I'm allowed to make them, then I could just use fiat.

Somehow people seem to understand that I am against anonymity in Bitcoin. I'm not.
But I have a feeling that the anonymity features seem to be somewhat delayed and put away.
I guess that the "idea" to not make more enemies for Bitcoin was unfortunate. Somehow people seem to forget that there are still mixers around.

Keeping your data private is difficult enough as it is. Reclaiming your privacy once you've given it up is nigh on impossible. The same is true of bitcoin. If we give up on all methods of maintaining or enhancing your privacy, if we allow governments to stick their noses where they don't belong, then that will become the norm, and reversing it at a later date will be impossible. No government is going to willingly give up knowledge or control.

True. And that's why mixers are great to have.
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
How exactly could deployment of this protocol be done? People would need to set up a lot of Coinswap addresses for this to work on a large scale. There's also the question who exactly would create these addresses, or whether wallet software will silently create these addresses when someone creates their usual wallet, similar to the idea of Tor nodes. I'm saying that average bitcoin users need to have Coinswap addresses ready and publicly known so that other people can transact with them.

In my opinion, the Fidelity bonds section needs to be made more clear. The proposal doesn't state how long the coins will be time-locked for.
legendary
Activity: 2268
Merit: 18711
I'm not sure if the anonymity is wanted anymore. There are exchanges that were delisting anonymous coins because of government rules, so more anonymity could make more enemies also to Bitcoin, which is not a great step forward now.
Speak for yourself. After the government has successfully removed your privacy, the next thing is for them to exert control. This has already begun with some exchanges refusing to allow deposits/withdrawals to gambling sites, among others, for example. If I wanted a government to be able to monitor every transaction I make and decided whether or not I'm allowed to make them, then I could just use fiat.

Maybe at the point Bitcoin adoption is world wide and Bitcoin is "too big to fall" (I wanted so much to add this), then these ideas will get out of the shelves and get a real (real-real) thought and also implemented into the real thing.
Keeping your data private is difficult enough as it is. Reclaiming your privacy once you've given it up is nigh on impossible. The same is true of bitcoin. If we give up on all methods of maintaining or enhancing your privacy, if we allow governments to stick their noses where they don't belong, then that will become the norm, and reversing it at a later date will be impossible. No government is going to willingly give up knowledge or control.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
I'm not sure if the anonymity is wanted anymore. There are exchanges that were delisting anonymous coins because of government rules, so more anonymity could make more enemies also to Bitcoin, which is not a great step forward now.

Some government also don't like the fact that Bitcoin allows user have full control over their money, should we remove that as well?

Maybe at the point Bitcoin adoption is world wide and Bitcoin is "too big to fall" (I wanted so much to add this), then these ideas will get out of the shelves and get a real (real-real) thought and also implemented into the real thing.

This idea can be implemented anytime though, since there's no soft or hard fork required.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
I'm not sure if the anonymity is wanted anymore. There are exchanges that were delisting anonymous coins because of government rules, so more anonymity could make more enemies also to Bitcoin, which is not a great step forward now.
Maybe at the point Bitcoin adoption is world wide and Bitcoin is "too big to fall" (I wanted so much to add this), then these ideas will get out of the shelves and get a real (real-real) thought and also implemented into the real thing.
sr. member
Activity: 987
Merit: 289
Blue0x.com
     Man I hope this truly does work for good. A huge number of people will be itching to try this thing that Greg Maxwell came up with. Since most of the people here do not want just any eyes looking at every transaction they ever make. Although it would be quite hard to achieve true anonymity nowadays, I am rooting for this guy. I really hope he accomplishes this because I for one, really am anticipating for this kind of privacy or any service that can do this kind of job.
legendary
Activity: 2310
Merit: 1422
I like the enthusiasm, but we also need to add a touch of realism.  To say it "could solve Bitcoin’s privacy problem" is a tad oversimplified.  It solves one aspect, but there are plenty of other privacy issues to consider as well.  This Bitcoin Wiki page has enough material on the matter to keep people busy for a while.
You put it right, you know how journalists try to click-bait. Nonetheless the more privacy services we have at our disposal the better.  Cool
legendary
Activity: 3948
Merit: 3191
Leave no FUD unchallenged
I like the enthusiasm, but we also need to add a touch of realism.  To say it "could solve Bitcoin’s privacy problem" is a tad oversimplified.  It solves one aspect, but there are plenty of other privacy issues to consider as well.  This Bitcoin Wiki page has enough material on the matter to keep people busy for a while.
hero member
Activity: 2660
Merit: 551
This is Greg's initial thread about the project, CoinSwap: Transaction graph disjoint trustless trading, good read specially for beginners and newbies.
legendary
Activity: 2310
Merit: 1422
CoinSwap, an old privacy trick created by Greg Maxwell, is back with a new design that could solve Bitcoin’s privacy problem for good.
An old Bitcoin privacy protocol has found new relevance with a new design implementation by Chris Belcher.
CoinSwap allows two or more parties to “swap” coins between each other without publishing the real recipient’s address to the blockchain.
If it works out in practice as in theory, this could make Bitcoin much more fungible and private—but, as always, there are a few catches.
ABitcoin developer just resurrected a dormant privacy protocol that could be the silver bullet for Bitcoin’s anonymity issue. And it can be put into action without changing Bitcoin’s source code.

Read more here https://decrypt.co/30756/bitcoin-privacy-coinswap-chris-belcher
Jump to: