Topic: Privacy with sending BTC from differents addresses but same wallet (Read 416 times)

So your change is always zero. is this correct? And you mentioned the mixer address. Is this address of some real shuffling service/wallet you use? Regarding Electrum, it would be much easier to adapt the change there if the fee fixing  was allowed  before (but not after) building transaction  as it is done in Armory.

Ideally. Yes, as mentioned based on the heuristic used, you can possibly fool certain algorithm which determines the link based on the specific aspect.  I imagine you can fool the algorithm if the wallet were to allow the change address to be a different type (bc1 to p2wsh and vice versa) but it does have a very limited use case, as compared to a mixer which could destroy the link completely, albeit with some fees.
Yes. It was discussed earlier. It would be a service or could even be sent to an address which could be used for coinjoin afterward.

Well, I'm not sure about Armory but as o_e_l_e_o described, you can replace the amount with ! for which the client would adjust to spend all of the remainder after fees to the mixer.

A big advantage to this method would be the ability to select inputs using Coin control as well.

There is a simpler solution in Electrum using the pay-to-many function. Just treat the change as a "send all" as you would to any other address.

In the address box on the send tab, enter the address you want to pay, followed by a comma and a space, and then the amount you want to pay. On the next line, enter your replacement change address, a comma, a space, and an exclamation point. The exclamation point tells Electrurm to send all remaining funds from the transaction to that address, and will automatically update the amount as you adjust the fee. Your transaction will look like this:

bc1paymentaddress, 0.123
1notreallymychange, !

That's the reason why most tracing methodology assumes that the change address is always the same type as the "origin" address. Most users won't think of using it to their benefits as it's always done automatically.

If your software doesn't give you the liberty to have multiple outputs, then it's probably not ideal. What I would do with Electrum is that I would send the funds to the recipient and specify the mixer address as well with a random amount as a placeholder, go to the transaction preview, see how much of the amount I'm left with after the fees and adjust accordingly such that the change is not sent back to anywhere else. Or else, script your own raw transaction.

This is a unique way of approaching the problem and none of the wallets, AFAIK will allow you to set a change address that is not generated from the seeds. They do have a good reason of course and I think this method is quite unconventional.

As I understand, by artificially imitating common heuristics we can achieve a way greater level of privacy, an even greater one than that after mixing and conjoining. But what I am yet to comprehend is how exactly we can simulate it. For example, you mentioned a method when we redirect a change to a completely different address, the address that doesn't belong to our wallet. How can we do that? As far as I know, change addresses are generated automatically, have a special derivation path, and are usually hidden (Electrum wallet is an exception, though). In order to fool heuristics we should not choose our own change addresses and instead sent UTXO leftover to mixer address directly. How can we control that process if it is usually done automatically by the software we are using?

That's true, and I certainly don't do it all the time for this reason, but it highlights another way these heuristics can be fooled. Let's say I'm paying from a P2SH address to a merchant or service who are also using a P2SH address. I redirect the change to ChipMixer on a P2PKH address. According to these sites, this is a low privacy transaction because it is obvious which address is the change (the same address type as my input), when in fact they are completely mistaken.

If fooling these kind of sites is your goal, then in addition to using mixers, coinjoins, and other privacy enhancing methods, then you should also use a variety of transaction types to obfuscate what's change and what isn't, what's a payment and what isn't, and which addresses are under your control.

Always sending change to a particular mixer can be a breadcrumb for a prying eye to see. I presume that it is fairly uncommon to send change to CM as part of a financial transaction.

As an individual, I think it would be best to use varying methods to protecting your privacy, even if one method somewhat reduces your privacy.

There is a discussion regarding these heuristics here: https://bitcointalksearch.org/topic/--5299344

In terms of your point about sending the full amount of coins, this is another heuristic which is easy to trick. Whenever possible I'll pick UTXOs which are close enough to the required amount that I don't mind losing a few thousand sats as an additional fee and leave no change. Sometimes I'll buy a few extra products, a longer subscription, increase the value of a gift card, etc. to get the value of my order closer to the full amount of a UTXO I have to spend, again leaving no change. If I am going to create a significant amount of change, then I'll usually just redirect it straight to ChipMixer rather than a change address I own.

Coin control can be effective to a point. If all of the bitcoins at an address are sent to another address, it generally indicates that both the sending and receiving addresses are controlled by the same person.


Since the exchange knows who you are, you must trust that they respect your privacy. Reality: they don't, so you can't.


None of the techniques used by the block chain data miners use are perfect. However, they can make deductions with reasonable certainty with enough information. The only way to maintain privacy is to reduce the amount of information or increase the amount of noise.

If you are sending coin from an exchange, I think it is important to note that the exchange will know both deposits are associated with you. The exchange may also share this information with others.

If an exchange deposit address has exactly two incoming transactions, you may have a valid point. If an exchange deposit address has many incoming transactions over time, your point becomes less valid.

If there is an exchange deposit address that receives transactions from many addresses, and those addresses received coin from many distinct entities based on blockchain analysis, it would probably be a reasonable conclusion that the exchange account holder is depositing coin from transactions he signs himself. If an exchange deposit address often receives coin directly from addresses known to belong to other entities per blockchain analysis, there would be a chance the two transactions the OP describes are from two different 3rd parties.

Even if using a VPN, or even TOR to broadcast a transaction, using the same wallet software for both transactions may leave some breadcrumbs to someone looking closely, such as the transaction fee, transaction fee rate, and various flags within the transaction. Sending entire inputs less transaction fees (in other words, having no change) to the same address may also indicate that both transactions are from the same person.

I was envisaging a scenario where you made the two separate transactions a few minutes apart, but yes, if the transactions are a few days apart then it becomes far less likely.

Follow up point though: Do people frequently give their exchange deposit address to other people? Given how frequently exchanges sezie coins and lock accounts if these coins have come from any source they deem "unsuitable" or "tainted", I would imagine it is very risky to ask other people to deposit directly to your account if you do not know where those coins are coming from.

Why? I don't follow that logic.

You could have easily told Person A to send funds directly to your exchange deposit address... and also told Person B to send funds directly to your exchange deposit address. Just because two addresses have sent to the same address, there is no reason to tag them as "probably" belonging to the same person, even if the destination is an exchange deposit address.


Basically, it's like saying "AddressA sent to AddressC" and "AddressB sent to AddressC" so A and B are "alt accounts". That's proof of nothing other than A and B sent funds to C. There is no way to definitively determine the relationship between A and B, without extra information being available.

A VPN won't protect your privacy.
It just shifts the required trust towards the VPN service provider.

Choosing wasabi over electrum is way more beneficial. If you don't have a tor instance running on your own, it uses its own instance.
It connects to a random node via tor each time you broadcast a transaction.

If you care about your privacy, i'd definitely recommend wasabi over any other desktop wallet.

Together with correct coin control, that's already way better than probably 90%+ of all BTC user.

A VPN will hide your true IP from the bitcoin node you connect to, but your VPN provider will still be able to see all your traffic. If you want something approaching anonymity then you would be better off using Electrum over Tor.

Further, although a VPN or Tor would stop the node linking those addresses to your IP, it does not prevent them linking those addresses to each other. When you load up Electrum, it will essentially send a request to the node it connects to asking for the up to date balance of all the addresses in your wallet. Even if the IP that request comes from is a Tor exit node, the bitcoin node will be able to tell the same IP requested information about all those addresses, and therefore deduce they are all part of the same wallet.

Hiding through VPN is not 100% that you can protect your self not to leak any details/information from your device or PC.
Most of the websites right now are smart they can able to retrieve some information from your PC even you use VPN which I think the information they retrieve can be still used to determine if the user uses their service with the same information even you use different IPs.

Why not use Electrum instead to make a wallet you can make multiple wallets separately.
Using exchange is not recommended if you are looking for privacy use Electrum so that you can have full control of your BTC and you can able to run Electrum with proxy or TOR.

Yes. The solution is to generate multiple addresses on the exchange.
And for IP I need a VPN and I'm think I'm good for it ! It will be enough caution for me

If you make a single transaction including the bitcoin from both addresses, then that is a fairly strong indication that both addresses are part of the same wallet.

If you make two separate transactions, one from each address, then the answer is more complicated. If both transactions are to the same deposit address, and that address can easily be identified as belonging to an exchange, then that is a fairly strong indication that the same person controls both addresses, although not necessarily they are part of the same wallet. Even if the exchange allows you to generate a new deposit address for your two transactions, then obviously they will still know that you own both addresses, and may or may not share that information with other parties.

Further, you need to be careful about future use. You should obviously never use those two addresses again. If you leave change over from either of the transactions, then you have to be careful not to link that change to the other address as well in any future transactions.

All of this is based on blockchain evidence only, but there are other things you need to consider too. Since you said you are running Electrum, you will connect to a node to update your balances and broadcast transactions. That node will see requests for the balance of those two addresses and your two transactions being broadcast all from the same IP, and so could be relatively certain they are part of the same wallet.

Thanks for your answer ! Your link is very usefull to understand how a seed works.

Are you asking if your addresses can be considered that have been derived from the same seed? Because, the answer is no. Different derivation paths means completely different addresses that have no mathematical connection between them if you have only their public keys. Only the person with the seed/mnemonic can prove that they are from the same wallet. Check this if you haven't understood how a seed works: learnmeabitcoin.com/technical/mnemonic. These hashes that are performed to the derivation paths return completely different results if you change a number.


This provides you privacy. I hope I covered you.

Hello,

I have some questions about privacy and public keys.

Wallet_2 is generated with electrum software (new seed).

I have 0.01BTC in address "mzx" derivated from wallet_2.
I have also 0.01BTC in another address "mp8" derivated from wallet_2.


Wallet_2 have 0.02BTC in 2 differents addresses "mzx" and "mp8".


If I send all my BTC from wallet_2 to an exchange, using 2 independants transactions like this (feature in electrum wallet I can spend fund AND fees from only selected addresses) :

0.01 BTCfrom "mzx" to EXCHANGE "mu12".
0.01BTC from "mp8" to EXCHANGE "mu12".


Here a blockchain TESTNET link to illustrate the final transaction :
https://www.blockchain.com/fr/btc-testnet/address/mu12smFUGRdfUNpCCrS1eg6i4ifJyE76JT


Is there a way to detect that this 2 different transactions was in fact, from the same wallet ? I'm concern about privacy but I want to be sure. I know that electrum generate a determinisc master-key and I just want to know if it's effective in this case to protect my privacy. Also I can use multiple exchange addresses.