Your idea to use a "centralized mixing site" seems to be the most effective. Make an account (with account details not tied to your persona obviously) on any website that lets you deposit and withdraw BTC. Could be an exchange, a gambling site, merchant, whatever...
Ensure that this site allows you to generate new deposit addresses, so you can make every deposit to a new address (to prevent your deposits from various amounts of mixed change showing as going to the same place on the blockchain). Each time you have change from your 1 mixed/ZeroCoin BTC, deposit it to this site.
Once you have accumulated >1 BTC, use your regular procedure for mixing/anonymization to use the funds.
The operator of the website (and anyone he grants access) will be able to see your account details, deposits and withdrawals, but all they see is coins coming from mixed/anonymous sources and going back to a mixing service, with no ties to your main wallet or your identity.
Topic: Mixing and remaining "change" (Read 754 times)
Is there a concern that some statistics could be used to match before and after?
For example, if you send 50X 1BTC though the mixers and then spent it to buy something for 40BTC, then they could trace 40 transactions back to 40 mixes. If you were an input for all 40, then it is likely that you made the purchase.
Ideally, you want to run your entire wallet through the mix at once, so it re-scrambled.
For example, if you send 50X 1BTC though the mixers and then spent it to buy something for 40BTC, then they could trace 40 transactions back to 40 mixes. If you were an input for all 40, then it is likely that you made the purchase.
Ideally, you want to run your entire wallet through the mix at once, so it re-scrambled.
Without something automatic built in to many clients, I worry about the volume too. ;-)
I can well imagine that for very few standard sizes (like 1 BTC if the price stays around its current order of magnitude) decent volume can be possible even without that. I could mostly live with that, if I had to regularly find some mixing "partners" on a P2P system which are likewise interested in anonymity than I am. But then, my above thoughts come up about what to do with the change, which can no longer be meaningfully mixed.
Nevertheless, I would still be (mostly) perfectly happy when such a mixing system (decentralised, without any "control" server that can compromise my anonymity and without trust) is usable - and of course when some merchants in my area start to accept Bitcoin so that I can actually spend them and worry about anonymity.
Until I find a way to deal with change, I would have to give it to some charity from time to time. I could live with that (especially because I already give small amounts regularly away, then I would just switch to donating Bitcoins instead - would have the bonus that also my donations are anonymous).
Without something automatic built in to many clients, I worry about the volume too. ;-)
Of course. However I wonder whether there will really be enough volume with small sizes to make mixing worthwhile ... furthermore, it seems to me that smaller sizes will be eaten up by transaction fees. Well, we'll see - I'm looking forward to it anyway.
In all likelihood there will be multiple standard sizes, eg 10, 1, .1, 01, 0.001, etc so you'll be able to mix the entire amount and the client will pick sizes so that you'll have everything well mixed.
Of course. However I wonder whether there will really be enough volume with small sizes to make mixing worthwhile ... furthermore, it seems to me that smaller sizes will be eaten up by transaction fees. Well, we'll see - I'm looking forward to it anyway.
In all likelihood there will be multiple standard sizes, eg 10, 1, .1, 01, 0.001, etc so you'll be able to mix the entire amount and the client will pick sizes so that you'll have everything well mixed.
Of course. However I wonder whether there will really be enough volume with small sizes to make mixing worthwhile ... furthermore, it seems to me that smaller sizes will be eaten up by transaction fees. Well, we'll see - I'm looking forward to it anyway.
In all likelihood there will be multiple standard sizes, eg 10, 1, .1, 01, 0.001, etc so you'll be able to mix the entire amount and the client will pick sizes so that you'll have everything well mixed.
As far as cold storage, that would be mixed prior to moving it to your offline wallet too.
You make some great points and it is worth repeating that if Perrson A is buying a cup of coffee, A doesn't want anyone who sees the transaction to the coffe shop to tie everything to my previous purchases and savings by following transactions backwards and to know the total value of their holdings. Ditto if I buy software online or tequila in Tijuana. It makes one a target.
As far as cold storage, that would be mixed prior to moving it to your offline wallet too.
You make some great points and it is worth repeating that if Perrson A is buying a cup of coffee, A doesn't want anyone who sees the transaction to the coffe shop to tie everything to my previous purchases and savings by following transactions backwards and to know the total value of their holdings. Ditto if I buy software online or tequila in Tijuana. It makes one a target.
With things like Zerocoin or (realistically for a not-so-long time frame) P2P mixing on the radar, I was already thinking about how I would use those to enhance my anonymity when there will finally by some people accepting Bitcoin near me in the future. The scenario I think about is like that:
* I have some total balance on my wallet (except what is in cold storage for long-term saving), where I assume it is not at all anonymous because parts may be from my public donation address, exchanges have my identity because of AML regulations, or because I posted with my real name on a local group mailing list asking to buy in person and at least the seller now has my real name plus Bitcoin address.
* When I now make some purchases, I don't want the seller to know who I am / how many Bitcoins I have in total / things like this, and I also don't want the public to know what things I buy, assuming the receiving address of some business I shop at is public. (For instance a printed QR code in a pub.)
* Thus, having Zerocoin or some P2P mixer, I decide to run 1 BTC through it and cash out at a fresh wallet (possibly on my mobile phone for easier spending on-the-go). This has to be some "standardised" amount, though, I can't do it with 0.182673 BTC.
* Now I have 1 BTC to spend on some purchases. While it will be possible to link together all items I bought with that 1 BTC, it won't be able to determine who I am, how many Bitcoins I have beside this balance, or what else I bought before that "1 BTC batch" or what I will buy afterwards. This is acceptable privacy for me.
The only thing I can never really work out is what to do when the amount remaining of these 1 BTC is no longer enough for more purchases. Say I spent some 1 BTC batches already, and from each of those 0.01-something BTC remained as final change. Thus I end up with some coins spread accross multiple wallets. Is there any way to reconcile those into a combined balance, so I can make use of them again, without compromising my anonymity? Or is all I can do then donate anonymously to some charity accepting Bitcoin?
The problem I see is this: As soon as I generate a transaction with inputs from those balances, even if it was just again to "mint" a 1 BTC zerocoin, it would become public that in fact all those 1 BTC batches were linked to me (or at least to each other). However, it is also not possible to anonymise each change balance before that, because I have to send some standard amount to the mixers ... and it would probably be hard to find "mixing partners" for my change amount, right?
A possible solution I see would be to have an account at a "centralised mixing site", say some online wallet or even the Silk Road or something like that. I could then send my change back to it at new addresses each, and when my balance exceeds 1 BTC again, withdraw a full Bitcoin to mint a fresh zerocoin with it. Then probably only the site operator would be able to link everything to me.
I hope I could explain my thoughts clearly ... sorry if it sounds confusing. Do I miss some important points, or is there really no nice solution for this problem with things like Zerocoin or P2P mixers? I'm curious about other thoughts about that!
* I have some total balance on my wallet (except what is in cold storage for long-term saving), where I assume it is not at all anonymous because parts may be from my public donation address, exchanges have my identity because of AML regulations, or because I posted with my real name on a local group mailing list asking to buy in person and at least the seller now has my real name plus Bitcoin address.
* When I now make some purchases, I don't want the seller to know who I am / how many Bitcoins I have in total / things like this, and I also don't want the public to know what things I buy, assuming the receiving address of some business I shop at is public. (For instance a printed QR code in a pub.)
* Thus, having Zerocoin or some P2P mixer, I decide to run 1 BTC through it and cash out at a fresh wallet (possibly on my mobile phone for easier spending on-the-go). This has to be some "standardised" amount, though, I can't do it with 0.182673 BTC.
* Now I have 1 BTC to spend on some purchases. While it will be possible to link together all items I bought with that 1 BTC, it won't be able to determine who I am, how many Bitcoins I have beside this balance, or what else I bought before that "1 BTC batch" or what I will buy afterwards. This is acceptable privacy for me.
The only thing I can never really work out is what to do when the amount remaining of these 1 BTC is no longer enough for more purchases. Say I spent some 1 BTC batches already, and from each of those 0.01-something BTC remained as final change. Thus I end up with some coins spread accross multiple wallets. Is there any way to reconcile those into a combined balance, so I can make use of them again, without compromising my anonymity? Or is all I can do then donate anonymously to some charity accepting Bitcoin?
The problem I see is this: As soon as I generate a transaction with inputs from those balances, even if it was just again to "mint" a 1 BTC zerocoin, it would become public that in fact all those 1 BTC batches were linked to me (or at least to each other). However, it is also not possible to anonymise each change balance before that, because I have to send some standard amount to the mixers ... and it would probably be hard to find "mixing partners" for my change amount, right?
A possible solution I see would be to have an account at a "centralised mixing site", say some online wallet or even the Silk Road or something like that. I could then send my change back to it at new addresses each, and when my balance exceeds 1 BTC again, withdraw a full Bitcoin to mint a fresh zerocoin with it. Then probably only the site operator would be able to link everything to me.
I hope I could explain my thoughts clearly ... sorry if it sounds confusing. Do I miss some important points, or is there really no nice solution for this problem with things like Zerocoin or P2P mixers? I'm curious about other thoughts about that!
Jump to: