Topic: The default Wasabi Wallet coordinator will start censoring "illegal" UTXOs - page 2. (Read 1587 times)

I don't know about input amounts since blockchain is anyway transparent and accessible to everyone, but it definitely makes sense to not share with a coordinator the information that is not visible on the blockchain. For example, you have two outputs in your wallet, one of which came from your verified account on Binance, and the other came from a mixing service such as Chipmixer. These outputs have no connection with each other, except that their private keys were derived from the same seed words. When you register these outputs for a CoinJoin transaction, a coordinator may learn the fact that these outputs are linked to each other, and also he will know that some of Binance customers used a mixing service. A coordinator keeps records of all inputs and hands over this information to a blockchain surveillance firm or law enforcing agencies directly. Another example is when you're merging your coinjoined output with non-coinjoined output or with toxic change. In this case, it also becomes trivial to deanonymize you because by merging with unmixed outputs you make the whole process of mixing worthless.

It is economically irrational to selectively provide services because such a coordinator would be getting less or even no income from fees. If their only goal is to spy on users, it won't be long before everyone finds out this.

But, the inputs' amounts are already publicly known.

Knowing the input amounts is a lot of information to have. There are a very limited number of transactions in each block, and there are only so many transactions of x size (and so many groups of transactions that add up to x size).

But, that would only reveal them my inputs. What I want to obfuscate is my outputs. Therefore, they have to mix with me to find that out. Same goes for Wasabi: Honeypots must have used CoinJoin just to deanonymize those who mix.

If you are telling the coordinators that you want to mix x BTC, the coordinator will know that an output of that same amount belongs to you. A spy coordinator could agree to mix coin and end up not providing their signed portion of the transaction.

The reputation that mixers have tends to be that their customers will actually receive the proper amount of money, not that the mixer actually provides any kind of privacy (even though they advertise they do). It is not possible to know if a mixer keeps logs or not, and it is well documented that transactions can be traced through most mixers (with chip mixer being the exception).

You'd only need to advertise the amount of money you want to mix. Your outputs would be created once you found a user who'd also want to mix their funds. Your inputs and outputs and their inputs and outputs would be known only to you and them. In fact, that sounds better with more people (such as with triangular connections) as the coordinators would just exchange signatures, but there would be none would know every input's destination, in contrast with Wasabi.

You could also choose a reputable coordinator and do this traditionally, same as with mixers.

If "everyone" is a "coordinator" you are going to potentially have less privacy because you would need to tell other coordinators your inputs and outputs. I think "spy" coordinators could be used that don't (need to) actually participate in transactions, but say that they will to get the inputs and outputs. Obviously, with the status quo, there is the potential that the centralized coordinators are keeping track of this information.

It could work, at least to those who're willing to run their own, otherwise we'll fall back into trust problems. Practically, it should be very easy to make it work, and even if you didn't run your own node, and it'd provide you the same level of privacy. (Assuming you're doing everything through Tor)

A coordinator's server implementation could come pre-installed in one of these Bitcoin node OSes as well, to make it easier for the masses. Just as Lightning's peer discovery.

As you note, it appears that Wasabi transactions can already be tracked by blockchain analysis companies. Most likely, Chainanalysis did not need information from Wasabi to trace their transactions -- they only needed to use the service to see how it works.

Ehh, probably not. A centralized mixing service can do the same thing.

Probably very difficult, if not impossible. Even if you are running a tor hidden service, the authorities will attempt to find ways to get your hidden service to leak information about the "real" IP address of your server. Pretty much every darknet site has been shut down this way.

Obviously running a coordinator is not the same as running a darknet site, so law enforcement may not put as much effort into finding the person behind it. But you never know.

Alternatively, use protocol where interaction between user isn't needed. If you're looking for example, check SNICKER[1-2] or Mimblewimble protocol.


Alternatively, they should implement BIP 157/158 if they wish to support user with very limited resource (mainly internet bandwidth). But currently they don't support it[3].

[1] https://joinmarket.me/blog/blog/snicker/
[2] https://gist.github.com/AdamISZ/2c13fb5819bd469ca318156e2cf25d79
[3] https://www.samouraiwallet.com/bips

Honestly, it shouldn't even be an option not to run your own node if this software is supposed to be privacy-first. Their 'default nodes' shouldn't even exist, they should all be taken offline if they're serious about privacy. I have a gut feeling we'll end up with a 'Wasabi situation' sooner or later.

I agree with you to an extent. Yes, they promote themselves as a privacy wallet, but their website is also pretty clear about the risks you take by not running your own node and the benefits to be gained by doing so. If you go to their website, immediately under the initial blurb about the wallet itself are links to Dojo. The Dojo makes it clear that you are risking privacy if you don't use Dojo:

So what's the solution here? Every user running their own coordinator, all of which communicate with everyone else's coordinator in a decentralized manner, much like the bitcoin network itself?

This is only a small mitigation in my opinion because we will face the same conundrum as we face in something like Electrum (although Electrum isn't privacy oriented). The [coordinator] servers could simply be honeypots created by centralized deanonymizers that would directly take all the user information making mixing ineffective without needing to censor anything.

It's disingenuous though. I mean they sell it as super duper anonymous, while random SPV wallet devs don't. The ability to use Whirlpool without a full node is extremely misleading and barely better than not mixing at all honestly. It should not be a feature in the first place, in my opinion.
Your UTXO privacy will wholly rely on Samourai not pulling a Wasabi; and with the way they communicate and operate, they don't give me a very trustable feeling honestly. Nothing in particular regarding working with regulators or such, but the general attitude of them and unpoliteness mostly.

Honestly, thanks to Tor trustless instant exchangers, it's easier to get Lightning funds and use them to pay than going onto a trading platform and swapping into and back out of a shitcoin. Lightning is a pretty good way to gain privacy.

Selling yourself out is one thing. Selling out thousands of users who use your service is another altogether. If Wasabi were actually being sanctioned, then the correct thing to do would be as I explained above - warn people it is going to happen, explain how they should mitigate it, and maybe shut down their centralized coordinator altogether to encourage the proliferation of decentralized ones which won't censor transactions. But doing that would mean less money for them, so obviously much better to sell out their users than affect their profits.

Agree 100%. The fact that they capitulated with absolutely zero fight and of their own free will months or even years before they would actually be forced to makes me question their real motives entirely. Because honestly, their behavior is pretty indistinguishable from a honeypot; set up a privacy enhancing service, get lots of people to use it, then in one fell swoop start censoring transactions and cooperating with blockchain analysis companies.

Since you mentioned Fluffypony, I'll share a slide from a presentation he gave:

Had I created Wasabi, I would have assumed and prepared myself for the moment the government knocks on my door and starts asking questions or threatens me.  In fact, just think about it.  I am kind of sure I will be a target of the government myself JUST for trying to stay private.  I am not even doing anything illegal and I am already looking up ways to protect myself for when my government starts questioning me for trying to get away from CCTV's, fingerprints, smart tech et cetera and have my own corner of privacy.

Wasabi created a privacy wallet that makes a number of coins fungible.  They knew about Chainalysis.  They knew that IRS, FBI or whatever institution that was was going to pay money big time for whoever bypasses CoinJoin and Lightning Network and destroys the privacy these two create.  And this was months to years ago!  Wasabi hundred percent knew what they were doing and that some illegal transactions would get into the mix.  They hundred percent knew pressure would be put on them one day.

This is where I admire Monero's Fluffpony.  When they knocked on his door, he already knew he was a target of the government yet he did not compromise, at least yet, his project like Wasabi did.  This is like committing a crime.  When the cops come to your door, you can not come up with the excuse that you did not know how to react.  You must be prepared, and you must have a Plan B.  Even better if you also have a Plan C and Plan D, just in case the other two fail.

My personal take: if they created Wasabi for the privacy they promised and truly had the intentions and ideas they mentioned they had, they would have been prepared for this moment.  And if they were prepared for this moment, they would have fought and Wasabi would have at least yet not been censored.  At least, not by their own choice of doing so.

-
Regards,
PrivacyG

I agree with you 100%. But we both know that not everyone acts the same way when put under pressure or if threatened with legal consequences (now or in the future). I know a guy who was called to his local tax office and asked why he hasn't payed his taxes for certain types of services he offered in the past. They had proof of his transactions dating back 2-3 years. They told him he would get fined and maybe incarcerated (depending on the total amount he owes). The dude got so scared that he admitted he did it longer than the period they had proof for. Someone else would have just laughed at the accusations and made up a plausible explanation.

I believe a "for-privacy" offchain layer could be a feaible path for preseving fungibility for Bitcoin. Merely a network for handling a high volume of transactions might not be enough. Lightning is a little cumbersome to use. Users can simply trade their coins for faster shitcoins. There has to be some other form of utility for Lightning that users truly need.

So instead they should say "Hey guys, we are going to have to start censoring UTXOs in the future. Take the time now to set up other coordinators or get your coins off Wasabi altogether." This whole "we are just doing what we are told" thing they are trying to cling to is pathetic.

All the more reason for them to fight this. It's not the case that they must do this now or face legal action. They've probably got months if not years before whatever legislation they were threatened with is introduced, debated, amended, passed, and enacted. Plenty of time for them to fight this, mount legal challenges, lobby, campaign, etc. Instead they surrender immediately and sell out their users. Absolutely pathetic and completely untrustworthy.

It could be a combination of both. They want to start censoring transactions now before it gets too late. They have been warned and they are now acting "accordingly" to prevent any future damage or penalties.

The post witcher_sense copied says:
One way to interpret this is that someone told them: Listen here you Wasabi scumbags. You either do what we tell you to do now, or you are going to be sorry you didn't listen when we change the legal framework in the future!

They simply gave in...