Bitcoin Privacy & Address reuse - page 2.

m2017

legendary

Activity: 1792

Merit: 1296

Crypto Casino and Sportsbook

Quote from: Charles-Tim on July 10, 2023, 11:56:30 AM

To have privacy, first mix the coin you sent from Binance using a mixer or coinjoin before sending it to your full client wallet address. Mixing it will make it easy for you.

Or you can first convert it to a privacy coin like monero on a decentralized exchange and then convert it back to bitcoin.

Do not reuse address.

If convert to private coins, like XMR on centralized exchanges, like Binance? Don't be quick to criticize. It is important for us to break the chain of connections, right. Withdraw this XMR from the exchange to a desktop wallet1, create another wallet2. From wallet1 send to wallet2. At this stage, the coins disappeared. Create a new account at the Binance (so that there is no connection with the old account) or any other centralized exchange (of course, without KYC and other verification). Send XMR here, exchange it to BTC and safely withdraw to your desktop wallet, like electrum.

I understand that this option has a lot of extra steps, but still, it can be applied. Is not it?

Quote from: apogio on July 10, 2023, 11:51:08 AM

Hello.

I have a multisig vault. In order to achieve the highest privacy:

1. I generate an address per incoming transaction.
2. My wallet (co-signers) has been created using airgapped devices.
3. I have imported my xpubs to my personal electrum server on my node.

But, I have sent some coins from addresses to which I had originally sent directly from Binance.

Have I lost all of my privacy because of this mistake?

Please feel free to let me know whether you think that I exaggerate. I am not a privacy maniac. I just want to know the best practices.e

The connection between those addresses can now be established, but will it be possible to associate those addresses with you? If you are not verified in the Binance through KYC, then I suppose this is not a cause for concern. Ideally, there would be no connection between addresses at all if you wish to maintain your privacy.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: Spinflight on July 14, 2023, 02:02:38 PM

-snip-

If you are happy to swap bitcoin in to another coin, then there is no reason not to use monero. You don't need to deposit your bitcoin in to some custodian's wallet, you don't need to deal with centralized tokens and IOUs, and you don't need to use things like wBTC which are not private at all and easily traced. Just swap to monero, move the monero around, and then use a different service to swap back in different amounts. Far easier and far better privacy than anything you can do with wBTC.

Spinflight

newbie

Activity: 13

Merit: 0

Quote from: apogio on July 12, 2023, 04:47:05 AM

Quote from: o_e_l_e_o on July 12, 2023, 03:35:16 AM

Quote from: Smartvirus on July 11, 2023, 03:14:42 PM

Having to send them in batches would in no particular order and possibly not all at once would help but, aren’t they still getting into the same address? I get the idea that the dots could still be connected some how from the sun up value though, it still gives that extra stress to deduce.

Well, the whole point would be to withdraw in batches of different amounts at different times to different addresses. And since OP says his watch only wallet is synced via his own personal Electrum server and bitcoin node, then there is no risk of a malicious Electrum server linking the addresses in his wallet together via his IP address querying all the addresses at once.

If he withdrew everything to the same address then doing so in batches provides no additional privacy over doing so in a single transaction - anyone can simply sum up all the withdrawals and then try to match input and outputs amounts.

To both @o_e_l_e_o and @Smartvirus.

In my opinion sending in batches is better.

In fact, I started getting familiar with Jam. I don't know if you have heard of it. It is an app that I run on my node through tor. It allows you to send BTC and do the whole mixing stuff. Seems good, have you checked it?

Quote from: BenCodie on July 12, 2023, 04:16:55 AM

Yes, spending coins from Binance and/or mixing them in with your other coins invalidates any privacy measures that you previously previously took. If any inputs aren't mixed together, maybe they are okay...~~though it also depends on your wallet and the level of logs that the node you are connected to is taking~~ edit - Credits to you for using your own electrum server and Bitcoin node! You should be fine for the inputs that you don't mix with your binance inputs.

It should be noted too that even if you didn't use Binance, the moment that you start spending yours coins, you will likely join the inputs if you aren't using coin/input control (as without this, inputs will join to make your transaction)...and if you aren't using a P2P marketplace for liquidating, coin privacy measures are likely redundant anyway.

From a security standpoint, you have a great setup. It would be extremely difficult for anyone to hack your wallet.

Hi! thanks.

Unfortunately half of my sats come from centralised exchanges.

Railgun could help here.

Bridge to Polygon through wBTC. Deposit into Railgun. Depending upon the amounts you are anonymising you may need to privately swap your wBTC for other coins which have better anonymity sets. Wait for other transactions to create the volume to mask your own. Withdraw into a fresh Polygon wallet, or several wallets if you swapped into other coins. Swap back into wBTC. Bridge back to a fresh wallet on bitcoin.

Therefore so long as you are careful about anonymity sets and timings there is nothing to link your new bitcoin wallet to your old one. The BTc to deposit to the wBTC bridge will likely not be the same you receive, track mints and burns if you need surety. Fees would be 0.5% for the first scenario and 1% for the latter. Though you could add further swaps from within Railgun depending upon your estimation of the privacy set required.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: apogio on July 12, 2023, 04:47:05 AM

In fact, I started getting familiar with Jam. I don't know if you have heard of it. It is an app that I run on my node through tor. It allows you to send BTC and do the whole mixing stuff. Seems good, have you checked it?

I am aware of it and have heard lots of good things, but I haven't used it myself so cannot vouch for it directly. It's effectively a GUI for JoinMarket though, which I do use frequently. Of all the coinjoin implementations, JoinMarket is the best, so it seems like a good choice for what you are looking for.

I'd be interested to hear your thoughts on Jam once you've used it a bit. It remains on my ever growing list of "interesting things to look at more than I have the time". Tongue

apogio

hero member

Activity: 560

Merit: 1060

Quote from: o_e_l_e_o on July 12, 2023, 03:35:16 AM

Quote from: Smartvirus on July 11, 2023, 03:14:42 PM

Having to send them in batches would in no particular order and possibly not all at once would help but, aren’t they still getting into the same address? I get the idea that the dots could still be connected some how from the sun up value though, it still gives that extra stress to deduce.

Well, the whole point would be to withdraw in batches of different amounts at different times to different addresses. And since OP says his watch only wallet is synced via his own personal Electrum server and bitcoin node, then there is no risk of a malicious Electrum server linking the addresses in his wallet together via his IP address querying all the addresses at once.

If he withdrew everything to the same address then doing so in batches provides no additional privacy over doing so in a single transaction - anyone can simply sum up all the withdrawals and then try to match input and outputs amounts.

To both @o_e_l_e_o and @Smartvirus.

In my opinion sending in batches is better.

In fact, I started getting familiar with Jam. I don't know if you have heard of it. It is an app that I run on my node through tor. It allows you to send BTC and do the whole mixing stuff. Seems good, have you checked it?

Quote from: BenCodie on July 12, 2023, 04:16:55 AM

Yes, spending coins from Binance and/or mixing them in with your other coins invalidates any privacy measures that you previously previously took. If any inputs aren't mixed together, maybe they are okay...~~though it also depends on your wallet and the level of logs that the node you are connected to is taking~~ edit - Credits to you for using your own electrum server and Bitcoin node! You should be fine for the inputs that you don't mix with your binance inputs.

It should be noted too that even if you didn't use Binance, the moment that you start spending yours coins, you will likely join the inputs if you aren't using coin/input control (as without this, inputs will join to make your transaction)...and if you aren't using a P2P marketplace for liquidating, coin privacy measures are likely redundant anyway.

From a security standpoint, you have a great setup. It would be extremely difficult for anyone to hack your wallet.

Hi! thanks.

Unfortunately half of my sats come from centralised exchanges.

BenCodie

legendary

Activity: 1666

Merit: 1037

Quote from: apogio on July 10, 2023, 11:51:08 AM

Hello.

I have a multisig vault. In order to achieve the highest privacy:

1. I generate an address per incoming transaction.
2. My wallet (co-signers) has been created using airgapped devices.
3. I have imported my xpubs to my personal electrum server on my node.

But, I have sent some coins from addresses to which I had originally sent directly from Binance.

Have I lost all of my privacy because of this mistake?

Please feel free to let me know whether you think that I exaggerate. I am not a privacy maniac. I just want to know the best practices.

Yes, spending coins from Binance and/or mixing them in with your other coins invalidates any privacy measures that you previously previously took. If any inputs aren't mixed together, maybe they are okay...~~though it also depends on your wallet and the level of logs that the node you are connected to is taking~~ edit - Credits to you for using your own electrum server and Bitcoin node! You should be fine for the inputs that you don't mix with your binance inputs.

It should be noted too that even if you didn't use Binance, the moment that you start spending yours coins, you will likely join the inputs if you aren't using coin/input control (as without this, inputs will join to make your transaction)...and if you aren't using a P2P marketplace for liquidating, coin privacy measures are likely redundant anyway.

From a security standpoint, you have a great setup. It would be extremely difficult for anyone to hack your wallet.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: Smartvirus on July 11, 2023, 03:14:42 PM

Having to send them in batches would in no particular order and possibly not all at once would help but, aren’t they still getting into the same address? I get the idea that the dots could still be connected some how from the sun up value though, it still gives that extra stress to deduce.

Well, the whole point would be to withdraw in batches of different amounts at different times to different addresses. And since OP says his watch only wallet is synced via his own personal Electrum server and bitcoin node, then there is no risk of a malicious Electrum server linking the addresses in his wallet together via his IP address querying all the addresses at once.

If he withdrew everything to the same address then doing so in batches provides no additional privacy over doing so in a single transaction - anyone can simply sum up all the withdrawals and then try to match input and outputs amounts.

Smartvirus

legendary

Activity: 1554

Merit: 1139

Quote from: Charles-Tim on July 10, 2023, 12:13:38 PM

Make use of coin control, send the coin to a mixer or coinjoin it. Freeze the address and do not use it anymore. But I will recommend you to create a new wallet.

That’s some of the advantages you get from having wallets, that allows you the leverage of naming them other than leaving it with default. You could essentially label a wallet and accord it a use and this use would serve better but, having to use it only once would add to your layer of security as, when looked at there won’t be traces of a strain within the wallet.

Quote from: o_e_l_e_o on July 11, 2023, 06:58:09 AM

Once you've done all that, you can start moving your 0.01 BTC outputs to your multi-sig wallet. I wouldn't combine all 9 in a single transaction to a single address, since anyone looking at your 9 inputs going in could also look for 9 inputs coming out and make the connection. Maybe consolidate 2 or 3 at a time to a new address each time.

Having to send them in batches would in no particular order and possibly not all at once would help but, aren’t they still getting into the same address? I get the idea that the dots could still be connected some how from the sun up value though, it still gives that extra stress to deduce.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: apogio on July 11, 2023, 04:33:17 AM

In your example if I send 0.1BTC to my mixing wallet, should I send 0.1BTC to my vault in one transaction or multiple smaller?

So let's say you deposit 0.1 BTC to Sparrow. You'll probably want to enroll that in the 0.01 BTC pool. So you'll end up creating 9 outputs of around 0.01005000 BTC, paying 50,000 sats in fees to the coordinator, and creating a toxic change output of around 0.009 BTC. Your 9 outputs will then pay for themselves to be coinjoined, and you'll end up with 9 coinjoined outputs of 0.01 BTC exactly. You will then need to leave these outputs alone for several weeks for them to benefit from free remixes.

Once you've done all that, you can start moving your 0.01 BTC outputs to your multi-sig wallet. I wouldn't combine all 9 in a single transaction to a single address, since anyone looking at your 9 inputs going in could also look for 9 inputs coming out and make the connection. Maybe consolidate 2 or 3 at a time to a new address each time.

NotATether

legendary

Activity: 1568

Merit: 6660

bitcoincleanup.com / bitmixlist.org

To highlight how the address privacy works:

Assuming you make all transactions with one address each, if you are transacting to exchanges and the link, those transactions can be tagged with your KYC info by blockchain analysis companies (who ask nicely for such data).

So that is one transaction "link" that is personally identifiable information.

When you use that address to pay somewhere else, that makes another "link" as in a correlation, in that the person who paid for the exchange and for the other service is the same person.

Your other transactions are made using disposable addresses so those transactions are still private. Also if you make more payments to the second service using different addresses, those will also be private, unless the second service is also a KYC service.

apogio

hero member

Activity: 560

Merit: 1060

Quote from: o_e_l_e_o on July 11, 2023, 04:22:07 AM

Quote from: apogio on July 11, 2023, 04:14:41 AM

-snip-

That will work, but a couple of points to be aware of.

If you choose to use Sparrow to Whirlpool, you will pay the Whirlpool entry fee, and some of your inputs will be segregated in to toxic change. You'll have to work out what to do with this change separately, since if you combine this change with any of your final outputs or address you will lose all your privacy.

Also, this method won't be quick. Putting 0.1 BTC in to Whirlpool (for example), coinjoining it once, and then withdrawing 0.1 BTC is still traceable. You will need to leave your coins in Sparrow for several weeks (assuming you are connected 24/7, if not then even longer than this) in order to get a good number of remixes in order to properly obfuscate things.

You will also need to make sure Sparrow is linked to your own full synced node and connecting to the Whirlpool coordinator over Tor.

I think this will work for me. Should I create smaller UTXOs to break the incoming amount into smaller?

In your example if I send 0.1BTC to my mixing wallet, should I send 0.1BTC to my vault in one transaction or multiple smaller?

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: apogio on July 11, 2023, 04:14:41 AM

-snip-

That will work, but a couple of points to be aware of.

If you choose to use Sparrow to Whirlpool, you will pay the Whirlpool entry fee, and some of your inputs will be segregated in to toxic change. You'll have to work out what to do with this change separately, since if you combine this change with any of your final outputs or address you will lose all your privacy.

Also, this method won't be quick. Putting 0.1 BTC in to Whirlpool (for example), coinjoining it once, and then withdrawing 0.1 BTC is still traceable. You will need to leave your coins in Sparrow for several weeks (assuming you are connected 24/7, if not then even longer than this) in order to get a good number of remixes in order to properly obfuscate things.

You will also need to make sure Sparrow is linked to your own full synced node and connecting to the Whirlpool coordinator over Tor.

apogio

hero member

Activity: 560

Merit: 1060

Quote from: o_e_l_e_o on July 11, 2023, 03:52:43 AM

As others have said, if you want to break the link between your KYCed coins from Binance and the coins in your multi-sig, then you should empty your current multi-sig, mix the coins with Whirlwind or coinjoin them with Whirlpool or JoinMarket, and then return them to a fresh multi-sig wallet. It's better to do this over a couple of transactions and addresses and not consolidate everything in to a single UTXO to make it harder for any blockchain analysis firm which is tracking the total amounts.

This will give you coins which are no longer linked to your KYC data from Binance, but of course Binance will still have a record of you purchasing and withdrawing x amount of bitcoin. If you want to go for full privacy, then you would need to return the coins you have bought to Binance, sell them for fiat, withdraw that fiat, close your Binance account, and then buy fresh bitcoin using a non-KYC method such as Bisq.

Actually I am buying BTC using RELAI at the moment which is non-KYC, but half of my stack is from Binance.

So, let me clarify the process once more, because I will do it any time soon.

1. I will send my coins to a fresh wallet that I have created in Sparrow.
2. Sparrow gives you the ability to mix UTXOs.
3. I will create a brand new multisig vault (fully airgapped).
4. I will send my coins to my new vault.

Is this ok?

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

As others have said, if you want to break the link between your KYCed coins from Binance and the coins in your multi-sig, then you should empty your current multi-sig, mix the coins or coinjoin them with Whirlpool or JoinMarket, and then return them to a fresh multi-sig wallet. It's better to do this over a couple of transactions and addresses and not consolidate everything in to a single UTXO to make it harder for any blockchain analysis firm which is tracking the total amounts.

This will give you coins which are no longer linked to your KYC data from Binance, but of course Binance will still have a record of you purchasing and withdrawing x amount of bitcoin. If you want to go for full privacy, then you would need to return the coins you have bought to Binance, sell them for fiat, withdraw that fiat, close your Binance account, and then buy fresh bitcoin using a non-KYC method such as Bisq.

witcher_sense

legendary

Activity: 2450

Merit: 4415

🔐BitcoinMessage.Tools🔑

Quote from: apogio on July 10, 2023, 01:11:24 PM

Yes I have completed KYC. I am curious to see whether I can use the mixer to mix my UTXOs and send them to the same vault.

Keep in mind that what you do before sending to mixing services and what you do after the mixing was completed are equally important for preserving your privacy because any false move or mistake may compromise your identity or the safety of your funds. Let's call these "pre-mix and post-mix etiquette": pre-mix implies preparing your UTXOs for mixing with coin control and other techniques to prevent unnecessary merging of anonymous coins and coins connected to your real identity. On the other hand, post-mix implies the absence of interaction with any centralized services that may peer into the history of your transactions and freeze your account for suspicion of money laundering or other criminal activity.

apogio

hero member

Activity: 560

Merit: 1060

Quote from: un_rank on July 10, 2023, 01:40:57 PM

That does not repair the privacy issue you are trying to fix, also privacy cannot be "fixed" in the direct sense.

The proof of transactions from your binance address to you current address will always be on the blockchain and anyone with basic analytic skills can link the dots.
What you can do is to create a different set of addresses and send (coinjoin or mix) all the coins into these new sets. This will break the link between your current set of addresses and the new one.

- Jay -

Thanks Jay. Even if the word "fix" isn't the proper one to use, I believe what you said WILL fix my privacy issues.

Quote from: satscraper on July 10, 2023, 01:30:14 PM

Mixer is capable of sending funds back to any address you choose but it's not recommended to reuse the same vault. Create a new vault instead of using existing one repeatedly.

I have shared my personal experience of using Mixy service. Perhaps my post will be helpful to you.

I am checking it right now. Thanks.

Quote from: Z-tight on July 10, 2023, 01:14:27 PM

Nevertheless if you are sending from your multi-sig set up wallet to another different address that you own, you should first send the funds to Whirlwind mixer and from the mixer to the address, or you use CoinJoin.

That's exactly what I meant. Thanks

Unfortunately I don't have any merit to send you guys, but I thank you all!!!!

un_rank

hero member

Activity: 644

Merit: 661

- Jay -

Quote from: apogio on July 10, 2023, 01:11:24 PM

That's great, thanks! Yes I have completed KYC. I am curious to see whether I can use the mixer to mix my UTXOs and send them to the same vault.

That does not repair the privacy issue you are trying to fix, also privacy cannot be "fixed" in the direct sense.

The proof of transactions from your binance address to you current address will always be on the blockchain and anyone with basic analytic skills can link the dots.
What you can do is to create a different set of addresses and send (coinjoin or mix) all the coins into these new sets. This will break the link between your current set of addresses and the new one.

- Jay -

satscraper

hero member

Activity: 714

Merit: 1298

Quote from: apogio on July 10, 2023, 01:11:24 PM

Quote from: satscraper on July 10, 2023, 12:56:33 PM

It seems like you have completed KYC procedure on Binance which implies that the address to which you have sent from this exchange is linked to your identity. Consequently, any transactions from this address will also be linked to you.

If I where in your position I would use mixer and shuffle the associated UTXOs.

I recommend that you read the following guide ( divided into four sections ^[1] ^, ^[2]^,^[3] ^and^[4].) to gain a deeper understanding on how you can maintain privacy when making your transactions.

:::::::::::::::::::::::::: :::::::::::::::::::::::::::: ::::::::::::::::::::::::::::::

[1]. Understanding Bitcoin Privacy with OXT — Part 1/4
[2]. Understanding Bitcoin Privacy with OXT — Part 2/4
[3]. Understanding Bitcoin Privacy with OXT — Part 3/4
[4]. Understanding Bitcoin Privacy with OXT — Part 4/4

That's great, thanks! Yes I have completed KYC. I am curious to see whether I can use the mixer to mix my UTXOs and send them to the same vault.

Mixer is capable of sending funds back to any address you choose but it's not recommended to reuse the same vault. Create a new vault instead of using existing one repeatedly.

I have shared my personal experience of using Mixy service. Perhaps my post will be helpful to you.

Z-tight

hero member

Activity: 994

Merit: 1089

Quote from: apogio on July 10, 2023, 12:29:28 PM

That's great, but doesn't it apply only to new "coins"? I mean can I do the same with the "coins" that I already own?

Do you mean the coins that are already in your multi-sig set up where you maintain your privacy? If that is it, then you said you do not reuse addresses, so if you want to spend from a particular address you should use coin control to make sure there is no link between the sending address and your other addresses. Nevertheless if you are sending from your multi-sig set up wallet to another different address that you own, you should first send the funds to Whirlwind mixer and from the mixer to the address, or you use CoinJoin.

apogio

hero member

Activity: 560

Merit: 1060

Quote from: satscraper on July 10, 2023, 12:56:33 PM

It seems like you have completed KYC procedure on Binance which implies that the address to which you have sent from this exchange is linked to your identity. Consequently, any transactions from this address will also be linked to you.

If I where in your position I would use mixer and shuffle the associated UTXOs.

I recommend that you read the following guide ( divided into four sections ^[1] ^, ^[2]^,^[3] ^and^[4].) to gain a deeper understanding on how you can maintain privacy when making your transactions.

:::::::::::::::::::::::::: :::::::::::::::::::::::::::: ::::::::::::::::::::::::::::::

[1]. Understanding Bitcoin Privacy with OXT — Part 1/4
[2]. Understanding Bitcoin Privacy with OXT — Part 2/4
[3]. Understanding Bitcoin Privacy with OXT — Part 3/4
[4]. Understanding Bitcoin Privacy with OXT — Part 4/4

That's great, thanks! Yes I have completed KYC. I am curious to see whether I can use the mixer to mix my UTXOs and send them to the same vault.

Topic: Bitcoin Privacy & Address reuse - page 2. (Read 553 times)