Pages:
Author

Topic: Few questions (First time Lighting,Wasabi & CoinJoin,using Bitcoin Core offline) (Read 549 times)

legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
a) why did you include 0.05001234BTC in the first please i am confused

To demonstrate that Wasabi CoinJoin have fixed output of mixed coins and usually there's "left over" coin which isn't mixed since it's amount is too low.

b) if mixing is not about using all of mixed coins in a single transaction then how is it done probably a.k.a. post-mix i mean

There's no single/best how it's done probably, but don't spend all mixed coin and following guide by wasabi which i mentioned on previous posts should be good enough.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
a) I can not figure from where the number 1.05001234BTC came you said we have 10 mixed UTXO with each UTXO with 0.1BTC so total is 1BTC or I am missing something

You forget 0.05001234BTC which isn't mixed

isn't mixing about using all of the mixed coins in a single transaction or more than a transaction ?

As @fillippone mentioned, that would reduce your and other's privacy, so the answer is no.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
@ETFbitcoin : could you please list for I/us what faults we could accidently/non-accidently cause that would degenerate the anonymity of the mixed coins ?

Wasabi Wallet have good documentation about it at https://docs.wasabiwallet.io/using-wasabi/ChangeCoins.html and https://docs.wasabiwallet.io/using-wasabi/Deanonimization.html

But aside from docs, i only know few possible faults :
1. Disable Tor connection on Wasabi Wallet
2. Use all mixed coins in a transaction. For example, you mixed 1.05001234BTC continuously and got 10 mixed UTXO with amount 0.1BTC, then you use all those 10 mixed UTXO in a transaction.

I've no idea how serious the privacy implication of faults i mentioned though.
newbie
Activity: 24
Merit: 10
a) I can not figure from where the number 1.05001234BTC came you said we have 10 mixed UTXO with each UTXO with 0.1BTC so total is 1BTC or I am missing something

You forget 0.05001234BTC which isn't mixed

isn't mixing about using all of the mixed coins in a single transaction or more than a transaction ?

As @fillippone mentioned, that would reduce your and other's privacy, so the answer is no.

a) why did you include 0.05001234BTC in the first please i am confused

b) if mixing is not about using all of mixed coins in a single transaction then how is it done probably a.k.a. post-mix i mean
newbie
Activity: 24
Merit: 10
@BitCryptex : I want to thank you so so so much for answering all of my questions in this thread I am sorry if I caused any issues for you and I would like you to keep watching the thread to learn more about coinjoins  Smiley

@ETFbitcoin :

a) I can not figure from where the number 1.05001234BTC came you said we have 10 mixed UTXO with each UTXO with 0.1BTC so total is 1BTC or I am missing something

b) you said we shall not use all the mixed coins in a single transaction I can not get that point isn't mixing about using all of the mixed coins in a single transaction or more than a transaction ?

@fillippone : may you ELI5 your last post please as you know I am still new to coinjoining
legendary
Activity: 2268
Merit: 16328
Fully fledged Merit Cycler - Golden Feather 22-23

I've no idea how serious the privacy implication of faults i mentioned though.

From a theoretical point of view, mixing and then consolidating your outputs not only reduce your own anonymity set, but also the other coinjoin participants. So it's an harmful practice.
Think of a coinjoin with three people, if Alice and Bob consolidate their coins after the mix, also Charlie, who is diligently spending his coin consciously without consolidating, has his anonymity set almost destroyed.
You have to take into account this "negative externality" when consolidating.


legendary
Activity: 1876
Merit: 3132
I had a question in mind how could we mitigate this if I have only access to a single physical pc ?

I don't think if there is any way to mitigate that without using an additional device. Did you consider buying a hardware wallet? You wouldn't have to bother with a separate computer or VMs if you bought one.

edit: if you could as well please tell I what is wrong in my setup beside the threat model you shared.

Besides that threat, it is a little difficult to maintain because you are using Bitcoin Core. You wouldn't have to worry about keeping your client up-to-date if you used Electrum, for example.
legendary
Activity: 2268
Merit: 16328
Fully fledged Merit Cycler - Golden Feather 22-23
@fillippone : when can we expect to see the coinjoin guide please ?


Soon, but don't hold your breath.
I am going to publish it on the italian board first (it was requested there). The translation is quite trivial.
But RL/quarantine are taking a toll on my activities on the forum, so I had to delay it a little bit.

newbie
Activity: 24
Merit: 10
@fillippone : when can we expect to see the coinjoin guide please ?

@BitCryptex : as you know there is nothing fail-proof a.k.a. 100% secure but your threat model is totally legit. I had a question in mind how could we mitigate this if I have only access to a single physical pc ?

edit: if you could as well please tell I what is wrong in my setup beside the threat model you shared.

@ETFbitcoin : could you please list for I/us what faults we could accidently/non-accidently cause that would degenerate the anonymity of the mixed coins ?
legendary
Activity: 2268
Merit: 16328
Fully fledged Merit Cycler - Golden Feather 22-23
how would the hacker steal the funds ?

Using some kind of malware. You seem to be cautious enough not to be fooled by malware replacing addresses. Keep in mind that if your wallet file is stolen while you go online, the attacker could broadcast a transaction with a higher fee so that there would be a chance that it would be accepted by the miners earlier. Those are really extreme cases. I have never been affected by those.

This setup you are suggesting is actually and over-complicated Hardware wallet, after all. Where you store your private keys offline and use them to sign a transaction prepared on an online PC.

'overcomplicated' is an exaggeration. It is a good setup if one does not trust hardware wallets. OP didn't mention them so I assumed that he doesn't want to use them.


Yes, it was a little bit of overstatement. Better not to derail the thread too much discussing pro and cons of the different solutions. I just wanted to make things clear (maybe only to me).
legendary
Activity: 1876
Merit: 3132
how would the hacker steal the funds ?

Using some kind of malware. You seem to be cautious enough not to be fooled by malware replacing addresses. Keep in mind that if your wallet file is stolen while you go online, the attacker could broadcast a transaction with a higher fee so that there would be a chance that it would be accepted by the miners earlier. Those are really extreme cases. I have never been affected by those.

This setup you are suggesting is actually and over-complicated Hardware wallet, after all. Where you store your private keys offline and use them to sign a transaction prepared on an online PC.

'overcomplicated' is an exaggeration. It is a good setup if one does not trust hardware wallets. OP didn't mention them so I assumed that he doesn't want to use them.
legendary
Activity: 2268
Merit: 16328
Fully fledged Merit Cycler - Golden Feather 22-23
I will create several offline wallets from the virtual machine and send the bitcoins to them from the old wallet using my main machine as being some how paranoid here

I got that part. What I meant was asking if you are going to spend those coins often. Once you move your wallet from the offline machine to your main one, your wallet will be completely exposed. You can mitigate that by preparing transactions on the online machine, signing them on the offline one and moving the signed transaction to any online PC. This won't expose your private keys. Also, I don't think that using virtual machines is a good idea. If your host is compromised, so are your VMs. Using a separate computer would be safer.

This setup you are suggesting is actually and over-complicated Hardware wallet, after all. Where you store your private keys offline and use them to sign a transaction prepared on an online PC.

Regarding Wasabi, I am preparing a very Basic guide to run Coinjoins.
@scott.carter.2020 I will try to answer some of your answer on that one, and maybe post an international version. (even if I have the suspect the average reader I am referring to has way less technical competence than you.

A very good read on privacy, overall is this A Treatise On Bitcoin And Privacy Part 1: A Match Made In The Whitepaper. I do recommend the read.

<...>
I haven't done throughtful research about privacy of both of them, but here's few pros. and cons. that i know

Wasabi :

+ Hardware wallet support
<...>

Bear in mind that coinjoins aren't compatible with Hardware Wallet YET. You must store your coins on Wasabi hot wallet.



newbie
Activity: 24
Merit: 10
lets suppose my (host) pc is (currently) hacked [...] what the risks i am facing me and/or what could go wrong ?

The problem is that by the time you realise that you have been hacked, your funds will have been already stolen. You won't have any time to react. That's why I recommend you to reconsider your setup.

I am not against reconsidering my setup and I thank you so much for that

but what I am thinking of is the following

if I am already hacked for example and that is the worst case scenario, once I am offline all the work will be done.

once I am online, the transactions will be broadcasted to the blockchain and everything is over.

how would the hacker steal the funds ?

what he could only steal are the funds which are I want to spend.

am I right or is there anything wrong please ?
legendary
Activity: 1876
Merit: 3132
lets suppose my (host) pc is (currently) hacked [...] what the risks i am facing me and/or what could go wrong ?

The problem is that by the time you realise that you have been hacked, your funds will have been already stolen. You won't have any time to react. That's why I recommend you to reconsider your setup.
newbie
Activity: 24
Merit: 10
i stressed on everything must be able to work offline that in case even if i am already hacked, i am not in danger of losing anything except the coins i want to spend which will always be on the machine whatever it's online or offline.

What machine are you referring to? The host? As I wrote earlier, if your host gets hacked then your VMs should be also considered as compromised. Ideally, it would be great if you used a completely separate machine to sign your transactions. Creating raw transactions using Bitcoin Core is a bit complicated so I would recommend you either using Armory + Bitcoin Core or Electrum (wallet backup would be in a form of 12 words which you wouldn't need to update after each transaction unlike your current setup).


correct me if I am wrong please

lets suppose my (host) pc is (currently) hacked

if I went (totally offline) and did the following

- created few wallets in my vm
- backed them up using different mediums
- copied my old wallet into my up-to-date bitcoin core and sent the coins to that few wallets i created
- done

what the risks i am facing me and/or what could go wrong ?

the only thing I will risk in the few satoshis I would have on my machine which I will be spending as I mentioned earlier I will leave some satoshis on my machine as I need to sell them
legendary
Activity: 1876
Merit: 3132
i stressed on everything must be able to work offline that in case even if i am already hacked, i am not in danger of losing anything except the coins i want to spend which will always be on the machine whatever it's online or offline.

What machine are you referring to? The host? As I wrote earlier, if your host gets hacked then your VMs should be also considered as compromised. Ideally, it would be great if you used a completely separate machine to sign your transactions. Creating raw transactions using Bitcoin Core is a bit complicated so I would recommend you either using Armory + Bitcoin Core or Electrum (wallet backup would be in a form of 12 words which you wouldn't need to update after each transaction unlike your current setup).
newbie
Activity: 24
Merit: 10
oh sorry, it was a typo

can i infer from your helpful post that wasabi is great in p2p transactions, like for example, sending you bitcoins in exchange for fiat or alt. coin like xrp for example ?

Obviously yes, unless you use 3rd party/centralized exchange which perform KYC/AML (who usually also track your coin history) where they might freeze your coin/account.

P.S. if that's not what you mean, please specify which aspect you're asking from wasabi wallet and it's coinjoin feature.

I like bisq network and hodl hodl plus p2p transactions like here in the forum or other forums, so I was asking if wasabi is more than enough to vanish the origin of my coins or you prefer something better or maybe a combo of other solutions/technologies for example ?
newbie
Activity: 24
Merit: 10
I will create several offline wallets from the virtual machine and send the bitcoins to them from the old wallet using my main machine as being some how paranoid here

I got that part. What I meant was asking if you are going to spend those coins often. Once you move your wallet from the offline machine to your main one, your wallet will be completely exposed. You can mitigate that by preparing transactions on the online machine, signing them on the offline one and moving the signed transaction to any online PC. This won't expose your private keys. Also, I don't think that using virtual machines is a good idea. If your host is compromised, so are your VMs. Using a separate computer would be safer.

here is what i have in mind

i already have the old wallet.dat on several mediums as a backup

i want to divide the amount on that old wallet.dat into several smaller ones, to be less paranoid about working with a single wallet in case if something went wrong then i am rekt plus i want to spend some of the coins.

i will make the whole process being totally offline as you have read what i am trying to do, after i finish, i will backup those wallets as i used to do.

what will remain on the pc is the amount i want to spend

i stressed on everything must be able to work offline that in case even if i am already hacked, i am not in danger of losing anything except the coins i want to spend which will always be on the machine whatever it's online or offline.

am i missing anything here in the above sentence ?
legendary
Activity: 1876
Merit: 3132
I will create several offline wallets from the virtual machine and send the bitcoins to them from the old wallet using my main machine as being some how paranoid here

I got that part. What I meant was asking if you are going to spend those coins often. Once you move your wallet from the offline machine to your main one, your wallet will be completely exposed. You can mitigate that by preparing transactions on the online machine, signing them on the offline one and moving the signed transaction to any online PC. This won't expose your private keys. Also, I don't think that using virtual machines is a good idea. If your host is compromised, so are your VMs. Using a separate computer would be safer.
newbie
Activity: 24
Merit: 10
if I have a an old wallet.dat which had transactions lets say from 2017 and I have my bitcoin core fully synced and up-to-date, so simply replacing the default generated wallet.dat with that old one will be enough (while it's offline) ?

It should be as easy as that. If it doesn't happen to work, open Console in Bitcoin Core (Window -> Console) and type in rescanblockchain after you load your backup and confirm that its balance is wrong.

- can I do all the following (totally offline) ?

Yes, you can. Your transaction will be broadcast once you connect your main PC to the Internet and let Bitcoin Core catch up with the blockchain.

- hopefully you have any answer for my Wasabi question, if no, no problem ?

Unfortunately, no. Wait for ETFbitcoin's reply.

By the way, how do you intend to spend your coins from the guest machine?

here what I am thinking about

I have a virtual machine with bitcoin core installed on plus I have bitcoin core installed on the main machine

being totally offline

I will create several offline wallets from the virtual machine and send the bitcoins to them from the old wallet using my main machine as being some how paranoid here

regarding mixing, I am first timer into coinjoining, so I will read more about post-mix on how to keep the anonymity the same or with at least, least degradation possible.

Most probably i will go with wasabi due to high anon. set
Pages:
Jump to: