Topic: Trezor Suite will add a CoinJoin mixing protocol (Read 630 times)

Good question. I'm not sure whether JoinMarket is completely decentralized / P2P.

At the very least, I'd use Samourai's coordinator through Sparrow wallet. Of course, they could censor transactions just as well, or spy on users, but the fact is that they haven't declared any intention of doing anything like that.
Sparrow also lets me have coin control and other very detailed, advanced features that Wasabi (especially Wasabi 2.0), as well as Trezor Suite, clearly lack.

I could also argue that no other Bitcoin wallet have coinjoin implementation, except maybe Sparrow wallet that is using Samourai Wallet Whirlpool, so it's not exactly ordinary wallet.
If there is any other wallet option we can use that is fully open source with coinjoin I would like to hear more about it.
Only option I know for privacy other than mentioned above is mercurywallet.com, but this is using Bitcoin Layer 2 solution.

Yeah I agree, but majority of people is still running Electrum without their own nodes/server.

I did mention it could also have been coincidence.

He did not; only the Wasabi client is open-source and verifiable, not the backend. They are completely centralized and could be doing all sorts of shenanigans on top of the published coordinator code.
There is no closed / non-verifiable backend to be worried about in Bisq, Electrum, Bitcoin, Linux and Tor, though.

I think it's ridiculous that I have to even explain it, but:

• Bisq, Bitcoin, Tor: P2P - everyone runs the same, open, software - no non-verifiable backend server exists.
• Electrum: Attackable if you use default server; therefore requires to run your own.
• Linux: Just an OS - no networking required to be able to use it.

Wasabi is attackable just like Electrum is, when using the default server. There is no way of knowing whether an Electrum server is logging extra data, tying data together by IPs and doing other such types of nonsense. This makes running your own Bitcoin node + Electrum server so important.

Sorry sir, your theory failed because I don't use same IP address all the time, especially when wasabi wallet have Tor option integrated. 

You forgot to add Wasabi wallet in this list, it is also open source and independently reviewed and verified, and same thing I said for Wasabi applies to other wallets you mentioned.

Not everyone, just people who try to teach me some lessons about open source stuff, while not doing the same thing themselves.
For all I care, they can use Commodore 64 or Windows Vista, I don't care what someone does in their private life.

You are being disingenuous here.

Bisq, Electrum, Bitcoin Core, Linux, Tor. All of these things are open source and can be independently reviewed and verified. If you cannot do it yourself, then the trust you have is now decentralized among the entire community instead of in a singe person or entity,, since you can be fairly certainly if any of them tried to do something malicious then it would not even be merged. zkSNACKs coordinator can do anything they like with your data and not only can you not stop it from happening, but you don't even know it is happening.

You can't say that everyone should (rightly) use an open source Linux distro over closed source Windows spyware in one post, and then immediately say that using open source bitcoin software is no better than using closed source Wasabi spyware in the next post.

The problem with this idea is that it will always be an O(1), i.e. it could be a one-off 'bug' or 'temporary server issue'.
If there is no clear GUI message, any occurrence of blacklisting could be dismissed as a technical problem or bug.

It's also possible that no matter how hard you try, you can't outsmart their algorithm and purposely trigger it.
That's what I meant earlier. Meanwhile there could be someone on the other end of the world who got blacklisted and there's no way of knowing. It's impossible to know that blacklisting has not happened.

Proving the absence of something is just very, very hard. You would need to have data about every single mixing / CoinJoin attempt to make a statement such as 'they do not even blacklist yet'.

Could be coincidence, though! Or testnet blacklisting! Or IP blacklisting after the mainnet CoinJoin attempt. While likely, the failed testnet attempt is not absolute proof that the failed mainnet attempt was not blacklisting.

Maybe, maybe not. No way of knowing for sure.

It wasn't blacklisting because I tried the same thing with bitcoin testnet network and it was not working as well.
Maybe it was related with some Tor network issues related with ddos attacks, or some other unknown issue at that time.
I used wasabi v1 few times before, and it was working fine without any issues.

That is still trust, and you need to trust Bisq software is doing what it says, unless you know the to read the code yourself.
Than you also need to trust other people if you are doing p2p trading face to face.

You are not really turning off and hiding anything by switching off your modern smartphone.
Oh but wait I guess you dOn't HaVe AnyThinG tO hIDe 

There is also this: Wasabi is the Bridge to Bitcoin Fungibility.

I doubt the message would highlight the fact that your UTXOs are blacklisted or dirty and that you can't use those coins for that reason.

That quote should be assigned to dkbit98, not n0nce.

Why do you think CoinJoin users are no longer allowed to choose which UTXOs to mix? Users may never notice that some of their UTXOs were analyzed or blacklisted because everything happens behind the curtain. For this reason, we aren't going to see reports about explicit censorship cases: unwanted UTXOs get blacklisted silently, and we shouldn't expect full transparency from people (Wasabi Wallet devs) who think users are too stupid to manage their own privacy. Given all this, it probably makes sense to test the software (or rather a zkSNACKS server behavior) in another way, namely by feeding it with outputs that any blockchain surveillance firm will deem dirty and then looking if some of these outputs are never getting accepted into a CoinJoin round.

Not to get too far into the weeds, but there's very little trust required to use bisq other than having to trust that selling bitcoin for fiat won't result in a charge-back.  But that requires trusting the other trader, not the software.


There is the fact that Wasabi admitted they will be scrutinizing your UTXOs for taint.  The term "spying" may be a bit of an overreach when it comes to Wasabi themselves, but if they decide many of your UTXOs are not to their liking, they'll have enough information about your wallet that can be provided to the authorities who can possibly use that information to determine your true identity.


When I'm hunting deer I turn my phone off because I don't want Google executives knowing about my honey hole.  


Okay, so I conflated the two entities, but lets not argue about semantics.  We both know they're essentially one in the same.  I suppose it's possible that Trezor doesn't want to maintain Trezor Suite going forward, and would rather promote Wasabi as their official wallet, but I doubt that's the case.  Even if that was the case, the end result would essentially be the same thing, i.e Trezor's official wallet including zksnaks' coin-join coordinator.

I'm not sure where they first mentioned 'ultimate solution for Bitcoin privacy', but I have confirmation in their reply to my 10th question:


I see! I haven't tried it myself, but it would be interesting to know whether blacklisted inputs are marked as such / if there's any GUI for it or whether users just get a (presumably) generic error message. In that case, your experiment may even have been the first case of Wasabi blacklisting reported on the forum.

Sure, Trezor having their own coordinator - especially with their size / budget / customer base - seems like a sensible idea.

That is probably your imagined expectation because I can't find anywhere on their website information claiming they are ultimate solution for Bitcoin privacy.
Most people realistic expectations from smartphones is to be their all-in-device solution, including banking, storing secrets, personal information, virtual cards, photos, etc.  

Yes, but ask windows  guys if they are doing that, or this is also their all-in-one device for everything including gaming and crypto

Correct.

I am not sure how this works exactly, all I know is when I tried to do coinjoin in Wasabi V2 few months ago it was not working for some unknown reason.
Anyway, I think we can put some presure on Trezor developers to start new coijoin coordinator or use something different for mixing.

Well, firstly nobody claimed Wasabi is 'the only spying service' or the only closed-source backend service - be careful; these are strawman arguments.
Apart from that, it doesn't matter. It doesn't matter that they're 'not the only' potentially spying service. Especially, since their only raison d'être is privacy. They are a privacy service! If you provide a privacy service, better make it as private, anonymous and trustless as possible - if not, you're kind of defeating the whole point of it.

The smartphone doesn't claim to be the ultimate solution for Bitcoin privacy, though.

That's what I meant when I highlighted 2 examples of 'expectation vs reality'.

I may not need or care about getting the highest level of privacy and anonymity when playing a computer game on a Windows box, but may want the highest level of privacy and anonymity when it comes to anonymizing my Bitcoin holdings. Does it make sense?

For sure! It's definitely possible that you do not expect the highest level of privacy when using the self-proclaimed ultimate solution for Bitcoin privacy; I just believe most people do. Most people probably believe that the discrepancy between Wasabi's own self-appraisal and reality is borderline scammy, but everyone needs to assess that for themselves.

I think you and me both agree that just because something is the best selling or best used service / product doesn't make it the best, right?

So, in this case a screenshot from Wasabi saying the CoinJoin was denied or what?
I might actually look into their client files to see if there's already GUI for denied CoinJoins and see if I can invoke it manually through a slightly modified custom build of the software..

You're always free to have your opinion, 100% - don't worry about that!

I never said Bisq has servers, but you still need to have some level of trust with anything you use.
You can't really know that anything you use is not spying on you all the time, so it's not fair to claim this only for wasabi wallet.
Everyday smartphone is 100% spying device, yet nobody seems to mind using them all the time.

This is only your personal expectation and assumptions.
I can expect hardware wallet to work like I want, but then I start to get calls and sms from random scammers...yet this is still the best selling hardware wallet in the world  
I can expect centralized exchange to work like I want, but then they close my account claiming it's tainted coins... yet this is still exchange with largest volume in the world.
Deal with it.

Same way I verify anything, based on facts like screenshots, addresses, transactions, etc.
I am sure not going to trust any random fake reddit accounts created by timewasters and haters.

Dude it's not hard at all if you want to prove something digitally, it's not like I am trying to prove when I had my first kiss, but there would always be people who will trust or not-trust.
You guys are acting like you came from future and you expect everyone to agree with you.
Please allow me to have my own opinion, I am not forcing you to accept anything.

Wow you grow up with wNd0ws so now you must die with wiNd0ws
Speak freely I never said you should keep your mouth shut, but I sure won't go with the herd down the cliff.

Wrong.
Wasabi is not coordinator.
zkSNACKs is coordinator.

I guess that if it's on reddit and it agrees with your reasoning, it's all the proof you need. I should make a few reddit accounts and post the proof of backlisting and then it's official.

dkbit98's comment was directed towards me. I don't hide the fact that I use Windows and a Ledger hardware wallet. Both closed-source in nature. And because of that, I need to keep my mouth shut. 99% of us grew up with Windows and I doubt dkbit98 was any different. But now when we are involved with bitcoin, it seems popular to take a piss at Windows and start hating them. I don't play in that team. Windows is not a privacy-oriented OS, so be prepared for surprises when you use them. Wasabi on the other hand is supposed to be a privacy tool, but they see a future where that isn't the case. And people can say that no matter if they use Linux, Windows, Trezor, or Ledger. 

I don't know why you think that's contradictory or hypocritical.  Most modern cars operate on closed source software.  And I mean really closed to review or public scrutiny, not just some licensing verbiage that restricts redistribution.  Would you suggest I not own a car since I care about my financial privacy?  Maybe you're referring to those of us who use Windows, but in and of itself Windows is not a bitcoin wallet.  You're not entrusting portions of your wealth to Windows, the flagship product of a multi-billion dollar company that's been around for decades.  Even if we're not trying to compare apples and oranges, deflection doesn't win arguments.

Regardless of what "closed source stuff" people decide to use in one portion of their lives, that doesn't eliminate their right to care about openness from financial products they choose.  But whether Wasabi closed source or centralized is not my gripe with Wasabi; my gripe is the misinformation about privacy and fungibility.  That's not preaching about openness, it's preaching about blatant dishonesty.


Well, Trezor builds hardware wallets, and Wasabi is a coinjoin coordinator, those facts we know.  My sharply honed powers of observation leaves me with little to surmise other than Trezor plans to integrate zksnacks' coin-join into Trezor Suite.  Call me simple.

Bisq has no servers; my client connects to other clients directly through Tor. I can also connect it to my own personal node and do trades without depositing funds to my Bisq wallet (even if that's a hot, local wallet on my own machine).
Anyhow, using both Robosats (centralized LN exchange), as well as Bisq (besides the fact that it has no servers) is not comparable to using Wasabi (centralized on-chain mixer / CJ coordinator).

Robosats:
Expectation: I can trade LN sats for something else
Reality: I trade LN sats for something else

Wasabi:
Expectation: I can exchange my on-chain funds for other on-chain funds without a link
Reality: I hope that the code they run is actually the code they claim to be running and that they don't do bad stuff with the information they need to get from me (even if they have no malicious intent). If these assumptions don't hold, the whole purpose of the service falls flat.

Therefore, I basically cannot know whether using Wasabi is actually working (by not invading my privacy, but instead giving me more privacy).
In comparison, on Robosats, I do know that it is actually working, because I see the sats as fiat in my bank account. Same applies to Bisq.

The problem with your argument ('I am not defending wasabi or anything else, but someone running closed source wallet knows even less.') is that it's whataboutism. Someone can complain about Wasabi's services regarding openness, yet still use something closed.
The argument would only have made sense if Trezor was already a closed-source wallet and already talking to closed servers all the time.

And how do you verify this information? I could just pop in and state this, even if it didn't happen.
I think their own word weighs much more than someone online claiming they got blacklisted.

It's not proof that it's already happened, but it's just quite hard to prove someone did get blacklisted, and impossible to prove that nobody got blacklisted.
The point isn't this, though. The point is that if someone threatens to do something, it's indeed as if they did it, in legal terms.
So morally, if someone publicly announces they are ready to do X, for most rational people it's as if they did X.

Sure this is true if you run your own node, but ff you are using Bisq and lightning network based exchanges, you need to have some level of trust in their nodes.

Because some people here are using closed source stuff and in same time they preach other about openess... I didn't say it was you

I consider proof when someone publicly reports that his transaction was blacklisted.
Announcing a plan to do something in future is not the same thing as doing it right now.
Announcing a plan for trezor and wasabi to work together in future, doesn't even mean it will happen the way someone imagines.

I can announce anything right now and say it will happen in future, like me start growing horns, etc.
If you think that is automatically a proof this thing actually happened, then I have nothing else to add.
I personally prefer patience.

Being okay with it one thing, but being deceptive about it another thing all together.  I wouldn't mind if someone came out and said I'm going to provide a wallet and coin join service that blacklists UTXOs suspected of containing ill-gotten funds.  But to instead attempt to deceive your potential clients by claiming the service you offer is for "privacy" and to keep bitcoin "fungible" is inexcusable.  The Wasabi team are spreading blatant lies.

@dkbit98
They have already said they will start blacklisting certain UTXOs they don't like. It wasn't me, n0nce, o_e_l_e_o, or anyone else. Wasabi said it on their blog. They are fully aware of the consequences and anger of their community for this blacklisting, but they are ok with it. They don't believe anonymity is possible or desirable. They are a service advertising privacy, but they believe anonymous coins aren't good. If you don't consider that to be proof, OK, that's your opinion.