Topic: Anonymity - page 4. (Read 68752 times)

The full transaction history of every transaction everybody makes is available. (If that is what you were questioning.)
What do you think is in the block chain?
The Anonymity comes from not knowing who 'owns' a particular Bitcoin Address.

When I say that someone doesn't know who you are, I mean that you're talking to them through Tor with a disposable identity and not giving them any information about yourself. They have to defeat Tor in order to identify you.

An incredibly powerful attacker might be able to group addresses that ordinarily couldn't be grouped, but they don't gain anything from this when all of your addresses were used safely. Even if an attacker can find every address in your wallet and they can talk to all of the people you transacted with using those addresses, they can't identify you because you were talking to all of these people through Tor.

This is an unusual case. I doubt ichi is actually doing this. Most people will need to acquire Bitcoins non-anonymously, put them into a separate balance, mix them (as I've described in this thread), and then send them to people who they deal with through Tor.

@EconomyBuilder

No offense, and are you sure about that?  Even from a nontechnical perspective, having a fully-public transaction history is troubling, to say the least.

Although every $20 bill that I've used has my DNA on it (except perhaps for the ones I've digested with hog pancreatic DNase) and every $20 bill has cocaine on it, there's arguably no persuasive evidence that I'm using cocaine.  Right?  Couldn't Bitcoins be randomized just as $20 bills are?  For example, could something like this scheme provide anonymity?

(1) How am I supposed to know who "knows" me and who doesn't?   Strangers to me often have all sorts of information about me in their databases, even if I have never heard of them before.

(2) A sufficiently unique and detailed set of transactions can be sufficient to uniquely identify you, like a fingerprint.

Any anonymity in this system is very weak and won't withstand any vigorous investigation effort by competent technical investigators.  It bears no resemblance to the strong anonymity available with, for example, David Chaum's digital cash and various relatives of that blind-signature scheme.     It is in no sense secure in the same kind of way the hash chain or other cryptographic properties of the system are secure.   Of course the Chaumian ecash systems don't have the decentralized trust in terms of transaction clearing that this system has.   So there's you're tradeoff, better currency security but no strong anonymity.   It's probably reasonable to give up anonymity for better currency security if one has to make that tradeoff, but let's not throw around the description "anonymous" as if Bitcoin securely has that property, it does not.

Now somebody could develop a system to issue securely anonymous digital bank notes, and use bitcoins as the reserve currency for the issuing bank(s), thus achieving both strong anonymity and currency security greater than fiat or government-currency-backed anonymous cash.   One could audit the bank reserves by looking at its publicly signed bitcoin chains (taking advantage of the *lack* of anonymity in Bitcoin).   This strikes me as a pretty nice combination, but it would require some additional software and services currently lacking.

I suppose that I am in your pragmatic camp as well, as I do not really require the anonymity of bitcoins, yet I can also see the value to others (and therefore to myself).

I'm sort of the opposite.  I don't really need or depend upon the anonymity aspect of Bitcoins, but the fact that it is there is something that I don't mind and can serve a useful purpose from time to time.  There is value in Bitcoins for me even if anonymity were completely compromised, and would be fine with identity being merely difficult to trace rather than impossible.  I also know that isn't necessarily the attitude of everybody, and on the whole if there is something that can improve the identity security of users of this software, I'm completely supportive of the idea.

Put me mostly in the pragmatic camp here if it can be said.

Good.  Thank you.  I was never intending to do either.  I'm intending to use Bitcoin only where anonymity is one of the goals.

The history of your coins is your "street address". Anyone who knows any of your addresses can see all past and future transactions for coins gotten with that address, even if those coins are (or have been) transferred to different addresses.

You're safe if none of your addresses are used to receive coins from people who know who you are and you never send coins to people who know who you are.

Why would the addresses need to be fake?  It is a good way to inexpensively referrence a purchase online.  Say, for example, that you wish to order something from an automated commerce website that costs 205.53 bitcoins.  There is still six digits of the bitcoin that can be used to imprint an order number.  Say the order number is 633729, the total cost of the order would look like 205.53633729 bitcoin on the blockchain.  Granted, the commerce site could issue a new address for every order, but what if they had some reason not to do that.  What if each unique customer had an address assigned to them, but the ecommerce site desired to positively identify each of that person's orders from one another without requiring some kind of additional message parameters that bitcoin does not support, and even if it did, would provide TMI about the transaction.

Yes, you could do this with something on Craig's List too.  Some of it would depend upon the triggering mechanism and how light-weight you would need the software stack, and to make sure you aren't tipping off somebody looking for messages of that nature that just seem a little bit odd.  A coin transfer would be harder to spot as something a little bit off and I think you might be able to create a lightweight version of Bitcoins that could be smaller than an http scanner to act as a trigger.

Anyway, for those who are into terrorist activities, I'm sure you can come up with dozens of ways to accomplish that kind of mechanism.  Perhaps some day I'll set up something that will release my blueprints to the Area 51 facility that will be untraceable.

Determining my true identity would be nontrivial.  Even XeroBank doesn't know who owns the email address posted in my profile.  If y'all complained enough about me, they'd nuke the account, but they still wouldn't know who I am.  Indeed, I'd still be paying for the account, even though it no longer existed.  Google "VAULTS".  Of course, they may be lying about all that 

How would they find me?  What's the equivalent of my street address?  Is it just the network of clients that I've done transfers with?  What if none of them know who I am?  Am I missing something?

Not really any different from the classified ad.

That is an interesting application of Bitcoins that I hadn't thought of.  Sending 0.0000001 BTC to some "trigger" address to detonate some weapon or to trigger a bot/virus to send a simple (even "complex") message when the value is received.  I could think of several "covert" applications to something of that nature, and it would be difficult to trace the origin of that transmission too.

Other peer-to-peer networks could work along a similar approach, but the current organization of Bitcoins assures that everybody in the entire network is aware of the transaction in a relatively short period of time (usually just an hour or less) and even temporarily split off sections of the network will eventually get the message out.

I've heard about this being done in the financial industry where somebody will send out an ask/bid order for stocks or mutual funds that is far outside of normal trading boundaries as a means to transmit a message in some fashion (aka bidding $5 for Berkshire Hathaway Class "A" stock).  I'm sure other examples could be given but it is something that has already been discussed in other forums and even has fiction written about it.  Tom Clancy wrote about it in terms of a trigger event for a melt-down of Wall Street in one of his novels.

It is the persistence that nodes have for transmitting transactions to each other that would be beneficial here.  If anything, this is a consequence of becoming more anonymous in terms of the transactions.

Bitcoin is much harder to crash than your average web server. Bitcoin is harder to manipulate than your average decentralized message board.

It would be just terrible if people realized there was a way to post messages to the internet. 

From the "Anonymity" article on the wiki:

Also:


As long as it's not illegal to use Bitcoin, Bitcoin can satisfy that threat model. The current implementation does not, however.


I agree that the behavior should be changed. The change is not really a simplification, though: it's the use of hashes (addresses) that is a bit of a "hack". The thought was probably, "We know the public key, so let's avoid all of that hashing garbage."

Sending payments to fake addresses provides a way to broadcast short encoded and optionally encrypted unalterable messages to the world anonymously. Have security codes for the organization committing genocide, but scared you'll be killed if the publisher accidentally reveals your identity? Publish them with Bitcoin.

Actually, when you send coins to an address you can view the coins as sitting there waiting for the address "holder" to spend them even if the address doesn't exist. If that address is created in future then they can spend the coins.
If you send coins to an address for which the private key has been lost then the coins can be imagined to be in limbo waiting for either the private key to be recovered or for a new key with the same address to be generated.
(Not sure about the "new key with same address" bit. May depend on the details of the transaction).

ByteCoin

So, in theory, I could parse all the blocks, extract all the addresses and then make a tree of txins and txouts. With a little (a lot of?) effort, I could then try and split the txins from a txout into payment / change, effectively knowing which addresses belong to a single user. For those users that have a public address, this would be an unexpected disclosure.

I know the 'splitting the payment / change' is somewhat of a flawed argument, there is no way of being 100% sure all the time, but some rules might apply more often than not:
- Is there a txin for change = 0? This one is obviously from the sender
- On transactions of high value, chances are the highest part is the change (the 8999 lost coins thread being one such example)
- Future transactions from the change address will always carry the exact change amount + new txins, whereas the transfer receipient may very well already have a balance on the provided address.

I'm sure that all the statistical inclined fellow bitcoiners, being presented with a large enough annotated sample of the transactions to date could come up with a hihg accuracy model.

I can't think of a reason why you'd want to. I was just trying to illustrate that you didn't actually need to generate a private key to create an apparently valid Bitcoin address.

You don't need to have a client running to receive bitcoins.
Once you create an address, any coins sent to it will just sit there waiting for you to spend them.
Any transfer to a 'valid' address should be successful. It is VERY rare for a transaction to be reversed.
There are other threads that explain this in more detail.This is not really an Anonymity issue.