Consolidation of mixed outputs | Bitcointalksearch.org

n0nce

hero member

Activity: 882

Merit: 5834

not your keys, not your coins!

Quote from: PrimeNumber7 on June 04, 2022, 02:01:35 AM

Quote from: n0nce on May 29, 2022, 09:06:49 AM

Quote from: LoyceV on May 28, 2022, 02:20:40 AM

I'm not trying to hide transactions from government, they want to know far too much from me already. But I'm still careful selecting which inputs to link together.

Maybe a little off-topic, but this is another advantage of Bisq: probably every time you sell BTC for fiat, the money arrives in your bank account from a different sender.
Instead, if you use one or two centralized exchanges, it will always come from those two bank accounts. This way, someone could link your outputs.
1] You send unlinked UTXO A to Binance
2] You cash out the amount to your bank account
3] You send unlinked UTXO B to Binanche
4] You cash out the amount to your bank account

Even though they were unlinked, by sending them to the same exchange and subsequently the same bank account, they can be linked.
Through Bisq, you could even sell one UTXO for fiat received via bank transfer, another for fiat received via Skrill, and another via 'cash in person'.

Even if you receive deposits to different bank accounts or even different payment methods, it is possible for the government to get a consolidated view of all transactions you have received by getting information from various banks/payment services.

The above may not apply to those receiving cash in person, although engaging in this type of transaction is generally risky, and has a high risk of you getting scammed, so instead of losing your privacy, you may just lose your money.

What I mean is: when I sell through Bisq, I get money from a private person and there's no reference to cryptocurrency in the 'reference' field. So I don't know how they'll want to link the individual transfer to Bitcoin, not to speak of linking multiple trades with different trading partners.

Quote from: LoyceV on June 04, 2022, 08:02:47 AM

Quote from: o_e_l_e_o on June 04, 2022, 07:39:20 AM

Does this not mean you have zero privacy from the owners of said wallet, who would be able to link several your transactions together by the way of the change outputs being deposited to your account with them?

Correct. That's why I don't often do it, it's just one of many options I have. Or transfer funds to another LN wallet again.

Quote

Which wallets will accept small on chain deposits and credit you with the same amount on a Lightning channel without taking a significant proportion in fees?

BlueWallet doesn't charge anything to deposit, but takes 0.3 to 1% when making LN-payments. Each new LN wallet gives a new deposit addy.
Phoenix Wallet charges 3000 sats minimum when you deposit.
There are probably more LN wallets that can do this, but I don't know the rates for those by heart.

It's worth noting that both of these use instant exchanger APIs for this service; I know Breez uses https://boltz.exchange/, though it may be cheaper using this exchanger through the application, since they subsidize it a little. Subsidization may be restricted to just channel opening fees though; so I'm not sure about that.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: o_e_l_e_o on June 04, 2022, 07:39:20 AM

Does this not mean you have zero privacy from the owners of said wallet, who would be able to link several your transactions together by the way of the change outputs being deposited to your account with them?

Correct. That's why I don't often do it, it's just one of many options I have. Or transfer funds to another LN wallet again.

Quote

Which wallets will accept small on chain deposits and credit you with the same amount on a Lightning channel without taking a significant proportion in fees?

BlueWallet doesn't charge anything to deposit, but takes 0.3 to 1% when making LN-payments. Each new LN wallet gives a new deposit addy.
Phoenix Wallet charges 3000 sats minimum when you deposit.
There are probably more LN wallets that can do this, but I don't know the rates for those by heart.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: LoyceV on June 04, 2022, 07:29:51 AM

Or a custodial LN wallet.

Two further questions then:

Does this not mean you have zero privacy from the owners of said wallet, who would be able to link several your transactions together by the way of the change outputs being deposited to your account with them?
Which wallets will accept small on chain deposits and credit you with the same amount on a Lightning channel without taking a significant proportion in fees?

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: o_e_l_e_o on June 04, 2022, 07:23:24 AM

My question then is: What are you doing with your change? I mostly avoid change by not creating any - careful UTXO selection

Yes.

Quote

buying extra goods/services

Yes.

Quote

You say you are manually picking change destinations instead - where are you sending it that it you can still use it a non privacy breaking way? Some kind of instant exchange for Lightning?

Yes. Or a custodial LN wallet.

Topping up webhosting works too, this one is great to combine with batching payments (which also reduces transaction fees).
I noticed my post missed a word: I was talking about small change, not just any change.
None of these are perfect solutions, but it's much better than consolidating many small inputs at once.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: PrimeNumber7 on June 04, 2022, 02:01:35 AM

The above may not apply to those receiving cash in person, although engaging in this type of transaction is generally risky, and has a high risk of you getting scammed, so instead of losing your privacy, you may just lose your money.

If you take reasonable and sensible precautions (trading in well populated area during the day, not sharing unnecessary personal information, not carrying excess fiat or bitcoin, etc.) then trading bitcoin for cash is no riskier than trading anything else for cash, which happens millions (if not billions) of time every day all over the world.

Quote from: LoyceV on June 04, 2022, 03:13:26 AM

I'm now completely following the approach of avoiding change in my wallet. Manually picking a change destination makes each transaction only slightly more work.

My question then is: What are you doing with your change? I mostly avoid change by not creating any - careful UTXO selection, buying extra goods/services, leaving a tip, adding to fee, etc. You say you are manually picking change destinations instead - where are you sending it that you can still use it a non privacy breaking way? Some kind of instant exchange for Lightning?

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: PrimeNumber7 on June 04, 2022, 03:03:31 AM

If you argue that the government cannot monitor your financial transactions at scale, you might as well say that you have nothing to hide and take no steps to ensure your privacy.

Privacy goes further than just government. I'm not required to report transactions, we have no capital gains tax. I just report my annual tax overview, and no individual transactions.
So my privacy is limited by the things I'm required to report, and only for taxes (and banks). Other than that, I'm free to hide where I buy my coffee from the rest of the internet.

I'm now completely following the approach of avoiding small change in my wallet. Manually picking a change destination makes each transaction only slightly more work.

PrimeNumber7

copper member

Activity: 1652

Merit: 1901

Amazon Prime Member #7

Quote from: LoyceV on June 04, 2022, 02:31:41 AM

Quote from: PrimeNumber7 on June 04, 2022, 02:01:35 AM

it is possible for the government to get a consolidated view of all transactions you have received by getting information from various banks/payment services.

You're highly overestimating my government. Sure, they can do this when a team investigates a large crime, but not automated and not on a large scale. Just recently it was in the news their IT system can't handle reducing VAT on vegetables. I'm not even kidding Cheesy

And the information they have, they don't know what to do with. There's no way they're going to analyze dust transactions.

Sure, it is unlikely that western governments can successfully investigate on a large scale, however, the information is still available, long after the fact. If you argue that the government cannot monitor your financial transactions at scale, you might as well say that you have nothing to hide and take no steps to ensure your privacy.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: PrimeNumber7 on June 04, 2022, 02:01:35 AM

it is possible for the government to get a consolidated view of all transactions you have received by getting information from various banks/payment services.

You're highly overestimating my government. Sure, they can do this when a team investigates a large crime, but not automated and not on a large scale. Just recently it was in the news their IT system can't handle reducing VAT on vegetables. I'm not even kidding Cheesy

And the information they have, they don't know what to do with. There's no way they're going to analyze dust transactions.

PrimeNumber7

copper member

Activity: 1652

Merit: 1901

Amazon Prime Member #7

Quote from: n0nce on May 29, 2022, 09:06:49 AM

Quote from: LoyceV on May 28, 2022, 02:20:40 AM

I'm not trying to hide transactions from government, they want to know far too much from me already. But I'm still careful selecting which inputs to link together.

Maybe a little off-topic, but this is another advantage of Bisq: probably every time you sell BTC for fiat, the money arrives in your bank account from a different sender.
Instead, if you use one or two centralized exchanges, it will always come from those two bank accounts. This way, someone could link your outputs.
1] You send unlinked UTXO A to Binance
2] You cash out the amount to your bank account
3] You send unlinked UTXO B to Binanche
4] You cash out the amount to your bank account

Even though they were unlinked, by sending them to the same exchange and subsequently the same bank account, they can be linked.
Through Bisq, you could even sell one UTXO for fiat received via bank transfer, another for fiat received via Skrill, and another via 'cash in person'.

Even if you receive deposits to different bank accounts or even different payment methods, it is possible for the government to get a consolidated view of all transactions you have received by getting information from various banks/payment services.

The above may not apply to those receiving cash in person, although engaging in this type of transaction is generally risky, and has a high risk of you getting scammed, so instead of losing your privacy, you may just lose your money.

n0nce

hero member

Activity: 882

Merit: 5834

not your keys, not your coins!

Quote from: LoyceV on May 29, 2022, 09:11:38 AM

Quote from: n0nce on May 29, 2022, 09:06:49 AM

Maybe a little off-topic, but this is another advantage of Bisq: probably every time you sell BTC for fiat, the money arrives in your bank account from a different sender.

That's not helping: if I use reputable exchanges, my bank has less to worry about. If I often send/receive money to/from many different bank accounts, they'll have a reason to ask more questions. And it's not as if the bank wants spend money asking questions, but government forces them to do this. Government also doesn't tell them which questions they have to ask, so banks ask anything they can come up with just to be on the safe side to avoid high fines again.

That's a good counter-argument, true as well. Maybe less questions, but I believe also potentially easier to trace.

Quote from: o_e_l_e_o on May 29, 2022, 09:15:58 AM

Quote from: n0nce on May 29, 2022, 09:06:49 AM

Instead, if you use one or two centralized exchanges, it will always come from those two bank accounts. This way, someone could link your outputs.

I'm not sure I follow you here. Can you elaborate?

If some random person is scanning the blockchain for deposits to Binance, they will have no idea about the fiat withdrawals from Binance or the fiat deposits in to your bank account, so they won't be able to use that information to link Binance deposits.
If, on the other hand, we are considering some blockchain analysis company, government, three letter agency, etc., then Binance have probably already shared all your data with them and so your deposits are already linked together without you ever withdrawing fiat.

For random persons it's not easy, but if you're from / with government, you could get information about bank transfers to your bank account and compare those to Bitcoin deposits on the blockchain of the same size. You're right though, that they can just get that information straight from Binance more easily.

Anyhow; by just depositing BTC into a centralized exchange, it also links your inputs. Even if you get new deposit addresses; they're linked not on the Bitcoin blockchain, but within the Binance system. Not everyone, but certain people can surely get this information from the exchange.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: n0nce on May 29, 2022, 09:06:49 AM

Instead, if you use one or two centralized exchanges, it will always come from those two bank accounts. This way, someone could link your outputs.

I'm not sure I follow you here. Can you elaborate?

If some random person is scanning the blockchain for deposits to Binance, they will have no idea about the fiat withdrawals from Binance or the fiat deposits in to your bank account, so they won't be able to use that information to link Binance deposits.
If, on the other hand, we are considering some blockchain analysis company, government, three letter agency, etc., then Binance have probably already shared all your data with them and so your deposits are already linked together without you ever withdrawing fiat.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: n0nce on May 29, 2022, 09:06:49 AM

Maybe a little off-topic, but this is another advantage of Bisq: probably every time you sell BTC for fiat, the money arrives in your bank account from a different sender.

That's not helping: if I use reputable exchanges, my bank has less to worry about. If I often send/receive money to/from many different bank accounts, they'll have a reason to ask more questions. And it's not as if the bank wants to spend money asking questions, but government forces them to do this. Government also doesn't tell them which questions they have to ask, so banks ask anything they can come up with just to be on the safe side to avoid high fines again.

n0nce

hero member

Activity: 882

Merit: 5834

not your keys, not your coins!

Quote from: LoyceV on May 28, 2022, 02:20:40 AM

I'm not trying to hide transactions from government, they want to know far too much from me already. But I'm still careful selecting which inputs to link together.

Maybe a little off-topic, but this is another advantage of Bisq: probably every time you sell BTC for fiat, the money arrives in your bank account from a different sender.
Instead, if you use one or two centralized exchanges, it will always come from those two bank accounts. This way, someone could link your outputs.
1] You send unlinked UTXO A to Binance
2] You cash out the amount to your bank account
3] You send unlinked UTXO B to Binanche
4] You cash out the amount to your bank account

Even though they were unlinked, by sending them to the same exchange and subsequently the same bank account, they can be linked.
Through Bisq, you could even sell one UTXO for fiat received via bank transfer, another for fiat received via Skrill, and another via 'cash in person'.

PrimeNumber7

copper member

Activity: 1652

Merit: 1901

Amazon Prime Member #7

Quote from: mikeywith on May 28, 2022, 05:43:19 PM

Quote from: PrimeNumber7 on May 28, 2022, 01:45:34 AM

You would need two servers for what you describe to work. Nicehash might tell inquiring minds that you mined at server xyz with an IP address of 1.2.3.4, and when the government inquires with the various pools, they could ask if anyone connected from IP address 1.2.3.4, however if server xyz forwards the work to server ABC with an IP address of 4.2.2.1, which subsequently forwards the work onto the pool, even if the government were to find the pool you were mining on, they would have no way of knowing the work originated from nicehash, nor the server that nicehash knows about.

You can do that, but that would contribute to more added latency which is something you want to avoid when mining, going from NH to sever 1 > server 2 > Mining pool might not work perfectly, it will certainly work but the number of stale/rejected shares might be a bit high which would result in an overall more expensive operation than it already is.

I still think using a decentralized pool is the best approach, from NH > P2Pool is going to be very low latency, without any added cost, if the government manages to get your details from NH, there will be little to nothing of info.

The added latency would be an added cost to your privacy.

Using P2Pool may be an option to reduce your cost, and there would not be anyone for the government to talk to. However the government may be able to deduct the P2Pool blocks, and look at the hashrate you rented from NH (and for how long) to make an educated guess as to where your coin ended up.

Quote from: LoyceV on May 28, 2022, 02:20:40 AM

Quote from: PrimeNumber7 on May 28, 2022, 01:45:34 AM

even if we were to go with the assumption that a said government will go as far as doing what you suggested

Unless they're chasing a specific money flow, I don't expect government to dig this deep. Here, it's quite simpel: when you sell a substantial amount of Bitcoin for fiat on your bank account, they'll ask you where the money came from. It's up to you to explain the money is legit.
Banks have to report "unusual transactions", after which government doesn't really know what to do with them (link in Dutch).

I'm not trying to hide transactions from government, they want to know far too much from me already. But I'm still careful selecting which inputs to link together.

I think in most cases, people who have SARs filed on their transactions/activity are not breaking any laws, and will probably not be investigated. However if there is an investigation involving that person, the government will have those SARs available to help link money flows after the fact.

mikeywith

legendary

Activity: 2394

Merit: 6581

be constructive or S.T.F.U

Quote from: PrimeNumber7 on May 28, 2022, 01:45:34 AM

You would need two servers for what you describe to work. Nicehash might tell inquiring minds that you mined at server xyz with an IP address of 1.2.3.4, and when the government inquires with the various pools, they could ask if anyone connected from IP address 1.2.3.4, however if server xyz forwards the work to server ABC with an IP address of 4.2.2.1, which subsequently forwards the work onto the pool, even if the government were to find the pool you were mining on, they would have no way of knowing the work originated from nicehash, nor the server that nicehash knows about.

You can do that, but that would contribute to more added latency which is something you want to avoid when mining, going from NH to sever 1 > server 2 > Mining pool might not work perfectly, it will certainly work but the number of stale/rejected shares might be a bit high which would result in an overall more expensive operation than it already is.

I still think using a decentralized pool is the best approach, from NH > P2Pool is going to be very low latency, without any added cost, if the government manages to get your details from NH, there will be little to nothing of info.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: PrimeNumber7 on May 28, 2022, 01:45:34 AM

even if we were to go with the assumption that a said government will go as far as doing what you suggested

Unless they're chasing a specific money flow, I don't expect government to dig this deep. Here, it's quite simpel: when you sell a substantial amount of Bitcoin for fiat on your bank account, they'll ask you where the money came from. It's up to you to explain the money is legit.
Banks have to report "unusual transactions", after which government doesn't really know what to do with them (link in Dutch).

I'm not trying to hide transactions from government, they want to know far too much from me already. But I'm still careful selecting which inputs to link together.

PrimeNumber7

copper member

Activity: 1652

Merit: 1901

Amazon Prime Member #7

Quote from: mikeywith on May 21, 2022, 06:28:21 PM

But then, even if we were to go with the assumption that a said government will go as far as doing what you suggested, you can still use a passthrough running on some server, that way, you break the connection between Nicehash and the pool, nicehash will tell your government that you mined to server xyz (which at least in theory nobody knows about), from there, unless they find a way to get into your server, they won't know where the hashrate went to, unless they contact every mining pool on planet earth.

You would need two servers for what you describe to work. Nicehash might tell inquiring minds that you mined at server xyz with an IP address of 1.2.3.4, and when the government inquires with the various pools, they could ask if anyone connected from IP address 1.2.3.4, however if server xyz forwards the work to server ABC with an IP address of 4.2.2.1, which subsequently forwards the work onto the pool, even if the government were to find the pool you were mining on, they would have no way of knowing the work originated from nicehash, nor the server that nicehash knows about.

Quote from: mikeywith on May 21, 2022, 06:28:21 PM

One way which they can track you is by asking Nicehash for the total hashrate you pointed and then attempt to estimate how much "BTC" would have come out of it, and then they would track addresses that received a similar amount, but given that there will probably be a few hundred thousand miners getting that same sum of outputs, it will be extremely difficult to narrow it down to just you.

Your intermediary server(s) could split up the hashrate among multiple pools. If you are only mining on an unknown pool for a short time, I don't think there would be a lot of candidate miners who meet any given hashrate estimate.

o_e_l_e_o

legendary

Activity: 2268

Merit: 18711

Quote from: witcher_sense on May 24, 2022, 03:09:42 AM

For example, when I make a transaction and accidentally create unspendable small outputs as change, a wallet warns me about that and offers me to slightly increase or decrease the fee rate.

Electrum does this, to an extent. If you try to create a change output which would be dust, it automatically adds it on to the fee instead (and shows you a little icon you can hover over for it to explain what it has done).

Quote from: witcher_sense on May 24, 2022, 03:09:42 AM

In other words, OP_RETURN outputs are no longer part of bitcoin supply.

Correct.

Quote from: LoyceV on May 24, 2022, 04:13:50 AM

The funds are now owned by the miner (and the Bitcoin supply wasn't reduced).

Not correct. Coins sent to OP_RETURN outputs are forever locked within that output and are provably unspendable. They do not belong to the miner and can indeed be subtracted from the total supply, since they will never move. Indeed, each instance of Bitcoin Core will automatically remove any such coins from its database.

n0nce

hero member

Activity: 882

Merit: 5834

not your keys, not your coins!

Quote from: LoyceV on May 24, 2022, 04:13:50 AM

Quote from: witcher_sense on May 24, 2022, 03:09:42 AM

Ah, now I see: this privacy-enhancing technique is often referred to as "change avoidance" where you are actively practicing careful coin control not to create unnecessary outputs. The downside of this is that you have to do all these adjustments manually while doing some mathematical calculations in your head, trying to figure out which step doesn't break your anonymity set.

I don't think you can really automate this, it varies per transaction and depends on the label of each input. I prefer manual Coin Control in Bitcoin Core, and Advanced Preview in Electrum (both can be enabled in Settings).

I believe the idea would be to have an option before signing a transaction to say 'no change please' which increases the transaction fee to the point where there's no change generated; just output to the other party and change. That should be possible to do automatically.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: witcher_sense on May 24, 2022, 03:09:42 AM

Ah, now I see: this privacy-enhancing technique is often referred to as "change avoidance" where you are actively practicing careful coin control not to create unnecessary outputs. The downside of this is that you have to do all these adjustments manually while doing some mathematical calculations in your head, trying to figure out which step doesn't break your anonymity set.

I don't think you can really automate this, it varies per transaction and depends on the label of each input. I prefer manual Coin Control in Bitcoin Core, and Advanced Preview in Electrum (both can be enabled in Settings).

Quote

I would like to see bitcoin wallets that have some in-built fee adjustment mechanism aimed at guarding my privacy. For example, when I make a transaction and accidentally create unspendable small outputs as change, a wallet warns me about that and offers me to slightly increase or decrease the fee rate.

Most wallets don't even warn you when you use an input that costs more in fees than it's worth (say 1000 sat from a legacy input while you pay 10 sat/byte fee). I've seen so many transactions that would have have more change if they would have used less inputs.

Quote

In other words, OP_RETURN outputs are no longer part of bitcoin supply.

~~The funds are now owned by the miner (and the Bitcoin supply wasn't reduced).~~

This topic reminded me to do some wallet maintenance, so yesterday I cleaned up 8 inputs.
The minimum amount at my favourite instant exchanger often changes. Today it's 36k sat, yesterday it was 3.6k sat. I thought it would depend on the transaction fee, but at the moment, transaction fees are as low as it gets.
Exchange rates for small amounts aren't the best, but it still beats collecting dust. I also made a payment for which the change was exchanged instantly (into my low-fee altcoin wallet which I use to pay services (such as VPN)).

Topic: Consolidation of mixed outputs (Read 997 times)