Pages:
Author

Topic: The default Wasabi Wallet coordinator will start censoring "illegal" UTXOs - page 2. (Read 1473 times)

legendary
Activity: 2254
Merit: 4260
🔐BitcoinMessage.Tools🔑
If you are telling the coordinators that you want to mix x BTC, the coordinator will know that an output of that same amount belongs to you.

I don't know about input amounts since blockchain is anyway transparent and accessible to everyone, but it definitely makes sense to not share with a coordinator the information that is not visible on the blockchain. For example, you have two outputs in your wallet, one of which came from your verified account on Binance, and the other came from a mixing service such as Chipmixer. These outputs have no connection with each other, except that their private keys were derived from the same seed words. When you register these outputs for a CoinJoin transaction, a coordinator may learn the fact that these outputs are linked to each other, and also he will know that some of Binance customers used a mixing service. A coordinator keeps records of all inputs and hands over this information to a blockchain surveillance firm or law enforcing agencies directly. Another example is when you're merging your coinjoined output with non-coinjoined output or with toxic change. In this case, it also becomes trivial to deanonymize you because by merging with unmixed outputs you make the whole process of mixing worthless.

A spy coordinator could agree to mix coin and end up not providing their signed portion of the transaction.
It is economically irrational to selectively provide services because such a coordinator would be getting less or even no income from fees. If their only goal is to spy on users, it won't be long before everyone finds out this.
legendary
Activity: 1344
Merit: 6415
Farewell, Leo
Knowing the input amounts is a lot of information to have.
But, the inputs' amounts are already publicly known.
copper member
Activity: 1610
Merit: 1898
Amazon Prime Member #7
If you are telling the coordinators that you want to mix x BTC, the coordinator will know that an output of that same amount belongs to you. A spy coordinator could agree to mix coin and end up not providing their signed portion of the transaction.
But, that would only reveal them my inputs. What I want to obfuscate is my outputs. Therefore, they have to mix with me to find that out. Same goes for Wasabi: Honeypots must have used CoinJoin just to deanonymize those who mix.
Knowing the input amounts is a lot of information to have. There are a very limited number of transactions in each block, and there are only so many transactions of x size (and so many groups of transactions that add up to x size).
legendary
Activity: 1344
Merit: 6415
Farewell, Leo
If you are telling the coordinators that you want to mix x BTC, the coordinator will know that an output of that same amount belongs to you. A spy coordinator could agree to mix coin and end up not providing their signed portion of the transaction.
But, that would only reveal them my inputs. What I want to obfuscate is my outputs. Therefore, they have to mix with me to find that out. Same goes for Wasabi: Honeypots must have used CoinJoin just to deanonymize those who mix.
copper member
Activity: 1610
Merit: 1898
Amazon Prime Member #7
If "everyone" is a "coordinator" you are going to potentially have less privacy because you would need to tell other coordinators your inputs and outputs.
You'd only need to advertise the amount of money you want to mix. Your outputs would be created once you found a user who'd also want to mix their funds. Your inputs and outputs and their inputs and outputs would be known only to you and them. In fact, that sounds better with more people (such as with triangular connections) as the coordinators would just exchange signatures, but there would be none would know every input's destination, in contrast with Wasabi.
If you are telling the coordinators that you want to mix x BTC, the coordinator will know that an output of that same amount belongs to you. A spy coordinator could agree to mix coin and end up not providing their signed portion of the transaction.

You could also choose a reputable coordinator and do this traditionally, same as with mixers.
The reputation that mixers have tends to be that their customers will actually receive the proper amount of money, not that the mixer actually provides any kind of privacy (even though they advertise they do). It is not possible to know if a mixer keeps logs or not, and it is well documented that transactions can be traced through most mixers (with chip mixer being the exception).
legendary
Activity: 1344
Merit: 6415
Farewell, Leo
If "everyone" is a "coordinator" you are going to potentially have less privacy because you would need to tell other coordinators your inputs and outputs.
You'd only need to advertise the amount of money you want to mix. Your outputs would be created once you found a user who'd also want to mix their funds. Your inputs and outputs and their inputs and outputs would be known only to you and them. In fact, that sounds better with more people (such as with triangular connections) as the coordinators would just exchange signatures, but there would be none would know every input's destination, in contrast with Wasabi.

You could also choose a reputable coordinator and do this traditionally, same as with mixers.
copper member
Activity: 1610
Merit: 1898
Amazon Prime Member #7
If "everyone" is a "coordinator" you are going to potentially have less privacy because you would need to tell other coordinators your inputs and outputs. I think "spy" coordinators could be used that don't (need to) actually participate in transactions, but say that they will to get the inputs and outputs. Obviously, with the status quo, there is the potential that the centralized coordinators are keeping track of this information.
legendary
Activity: 1344
Merit: 6415
Farewell, Leo
So what's the solution here? Every user running their own coordinator, all of which communicate with everyone else's coordinator in a decentralized manner, much like the bitcoin network itself?
It could work, at least to those who're willing to run their own, otherwise we'll fall back into trust problems. Practically, it should be very easy to make it work, and even if you didn't run your own node, and it'd provide you the same level of privacy. (Assuming you're doing everything through Tor)

A coordinator's server implementation could come pre-installed in one of these Bitcoin node OSes as well, to make it easier for the masses. Just as Lightning's peer discovery.
copper member
Activity: 1610
Merit: 1898
Amazon Prime Member #7
If they are willing to ban certain inputs, then it won't be long before they are willing to cooperate with blockchain analysis and de-anonymize transactions altogether. Yet another good entity which has sold out its principles and its users. What a shame.

Still, it seems that Wasabi has never been as safe as we all think:
Using a capability that is being disclosed here for the first time, Chainalysis de-mixed the Wasabi transactions and tracked their output to four exchanges.
As you note, it appears that Wasabi transactions can already be tracked by blockchain analysis companies. Most likely, Chainanalysis did not need information from Wasabi to trace their transactions -- they only needed to use the service to see how it works.

This will push more people to centralized mixing services.
Ehh, probably not. A centralized mixing service can do the same thing.

Pardon my ignorance — but how hard is it to run such coordinators in a private manner? At the very least private enough for the authorities to have a very hard time in finding you if it's the case that you didn't comply.
Probably very difficult, if not impossible. Even if you are running a tor hidden service, the authorities will attempt to find ways to get your hidden service to leak information about the "real" IP address of your server. Pretty much every darknet site has been shut down this way.

Obviously running a coordinator is not the same as running a darknet site, so law enforcement may not put as much effort into finding the person behind it. But you never know.
legendary
Activity: 2828
Merit: 7315
This is only a small mitigation in my opinion because we will face the same conundrum as we face in something like Electrum (although Electrum isn't privacy oriented).
So what's the solution here? Every user running their own coordinator, all of which communicate with everyone else's coordinator in a decentralized manner, much like the bitcoin network itself?

Alternatively, use protocol where interaction between user isn't needed. If you're looking for example, check SNICKER[1-2] or Mimblewimble protocol.

Samourai Wallet is already unrivaled in transaction privacy, but the default configuration is still subject to network level privacy loss. Hosting your own Dojo allows you to simply bypass our default servers and circumvent these concerns.

So yeah, perhaps this information should be more visible, but they are not actively hiding it.
Honestly, it shouldn't even be an option not to run your own node if this software is supposed to be privacy-first. Their 'default nodes' shouldn't even exist, they should all be taken offline if they're serious about privacy. I have a gut feeling we'll end up with a 'Wasabi situation' sooner or later.

Alternatively, they should implement BIP 157/158 if they wish to support user with very limited resource (mainly internet bandwidth). But currently they don't support it[3].

[1] https://joinmarket.me/blog/blog/snicker/
[2] https://gist.github.com/AdamISZ/2c13fb5819bd469ca318156e2cf25d79
[3] https://www.samouraiwallet.com/bips
hero member
Activity: 868
Merit: 5808
not your keys, not your coins!
Samourai Wallet is already unrivaled in transaction privacy, but the default configuration is still subject to network level privacy loss. Hosting your own Dojo allows you to simply bypass our default servers and circumvent these concerns.

So yeah, perhaps this information should be more visible, but they are not actively hiding it.
Honestly, it shouldn't even be an option not to run your own node if this software is supposed to be privacy-first. Their 'default nodes' shouldn't even exist, they should all be taken offline if they're serious about privacy. I have a gut feeling we'll end up with a 'Wasabi situation' sooner or later.
legendary
Activity: 2268
Merit: 18492
It's disingenuous though. I mean they sell it as super duper anonymous, while random SPV wallet devs don't.
I agree with you to an extent. Yes, they promote themselves as a privacy wallet, but their website is also pretty clear about the risks you take by not running your own node and the benefits to be gained by doing so. If you go to their website, immediately under the initial blurb about the wallet itself are links to Dojo. The Dojo makes it clear that you are risking privacy if you don't use Dojo:

This is only a small mitigation in my opinion because we will face the same conundrum as we face in something like Electrum (although Electrum isn't privacy oriented).
So what's the solution here? Every user running their own coordinator, all of which communicate with everyone else's coordinator in a decentralized manner, much like the bitcoin network itself?
legendary
Activity: 3402
Merit: 10424
explain how they should mitigate it, and maybe shut down their centralized coordinator altogether to encourage the proliferation of decentralized ones which won't censor transactions. But doing that would mean less money for them, so obviously much better to sell out their users than affect their profits.
This is only a small mitigation in my opinion because we will face the same conundrum as we face in something like Electrum (although Electrum isn't privacy oriented). The [coordinator] servers could simply be honeypots created by centralized deanonymizers that would directly take all the user information making mixing ineffective without needing to censor anything.
hero member
Activity: 868
Merit: 5808
not your keys, not your coins!
How about this?

Unless you're connecting to Whirlpool via RoninDojo, Samourai Wallet devs can deanonymize you because they will know your main wallet xpub, your pre-mix xpub, your post-mix xpub and toxic change xpub.
Which is the case for every wallet in existence. If you aren't connecting to your own full node, then the owner of whichever node you are connecting to will be able to monitor your activity.
It's disingenuous though. I mean they sell it as super duper anonymous, while random SPV wallet devs don't. The ability to use Whirlpool without a full node is extremely misleading and barely better than not mixing at all honestly. It should not be a feature in the first place, in my opinion.
Your UTXO privacy will wholly rely on Samourai not pulling a Wasabi; and with the way they communicate and operate, they don't give me a very trustable feeling honestly. Nothing in particular regarding working with regulators or such, but the general attitude of them and unpoliteness mostly.

I believe a "for-privacy" offchain layer could be a feaible path for preseving fungibility for Bitcoin. Merely a network for handling a high volume of transactions might not be enough. Lightning is a little cumbersome to use. Users can simply trade their coins for faster shitcoins. There has to be some other form of utility for Lightning that users truly need.
Honestly, thanks to Tor trustless instant exchangers, it's easier to get Lightning funds and use them to pay than going onto a trading platform and swapping into and back out of a shitcoin. Lightning is a pretty good way to gain privacy.
legendary
Activity: 2268
Merit: 18492
I know a guy who was called to his local tax office and asked why he hasn't payed his taxes for certain types of services he offered in the past. They had proof of his transactions dating back 2-3 years. They told him he would get fined and maybe incarcerated (depending on the total amount he owes). The dude got so scared that he admitted he did it longer than the period they had proof for. Someone else would have just laughed at the accusations and made up a plausible explanation.
Selling yourself out is one thing. Selling out thousands of users who use your service is another altogether. If Wasabi were actually being sanctioned, then the correct thing to do would be as I explained above - warn people it is going to happen, explain how they should mitigate it, and maybe shut down their centralized coordinator altogether to encourage the proliferation of decentralized ones which won't censor transactions. But doing that would mean less money for them, so obviously much better to sell out their users than affect their profits.

My personal take: if they created Wasabi for the privacy they promised and truly had the intentions and ideas they mentioned they had, they would have been prepared for this moment.  And if they were prepared for this moment, they would have fought and Wasabi would have at least yet not been censored.  At least, not by their own choice of doing so.
Agree 100%. The fact that they capitulated with absolutely zero fight and of their own free will months or even years before they would actually be forced to makes me question their real motives entirely. Because honestly, their behavior is pretty indistinguishable from a honeypot; set up a privacy enhancing service, get lots of people to use it, then in one fell swoop start censoring transactions and cooperating with blockchain analysis companies.

Since you mentioned Fluffypony, I'll share a slide from a presentation he gave:

hero member
Activity: 728
Merit: 1695
Crypto Swap Exchange
But we both know that not everyone acts the same way when put under pressure or if threatened with legal consequences (now or in the future).
Had I created Wasabi, I would have assumed and prepared myself for the moment the government knocks on my door and starts asking questions or threatens me.  In fact, just think about it.  I am kind of sure I will be a target of the government myself JUST for trying to stay private.  I am not even doing anything illegal and I am already looking up ways to protect myself for when my government starts questioning me for trying to get away from CCTV's, fingerprints, smart tech et cetera and have my own corner of privacy.

Wasabi created a privacy wallet that makes a number of coins fungible.  They knew about Chainalysis.  They knew that IRS, FBI or whatever institution that was was going to pay money big time for whoever bypasses CoinJoin and Lightning Network and destroys the privacy these two create.  And this was months to years ago!  Wasabi hundred percent knew what they were doing and that some illegal transactions would get into the mix.  They hundred percent knew pressure would be put on them one day.

This is where I admire Monero's Fluffpony.  When they knocked on his door, he already knew he was a target of the government yet he did not compromise, at least yet, his project like Wasabi did.  This is like committing a crime.  When the cops come to your door, you can not come up with the excuse that you did not know how to react.  You must be prepared, and you must have a Plan B.  Even better if you also have a Plan C and Plan D, just in case the other two fail.

My personal take: if they created Wasabi for the privacy they promised and truly had the intentions and ideas they mentioned they had, they would have been prepared for this moment.  And if they were prepared for this moment, they would have fought and Wasabi would have at least yet not been censored.  At least, not by their own choice of doing so.

-
Regards,
PrivacyG
legendary
Activity: 2716
Merit: 7007
Farewell, Leo. You will be missed!
All the more reason for them to fight this. It's not the case that they must do this now or face legal action. They've probably got months if not years before whatever legislation they were threatened with is introduced, debated, amended, passed, and enacted. Plenty of time for them to fight this, mount legal challenges, lobby, campaign, etc. Instead they surrender immediately and sell out their users. Absolutely pathetic and completely untrustworthy.
I agree with you 100%. But we both know that not everyone acts the same way when put under pressure or if threatened with legal consequences (now or in the future). I know a guy who was called to his local tax office and asked why he hasn't payed his taxes for certain types of services he offered in the past. They had proof of his transactions dating back 2-3 years. They told him he would get fined and maybe incarcerated (depending on the total amount he owes). The dude got so scared that he admitted he did it longer than the period they had proof for. Someone else would have just laughed at the accusations and made up a plausible explanation.
legendary
Activity: 2870
Merit: 1794
But how would developers mitigate this in the next iteration of the "next Wasabi"? Or what other alternatives can be built, using another path, to protect and preserve Bitcoin's fungibility? Offchain layer with Zero-Knowledge Proofs perhaps? Is that possible?

Best alternative wallet I see is Mercury wallet that is working on totally different principle of swaping private keys in secure way, in that way fees are much lower and privacy can be much higher.

I don't think regulators will be able to do anything with Mercury wallet, but there is always good old mixers we all know, or using Lightning Network is viable alternative.

Instead of creating bunch of shitcoin projects, developers should focus more on making better privacy for bitcoin, but hey you can't scam people like that and become rich overnight...


I believe a "for-privacy" offchain layer could be a feaible path for preseving fungibility for Bitcoin. Merely a network for handling a high volume of transactions might not be enough. Lightning is a little cumbersome to use. Users can simply trade their coins for faster shitcoins. There has to be some other form of utility for Lightning that users truly need.
legendary
Activity: 2268
Merit: 18492
It could be a combination of both. They want to start censoring transactions now before it gets too late. They have been warned and they are now acting "accordingly" to prevent any future damage or penalties.
So instead they should say "Hey guys, we are going to have to start censoring UTXOs in the future. Take the time now to set up other coordinators or get your coins off Wasabi altogether." This whole "we are just doing what we are told" thing they are trying to cling to is pathetic.

One way to interpret this is that someone told them: Listen here you Wasabi scumbags. You either do what we tell you to do now, or you are going to be sorry you didn't listen when we change the legal framework in the future!
All the more reason for them to fight this. It's not the case that they must do this now or face legal action. They've probably got months if not years before whatever legislation they were threatened with is introduced, debated, amended, passed, and enacted. Plenty of time for them to fight this, mount legal challenges, lobby, campaign, etc. Instead they surrender immediately and sell out their users. Absolutely pathetic and completely untrustworthy.
legendary
Activity: 2716
Merit: 7007
Farewell, Leo. You will be missed!
Wasabi are censoring inputs because they want to, and not because they are being forced to. They have moved to the opposite end of the spectrum with a single decision. I cannot understand what they are thinking here. No sane person should every use Wasabi again.
It could be a combination of both. They want to start censoring transactions now before it gets too late. They have been warned and they are now acting "accordingly" to prevent any future damage or penalties.

The post witcher_sense copied says:
“There are no current regulations on ongoing joint coordinators. However, I’m aware this is going to change in the future.”[/i]
One way to interpret this is that someone told them: Listen here you Wasabi scumbags. You either do what we tell you to do now, or you are going to be sorry you didn't listen when we change the legal framework in the future!

They simply gave in...
Pages:
Jump to: