Author

Topic: Feature request: "Disown" coins (Read 845 times)

legendary
Activity: 1120
Merit: 1152
November 15, 2013, 12:22:55 PM
#10
Fantastic idea.  I hadn't even thought of using coinjoin for cleaning up dust.  I'll have to do modification to the code base to support SIGHASH_ANYONECAN pay, but it'll be worth it.  I wanted to implement the other SIGHASH types anyway.

Thanks!

I'm not sure that a central server is in fact the right approach - might be better to just broadcast tx fragments spending each individual txin one at a time - but regardless the SIGHASH_ANYONECAN will useful for other stuff too so it'd be effort well spent.
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
November 12, 2013, 12:19:33 PM
#9
Have you seen this? No idea if it'd help.
So, my guess is it's something with tainting other coins.
Users of bitcoind / bitcoin-qt can fight back against this by using Peter Todd's (retep on BCT) dust-b-gone script which will CoinJoin away the dust in your wallet, both cleaning up the blockchain and thwarting any tainting efforts.

(haven't had time to look into problem on laptop)

Fantastic idea.  I hadn't even thought of using coinjoin for cleaning up dust.  I'll have to do modification to the code base to support SIGHASH_ANYONECAN pay, but it'll be worth it.  I wanted to implement the other SIGHASH types anyway.
donator
Activity: 1218
Merit: 1015
November 11, 2013, 11:26:35 AM
#8
Have you seen this? No idea if it'd help.
So, my guess is it's something with tainting other coins.
Users of bitcoind / bitcoin-qt can fight back against this by using Peter Todd's (retep on BCT) dust-b-gone script which will CoinJoin away the dust in your wallet, both cleaning up the blockchain and thwarting any tainting efforts.

(haven't had time to look into problem on laptop)
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
October 21, 2013, 02:03:32 PM
#7
Consider a government that is trying to reduce the privacy of the network as a whole.  They have observed 10,000 different transactions.  Of those 10,000, they know some of them are drug deals, some are suspected money laundering, some are political contributions, and some of them are withdrawals or deposits made to exchanges accounts for which they know the identities.  The point is, they know the identities of a few points on this web of 10k transactions, and they know the nature of some of the other transcations, but they are working with a very incomplete set of information.  

Let's say you execute both tx A (a deposit to a coinbase account), and tx B (an "anonymous" political donation).   The government knows that you are responsible for tx A, since Coinbase had to follow AML/KYC rules and has your identity.  Or tx A was a purchase you made on some website where the government saw that you purchased some alpaca socks for 1 BTC (a lot of socks).  But since you never re-use addresses, they don't know that tx B was executed by you, they only know that the address is a donation address that has received multiple donations.

But now the entity/gov't dust-spams all the input addresses of all these transactions.  There's a chance, on your next transaction, that your wallet will try to clean up the dust, and put all of it into a single transaction to aggregate it.  However, by doing so, it is including dust from input addresses from tx A and input addresses from tx B, which makes it immediately obvious that both addresses are owned by the same person, and thus the same person who owns the coinbase account also was the payer of tx B.  They have now linked together identities that were not otherwise linked.  And it was totally unknown to you, because the wallet needs to handle dust, change and coin-selection totally transparently to the user.

It doesn't have to be a government.  There are other ways this can be used to compromise privacy.  In all instances, it has to do with the dust spam being "cleaned up" by the wallet, and leaking information in form of linking addresses that otherwise would not have been linked.  Theoretically, a critical mass of CoinJoin transactions will reduce the strength of those linkages, but it probably it will still "suggest" linkages that might otherwise not have been made.

Expert users who understand this might want the ability to blacklist dust that is of unknown origin.  The wallet might even do this automatically, if it has a reliable set of rules to follow.  For instance, Armory only bundles in extra dust if doing so wouldn't reduce the privacy of a transaction. But sometimes it's unavoidable to include that dust:  say you sweep your wallet to a new wallet/address.  And you can't even dump all the dust without linking all the dust addresses together. Given that they are worth effectively nothing, the best thing to do might be to ignore/blacklist it.

Of course, we'd like it if the dust didn't just atrophy the network.  But for the super-paranoid folks, there may be no other option.
legendary
Activity: 1148
Merit: 1018
October 21, 2013, 01:48:19 PM
#6
By the way, what do you think is the purpose of those sendmany dust transactions? I've never been hit by one so far.
hero member
Activity: 896
Merit: 532
Former curator of The Bitcoin Museum
October 21, 2013, 11:46:19 AM
#5
This sounds like more of a protocol issue than a software issue.

mind you, it could be solved here rather than there.

I wonder if there is a way to divert dust payments to a "dust" account.  so that if you want to transfer everything out of an account it doesn't cost you way more than it should.

Ideally it would be an offchain transaction.  a bit like when coins do a loop in your own wallet (I love that armoury message that pops up BTW. It's so cute! Smiley
legendary
Activity: 1428
Merit: 1093
Core Armory Developer
October 21, 2013, 11:37:43 AM
#4
That's a tough one.  Given that coin-control is already implemented, there may be a way to do it... but coin-control only controls addresses, not individual outputs.  So it may require some modification to do this.  It's definitely not on the priority list, but it's a defensive measure that makes sense to implement for the paranoid folks Smiley

I'll think about how to do it, and we're going to put a note in our SW system to remind us to eventually do that.  Definitely an expert feature though, and we have tons of other critical things that need to be addressed right now.  But I want to do it.  Eventually.
donator
Activity: 1218
Merit: 1015
October 21, 2013, 10:09:38 AM
#3
Transfer those coins to a cold wallet?

Do you want to just temporarily block an address you own? or disown it completely?
I don't want coins from the .00000001BTC sendmany transactions which worm their way around the network and occasionally into addresses I control to ever leave the address they were sent to - so I want to disown them entirely. If I send them to a black hole, it ends up costing me money in tx fees.
hero member
Activity: 896
Merit: 532
Former curator of The Bitcoin Museum
October 21, 2013, 09:53:35 AM
#2
Transfer those coins to a cold wallet?

Do you want to just temporarily block an address you own? or disown it completely?
donator
Activity: 1218
Merit: 1015
October 20, 2013, 10:41:27 PM
#1
Would it be trivial to add support for "blocking" the sending of either coins from certain transactions or entire addresses in the GUI? -Basically just preventing them from being accidentally spent.

Those one-satoshi sendmanys always get me paranoid when they pop up in an address I control, like a van with painted windows parked out on the sidewalk. Have started trying to remember to always use coin control, but sometimes I slip up.

ETA: Maybe the address could just be "skipped" from the wallet? Say I have 500 addresses in a deterministic wallet. Address 140 has NSA taint, so I don't want to use it, so Armory'd only scan/load addresses 1-139, then 141-500.
Jump to: