Author

Topic: Trezor Suite will add a CoinJoin mixing protocol (Read 727 times)

hero member
Activity: 924
Merit: 5950
not your keys, not your coins!
September 17, 2022, 06:52:41 PM
#59
If there is any other wallet option we can use that is fully open source with coinjoin I would like to hear more about it.
Only option I know for privacy other than mentioned above is mercurywallet.com, but this is using Bitcoin Layer 2 solution.
Good question. I'm not sure whether JoinMarket is completely decentralized / P2P.

At the very least, I'd use Samourai's coordinator through Sparrow wallet. Of course, they could censor transactions just as well, or spy on users, but the fact is that they haven't declared any intention of doing anything like that.
Sparrow also lets me have coin control and other very detailed, advanced features that Wasabi (especially Wasabi 2.0), as well as Trezor Suite, clearly lack.
legendary
Activity: 2212
Merit: 7064
He did not; only the Wasabi client is open-source and verifiable, not the backend. They are completely centralized and could be doing all sorts of shenanigans on top of the published coordinator code.
There is no closed / non-verifiable backend to be worried about in Bisq, Electrum, Bitcoin, Linux and Tor, though.
I could also argue that no other Bitcoin wallet have coinjoin implementation, except maybe Sparrow wallet that is using Samourai Wallet Whirlpool, so it's not exactly ordinary wallet.
If there is any other wallet option we can use that is fully open source with coinjoin I would like to hear more about it.
Only option I know for privacy other than mentioned above is mercurywallet.com, but this is using Bitcoin Layer 2 solution.

Wasabi is attackable just like Electrum is, when using the default server. There is no way of knowing whether an Electrum server is logging extra data, tying data together by IPs and doing other such types of nonsense. This makes running your own Bitcoin node + Electrum server so important.
Yeah I agree, but majority of people is still running Electrum without their own nodes/server.
hero member
Activity: 924
Merit: 5950
not your keys, not your coins!
Could be coincidence, though! Or testnet blacklisting! Or IP blacklisting after the mainnet CoinJoin attempt. While likely, the failed testnet attempt is not absolute proof that the failed mainnet attempt was not blacklisting.
Sorry sir, your theory failed because I don't use same IP address all the time, especially when wasabi wallet have Tor option integrated.  Grin
I did mention it could also have been coincidence.

Bisq, Electrum, Bitcoin Core, Linux, Tor. All of these things are open source and can be independently reviewed and verified.
You forgot to add Wasabi wallet in this list, it is also open source and independently reviewed and verified, and same thing I said for Wasabi applies to other wallets you mentioned.
He did not; only the Wasabi client is open-source and verifiable, not the backend. They are completely centralized and could be doing all sorts of shenanigans on top of the published coordinator code.
There is no closed / non-verifiable backend to be worried about in Bisq, Electrum, Bitcoin, Linux and Tor, though.

I think it's ridiculous that I have to even explain it, but:
  • Bisq, Bitcoin, Tor: P2P - everyone runs the same, open, software - no non-verifiable backend server exists.
  • Electrum: Attackable if you use default server; therefore requires to run your own.
  • Linux: Just an OS - no networking required to be able to use it.

Wasabi is attackable just like Electrum is, when using the default server. There is no way of knowing whether an Electrum server is logging extra data, tying data together by IPs and doing other such types of nonsense. This makes running your own Bitcoin node + Electrum server so important.
legendary
Activity: 2212
Merit: 7064
Could be coincidence, though! Or testnet blacklisting! Or IP blacklisting after the mainnet CoinJoin attempt. While likely, the failed testnet attempt is not absolute proof that the failed mainnet attempt was not blacklisting.
Sorry sir, your theory failed because I don't use same IP address all the time, especially when wasabi wallet have Tor option integrated.  Grin

Bisq, Electrum, Bitcoin Core, Linux, Tor. All of these things are open source and can be independently reviewed and verified.
You forgot to add Wasabi wallet in this list, it is also open source and independently reviewed and verified, and same thing I said for Wasabi applies to other wallets you mentioned.

You can't say that everyone should (rightly) use an open source Linux distro over closed source Windows spyware in one post, and then immediately say that using open source bitcoin software is no better than using closed source Wasabi spyware in the next post.
Not everyone, just people who try to teach me some lessons about open source stuff, while not doing the same thing themselves.
For all I care, they can use Commodore 64 or Windows Vista, I don't care what someone does in their private life.
legendary
Activity: 2268
Merit: 18775
That is still trust, and you need to trust Bisq software is doing what it says, unless you know the to read the code yourself.
You are being disingenuous here.

Bisq, Electrum, Bitcoin Core, Linux, Tor. All of these things are open source and can be independently reviewed and verified. If you cannot do it yourself, then the trust you have is now decentralized among the entire community instead of in a singe person or entity,, since you can be fairly certainly if any of them tried to do something malicious then it would not even be merged. zkSNACKs coordinator can do anything they like with your data and not only can you not stop it from happening, but you don't even know it is happening.

You can't say that everyone should (rightly) use an open source Linux distro over closed source Windows spyware in one post, and then immediately say that using open source bitcoin software is no better than using closed source Wasabi spyware in the next post.
hero member
Activity: 924
Merit: 5950
not your keys, not your coins!
Given all this, it probably makes sense to test the software (or rather a zkSNACKS server behavior) in another way, namely by feeding it with outputs that any blockchain surveillance firm will deem dirty and then looking if some of these outputs are never getting accepted into a CoinJoin round.
The problem with this idea is that it will always be an O(1), i.e. it could be a one-off 'bug' or 'temporary server issue'.
If there is no clear GUI message, any occurrence of blacklisting could be dismissed as a technical problem or bug.

It's also possible that no matter how hard you try, you can't outsmart their algorithm and purposely trigger it.
That's what I meant earlier. Meanwhile there could be someone on the other end of the world who got blacklisted and there's no way of knowing. It's impossible to know that blacklisting has not happened.
it's just quite hard to prove someone did get blacklisted, and impossible to prove that nobody got blacklisted.

Proving the absence of something is just very, very hard. You would need to have data about every single mixing / CoinJoin attempt to make a statement such as 'they do not even blacklist yet'.

I see! I haven't tried it myself, but it would be interesting to know whether blacklisted inputs are marked as such / if there's any GUI for it or whether users just get a (presumably) generic error message. In that case, your experiment may even have been the first case of Wasabi blacklisting reported on the forum.
It wasn't blacklisting because I tried the same thing with bitcoin testnet network and it was not working as well.
Could be coincidence, though! Or testnet blacklisting! Or IP blacklisting after the mainnet CoinJoin attempt. While likely, the failed testnet attempt is not absolute proof that the failed mainnet attempt was not blacklisting.

Maybe it was related with some Tor network issues related with ddos attacks, or some other unknown issue at that time.
Maybe, maybe not. No way of knowing for sure.
legendary
Activity: 2212
Merit: 7064
I see! I haven't tried it myself, but it would be interesting to know whether blacklisted inputs are marked as such / if there's any GUI for it or whether users just get a (presumably) generic error message. In that case, your experiment may even have been the first case of Wasabi blacklisting reported on the forum.
It wasn't blacklisting because I tried the same thing with bitcoin testnet network and it was not working as well.
Maybe it was related with some Tor network issues related with ddos attacks, or some other unknown issue at that time.
I used wasabi v1 few times before, and it was working fine without any issues.

Not to get too far into the weeds, but there's very little trust required to use bisq other than having to trust that selling bitcoin for fiat won't result in a charge-back.  But that requires trusting the other trader, not the software.
That is still trust, and you need to trust Bisq software is doing what it says, unless you know the to read the code yourself.
Than you also need to trust other people if you are doing p2p trading face to face.

When I'm hunting deer I turn my phone off because I don't want Google executives knowing about my honey hole.  Tongue
You are not really turning off and hiding anything by switching off your modern smartphone.
Oh but wait I guess you dOn't HaVe AnyThinG tO hIDe  Cheesy

legendary
Activity: 2730
Merit: 7065
I'm not sure where they first mentioned 'ultimate solution for Bitcoin privacy', but I have confirmation in their reply to my 10th question:
There is also this: Wasabi is the Bridge to Bitcoin Fungibility.

I see! I haven't tried it myself, but it would be interesting to know whether blacklisted inputs are marked as such / if there's any GUI for it or whether users just get a (presumably) generic error message.
I doubt the message would highlight the fact that your UTXOs are blacklisted or dirty and that you can't use those coins for that reason.

That quote should be assigned to dkbit98, not n0nce.
legendary
Activity: 2464
Merit: 4419
🔐BitcoinMessage.Tools🔑
I am not sure how this works exactly, all I know is when I tried to do coinjoin in Wasabi V2 few months ago it was not working for some unknown reason.
Why do you think CoinJoin users are no longer allowed to choose which UTXOs to mix? Users may never notice that some of their UTXOs were analyzed or blacklisted because everything happens behind the curtain. For this reason, we aren't going to see reports about explicit censorship cases: unwanted UTXOs get blacklisted silently, and we shouldn't expect full transparency from people (Wasabi Wallet devs) who think users are too stupid to manage their own privacy. Given all this, it probably makes sense to test the software (or rather a zkSNACKS server behavior) in another way, namely by feeding it with outputs that any blockchain surveillance firm will deem dirty and then looking if some of these outputs are never getting accepted into a CoinJoin round.
copper member
Activity: 2338
Merit: 4543
Join the world-leading crypto sportsbook NOW!
I never said Bisq has servers, but you still need to have some level of trust with anything you use.

Not to get too far into the weeds, but there's very little trust required to use bisq other than having to trust that selling bitcoin for fiat won't result in a charge-back.  But that requires trusting the other trader, not the software.

You can't really know that anything you use is not spying on you all the time, so it's not fair to claim this only for wasabi wallet.

There is the fact that Wasabi admitted they will be scrutinizing your UTXOs for taint.  The term "spying" may be a bit of an overreach when it comes to Wasabi themselves, but if they decide many of your UTXOs are not to their liking, they'll have enough information about your wallet that can be provided to the authorities who can possibly use that information to determine your true identity.

Everyday smartphone is 100% spying device, yet nobody seems to mind using them all the time.

When I'm hunting deer I turn my phone off because I don't want Google executives knowing about my honey hole.  Tongue

Well, Trezor builds hardware wallets, and Wasabi is a coinjoin coordinator, those facts we know.  My sharply honed powers of observation leaves me with little to surmise other than Trezor plans to integrate zksnacks' coin-join into Trezor Suite.  Call me simple.
Wrong.
Wasabi is not coordinator.
zkSNACKs is coordinator.

Okay, so I conflated the two entities, but lets not argue about semantics.  We both know they're essentially one in the same.  I suppose it's possible that Trezor doesn't want to maintain Trezor Suite going forward, and would rather promote Wasabi as their official wallet, but I doubt that's the case.  Even if that was the case, the end result would essentially be the same thing, i.e Trezor's official wallet including zksnaks' coin-join coordinator.
hero member
Activity: 924
Merit: 5950
not your keys, not your coins!
The smartphone doesn't claim to be the ultimate solution for Bitcoin privacy, though.

That's what I meant when I highlighted 2 examples of 'expectation vs reality'.
That is probably your imagined expectation because I can't find anywhere on their website information claiming they are ultimate solution for Bitcoin privacy.
I'm not sure where they first mentioned 'ultimate solution for Bitcoin privacy', but I have confirmation in their reply to my 10th question:

[...]
Such statements make it appear like you believe yours is the only privacy solution and that there is no privacy in Bitcoin without Wasabi. Would you confirm this? Actually, later you admit that LN has better privacy, so this already seems like a contradiction.
Answer: We sincerely see WabiSabi as the best on-chain privacy technology in bitcoin today[emphasis mine]. We are aware of various other projects but in all honesty, they are shooting very low. Once you understand WabiSabi, you’ll see why we think it’s on a completely different level. Lightning is nice but not for on-chain privacy.

So, in this case a screenshot from Wasabi saying the CoinJoin was denied or what?
I am not sure how this works exactly, all I know is when I tried to do coinjoin in Wasabi V2 few months ago it was not working for some unknown reason.
I see! I haven't tried it myself, but it would be interesting to know whether blacklisted inputs are marked as such / if there's any GUI for it or whether users just get a (presumably) generic error message. In that case, your experiment may even have been the first case of Wasabi blacklisting reported on the forum.

Anyway, I think we can put some pressure on Trezor developers to start new coinjoin coordinator or use something different for mixing.
Sure, Trezor having their own coordinator - especially with their size / budget / customer base - seems like a sensible idea.
legendary
Activity: 2212
Merit: 7064
The smartphone doesn't claim to be the ultimate solution for Bitcoin privacy, though.

That's what I meant when I highlighted 2 examples of 'expectation vs reality'.
That is probably your imagined expectation because I can't find anywhere on their website information claiming they are ultimate solution for Bitcoin privacy.
Most people realistic expectations from smartphones is to be their all-in-device solution, including banking, storing secrets, personal information, virtual cards, photos, etc.  

I may not need or care about getting the highest level of privacy and anonymity when playing a computer game on a Windows box, but may want the highest level of privacy and anonymity when it comes to anonymizing my Bitcoin holdings. Does it make sense?
Yes, but ask windows  guys if they are doing that, or this is also their all-in-one device for everything including gaming and crypto Tongue

I think you and me both agree that just because something is the best selling or best used service / product doesn't make it the best, right?
Correct.

So, in this case a screenshot from Wasabi saying the CoinJoin was denied or what?
I am not sure how this works exactly, all I know is when I tried to do coinjoin in Wasabi V2 few months ago it was not working for some unknown reason.
Anyway, I think we can put some presure on Trezor developers to start new coijoin coordinator or use something different for mixing.
hero member
Activity: 924
Merit: 5950
not your keys, not your coins!
Bisq has no servers; my client connects to other clients directly through Tor.
I never said Bisq has servers, but you still need to have some level of trust with anything you use.
You can't really know that anything you use is not spying on you all the time, so it's not fair to claim this only for wasabi wallet.
Well, firstly nobody claimed Wasabi is 'the only spying service' or the only closed-source backend service - be careful; these are strawman arguments.
Apart from that, it doesn't matter. It doesn't matter that they're 'not the only' potentially spying service. Especially, since their only raison d'être is privacy. They are a privacy service! If you provide a privacy service, better make it as private, anonymous and trustless as possible - if not, you're kind of defeating the whole point of it.

Everyday smartphone is 100% spying device, yet nobody seems to mind using them all the time.
The smartphone doesn't claim to be the ultimate solution for Bitcoin privacy, though.

That's what I meant when I highlighted 2 examples of 'expectation vs reality'.

I may not need or care about getting the highest level of privacy and anonymity when playing a computer game on a Windows box, but may want the highest level of privacy and anonymity when it comes to anonymizing my Bitcoin holdings. Does it make sense?

Wasabi:
Expectation: I can exchange my on-chain funds for other on-chain funds without a link
Reality: I hope that the code they run is actually the code they claim to be running and that they don't do bad stuff with the information they need to get from me (even if they have no malicious intent). If these assumptions don't hold, the whole purpose of the service falls flat.
This is only your personal expectation and assumptions.
For sure! It's definitely possible that you do not expect the highest level of privacy when using the self-proclaimed ultimate solution for Bitcoin privacy; I just believe most people do. Most people probably believe that the discrepancy between Wasabi's own self-appraisal and reality is borderline scammy, but everyone needs to assess that for themselves.

I can expect hardware wallet to work like I want, but then I start to get calls and sms from random scammers...yet this is still the best selling hardware wallet in the world  Tongue
I can expect centralized exchange to work like I want, but then they close my account claiming it's tainted coins... yet this is still exchange with largest volume in the world.
Deal with it.
I think you and me both agree that just because something is the best selling or best used service / product doesn't make it the best, right?

And how do you verify this information? I could just pop in and state this, even if it didn't happen.
Same way I verify anything, based on facts like screenshots, addresses, transactions, etc.
I am sure not going to trust any random fake reddit accounts created by timewasters and haters.
So, in this case a screenshot from Wasabi saying the CoinJoin was denied or what?
I might actually look into their client files to see if there's already GUI for denied CoinJoins and see if I can invoke it manually through a slightly modified custom build of the software.. Tongue

Please allow me to have my own opinion, I am not forcing you to accept anything.
You're always free to have your opinion, 100% - don't worry about that!

Well, Trezor builds hardware wallets, and Wasabi is a coinjoin coordinator, those facts we know.  My sharply honed powers of observation leaves me with little to surmise other than Trezor plans to integrate zksnacks' coin-join into Trezor Suite.  Call me simple.
Wrong.
Wasabi is not coordinator.
zkSNACKs is coordinator.


legendary
Activity: 2212
Merit: 7064
Bisq has no servers; my client connects to other clients directly through Tor.
I never said Bisq has servers, but you still need to have some level of trust with anything you use.
You can't really know that anything you use is not spying on you all the time, so it's not fair to claim this only for wasabi wallet.
Everyday smartphone is 100% spying device, yet nobody seems to mind using them all the time.

Wasabi:
Expectation: I can exchange my on-chain funds for other on-chain funds without a link
Reality: I hope that the code they run is actually the code they claim to be running and that they don't do bad stuff with the information they need to get from me (even if they have no malicious intent). If these assumptions don't hold, the whole purpose of the service falls flat.
This is only your personal expectation and assumptions.
I can expect hardware wallet to work like I want, but then I start to get calls and sms from random scammers...yet this is still the best selling hardware wallet in the world  Tongue
I can expect centralized exchange to work like I want, but then they close my account claiming it's tainted coins... yet this is still exchange with largest volume in the world.
Deal with it.

And how do you verify this information? I could just pop in and state this, even if it didn't happen.
Same way I verify anything, based on facts like screenshots, addresses, transactions, etc.
I am sure not going to trust any random fake reddit accounts created by timewasters and haters.

It's not proof that it's already happened, but it's just quite hard to prove someone did get blacklisted, and impossible to prove that nobody got blacklisted.
Dude it's not hard at all if you want to prove something digitally, it's not like I am trying to prove when I had my first kiss, but there would always be people who will trust or not-trust.
You guys are acting like you came from future and you expect everyone to agree with you.
Please allow me to have my own opinion, I am not forcing you to accept anything.

I need to keep my mouth shut. 99% of us grew up with Windows and I doubt dkbit98 was any different.
Wow you grow up with wNd0ws so now you must die with wiNd0ws Roll Eyes
Speak freely I never said you should keep your mouth shut, but I sure won't go with the herd down the cliff.

Well, Trezor builds hardware wallets, and Wasabi is a coinjoin coordinator, those facts we know.  My sharply honed powers of observation leaves me with little to surmise other than Trezor plans to integrate zksnacks' coin-join into Trezor Suite.  Call me simple.
Wrong.
Wasabi is not coordinator.
zkSNACKs is coordinator.
legendary
Activity: 2730
Merit: 7065
And how do you verify this information? I could just pop in and state this, even if it didn't happen.
I guess that if it's on reddit and it agrees with your reasoning, it's all the proof you need. I should make a few reddit accounts and post the proof of backlisting and then it's official.

Maybe you're referring to those of us who use Windows, but in and of itself Windows is not a bitcoin wallet.  You're not entrusting portions of your wealth to Windows, the flagship product of a multi-billion dollar company that's been around for decades.  Even if we're not trying to compare apples and oranges, deflection doesn't win arguments.

Regardless of what "closed source stuff" people decide to use in one portion of their lives, that doesn't eliminate their right to care about openness from financial products they choose.
dkbit98's comment was directed towards me. I don't hide the fact that I use Windows and a Ledger hardware wallet. Both closed-source in nature. And because of that, I need to keep my mouth shut. 99% of us grew up with Windows and I doubt dkbit98 was any different. But now when we are involved with bitcoin, it seems popular to take a piss at Windows and start hating them. I don't play in that team. Windows is not a privacy-oriented OS, so be prepared for surprises when you use them. Wasabi on the other hand is supposed to be a privacy tool, but they see a future where that isn't the case. And people can say that no matter if they use Linux, Windows, Trezor, or Ledger. 
copper member
Activity: 2338
Merit: 4543
Join the world-leading crypto sportsbook NOW!
Because some people here are using closed source stuff and in same time they preach other about openess...

I don't know why you think that's contradictory or hypocritical.  Most modern cars operate on closed source software.  And I mean really closed to review or public scrutiny, not just some licensing verbiage that restricts redistribution.  Would you suggest I not own a car since I care about my financial privacy?  Maybe you're referring to those of us who use Windows, but in and of itself Windows is not a bitcoin wallet.  You're not entrusting portions of your wealth to Windows, the flagship product of a multi-billion dollar company that's been around for decades.  Even if we're not trying to compare apples and oranges, deflection doesn't win arguments.

Regardless of what "closed source stuff" people decide to use in one portion of their lives, that doesn't eliminate their right to care about openness from financial products they choose.  But whether Wasabi closed source or centralized is not my gripe with Wasabi; my gripe is the misinformation about privacy and fungibility.  That's not preaching about openness, it's preaching about blatant dishonesty.

Announcing a plan for trezor and wasabi to work together in future, doesn't even mean it will happen the way someone imagines.

Well, Trezor builds hardware wallets, and Wasabi is a coinjoin coordinator, those facts we know.  My sharply honed powers of observation leaves me with little to surmise other than Trezor plans to integrate zksnacks' coin-join into Trezor Suite.  Call me simple.
hero member
Activity: 924
Merit: 5950
not your keys, not your coins!
I don't use other servers with my Bitcoin wallets and services.
Sure this is true if you run your own node, but ff you are using Bisq and lightning network based exchanges, you need to have some level of trust in their nodes.
Bisq has no servers; my client connects to other clients directly through Tor. I can also connect it to my own personal node and do trades without depositing funds to my Bisq wallet (even if that's a hot, local wallet on my own machine).
Anyhow, using both Robosats (centralized LN exchange), as well as Bisq (besides the fact that it has no servers) is not comparable to using Wasabi (centralized on-chain mixer / CJ coordinator).

Robosats:
Expectation: I can trade LN sats for something else
Reality: I trade LN sats for something else

Wasabi:
Expectation: I can exchange my on-chain funds for other on-chain funds without a link
Reality: I hope that the code they run is actually the code they claim to be running and that they don't do bad stuff with the information they need to get from me (even if they have no malicious intent). If these assumptions don't hold, the whole purpose of the service falls flat.

Therefore, I basically cannot know whether using Wasabi is actually working (by not invading my privacy, but instead giving me more privacy).
In comparison, on Robosats, I do know that it is actually working, because I see the sats as fiat in my bank account. Same applies to Bisq.

Why are we talking about closed source wallets? The Trezor is open source - hardware and software.
Because some people here are using closed source stuff and in same time they preach other about openess... I didn't say it was you Wink
The problem with your argument ('I am not defending wasabi or anything else, but someone running closed source wallet knows even less.') is that it's whataboutism. Someone can complain about Wasabi's services regarding openness, yet still use something closed.
The argument would only have made sense if Trezor was already a closed-source wallet and already talking to closed servers all the time.

What do you consider as proof?
I consider proof when someone publicly reports that his transaction was blacklisted.
Announcing a plan to do something in future is not the same thing as doing it right now.
Announcing a plan for trezor and wasabi to work together in future, doesn't even mean it will happen the way someone imagines.
And how do you verify this information? I could just pop in and state this, even if it didn't happen.
I think their own word weighs much more than someone online claiming they got blacklisted.

If you don't consider that to be proof, OK, that's your opinion.       
I can announce anything right now and say it will happen in future, like me start growing horns, etc.
If you think that is automatically a proof this thing actually happened, then I have nothing else to add.
I personally prefer patience.
It's not proof that it's already happened, but it's just quite hard to prove someone did get blacklisted, and impossible to prove that nobody got blacklisted.
The point isn't this, though. The point is that if someone threatens to do something, it's indeed as if they did it, in legal terms.
So morally, if someone publicly announces they are ready to do X, for most rational people it's as if they did X.
legendary
Activity: 2212
Merit: 7064
I don't use other servers with my Bitcoin wallets and services.
Sure this is true if you run your own node, but ff you are using Bisq and lightning network based exchanges, you need to have some level of trust in their nodes.

Why are we talking about closed source wallets? The Trezor is open source - hardware and software.
Because some people here are using closed source stuff and in same time they preach other about openess... I didn't say it was you Wink

What do you consider as proof?
I consider proof when someone publicly reports that his transaction was blacklisted.
Announcing a plan to do something in future is not the same thing as doing it right now.
Announcing a plan for trezor and wasabi to work together in future, doesn't even mean it will happen the way someone imagines.

If you don't consider that to be proof, OK, that's your opinion.       
I can announce anything right now and say it will happen in future, like me start growing horns, etc.
If you think that is automatically a proof this thing actually happened, then I have nothing else to add.
I personally prefer patience.
copper member
Activity: 2338
Merit: 4543
Join the world-leading crypto sportsbook NOW!
They are fully aware of the consequences and anger of their community for this blacklisting, but they are ok with it.      

Being okay with it one thing, but being deceptive about it another thing all together.  I wouldn't mind if someone came out and said I'm going to provide a wallet and coin join service that blacklists UTXOs suspected of containing ill-gotten funds.  But to instead attempt to deceive your potential clients by claiming the service you offer is for "privacy" and to keep bitcoin "fungible" is inexcusable.  The Wasabi team are spreading blatant lies.
legendary
Activity: 2730
Merit: 7065
Sure, I am not trusting wasabi very much with their new coinjoin, but I wont trashtalk them without any proof... if someone want's to be speculation king...go for it Wink
What do you consider as proof?
For me, their word is proof enough. https://blog.wasabiwallet.io/zksnacks-blacklisting-update/
In my humble opinion, the one speculating here is someone else.
@dkbit98
They have already said they will start blacklisting certain UTXOs they don't like. It wasn't me, n0nce, o_e_l_e_o, or anyone else. Wasabi said it on their blog. They are fully aware of the consequences and anger of their community for this blacklisting, but they are ok with it. They don't believe anonymity is possible or desirable. They are a service advertising privacy, but they believe anonymous coins aren't good. If you don't consider that to be proof, OK, that's your opinion.       
legendary
Activity: 2464
Merit: 4419
🔐BitcoinMessage.Tools🔑
-snip-
What you've written is correct for Wasabi coinjoins, but their new WabiSabi protocol is different. You can read the full technical paper here: https://github.com/zkSNACKs/WabiSabi/releases/latest/download/WabiSabi.pdf. You can also read a simplified explanation here: https://github.com/zkSNACKs/WabiSabi/blob/master/explainer.md. WabiSabi does not place constrictions on transactions having equal amounts as the original Wasabi coinjoin protocol does, and uses Pedersen commitments to hide the input amounts.

Credit where it is due, what they have come up with is impressive, but unfortunately it is rendered completely useless by their surveillance and censorship.
I wouldn't say that I fully understand the mathematics behind input registration, but, as far as I understand, using homomorphic Pedersen commitments adds an additional layer of protection against a malicious CoinJoin coordinator trying to map inputs and outputs. Because hiding input amounts itself during input registration doesn't make those inputs invisible; amounts are anyway revealed once the transaction is constructed and broadcast to the network. Moreover, as you have pointed out and zkSNACKs CEO Max Hillebrand confirmed in this interview:
I do know that you can do 'hardware wallet coinjoins' with a Passport device (probably others, too) and Samourai Whirlpool, through Sparrow Wallet, already since last year.
https://nitter.it/SparrowWallet/status/1441049974934892553
"Mixing directly to a hardware wallet" is not what I meant.  But it's good to know that such an option exist.
hero member
Activity: 924
Merit: 5950
not your keys, not your coins!
How do you know which code Wasabi is running on their servers, though?
I don't know, but how do you know which code is running on any servers for all other bitcoin wallets and services you use?
I just use my own node, that's it...
Either by connecting SPV wallets to the electrs instance running on it or using it directly.

I don't use other servers with my Bitcoin wallets and services.

I am not defending wasabi or anything else, but someone running closed source wallet knows even less.
Why are we talking about closed source wallets? The Trezor is open source - hardware and software.

Sure, I am not trusting wasabi very much with their new coinjoin, but I wont trashtalk them without any proof... if someone want's to be speculation king...go for it Wink
What do you consider as proof?
For me, their word is proof enough. https://blog.wasabiwallet.io/zksnacks-blacklisting-update/
In my humble opinion, the one speculating here is someone else.
legendary
Activity: 2212
Merit: 7064
How do you know which code Wasabi is running on their servers, though?
I don't know, but how do you know which code is running on any servers for all other bitcoin wallets and services you use?
I am not defending wasabi or anything else, but someone running closed source wallet knows even less.
Sure, I am not trusting wasabi very much with their new coinjoin, but I wont trashtalk them without any proof... if someone want's to be speculation king...go for it Wink

Wasabi or their CoinJoin implementation being open-source has nothing to do with it.
In reality you know jack shit about anything you use online or offline.
You are still running wiInd0ws OS crap in combination with closed source wallets and you are teaching us some lessons here, please give me a break Cheesy
hero member
Activity: 924
Merit: 5950
not your keys, not your coins!
I don't believe they've come with it themselves.
Well no, and they are not the first to use zero knowledge proofs or KVACs either. But neither was Satoshi the first to use proof-of-work, Merkle trees, or elliptic curve cryptography.
Yeah, but applying Pedersen commitments to blind amounts is exactly what Monero has done before.
Meanwhile satoshi was the first to apply PoW, Merkle tress and EC cryptography to create a decentralized currency.
legendary
Activity: 2268
Merit: 18775
I don't believe they've come with it themselves.
Well no, and they are not the first to use zero knowledge proofs or KVACs either. But neither was Satoshi the first to use proof-of-work, Merkle trees, or elliptic curve cryptography.
hero member
Activity: 924
Merit: 5950
not your keys, not your coins!
I'm not sure how.
I have no idea, either, but the Trezor team has confirmed on their Twitter that they are working on a CoinJoin implementation: https://nitter.net/Trezor/status/1566708740597972997, and Wasabi Wallet team is excited about "hardware wallet coinjoins."
I do know that you can do 'hardware wallet coinjoins' with a Passport device (probably others, too) and Samourai Whirlpool, through Sparrow Wallet, already since last year.
https://nitter.it/SparrowWallet/status/1441049974934892553

Credit where it is due, what they have come up with is impressive, but unfortunately it is rendered completely useless by their surveillance and censorship.
I don't believe they've come up with it themselves. For example, Monero uses it for a long time.
https://web.getmonero.org/resources/moneropedia/pedersen-commitment.html
legendary
Activity: 2268
Merit: 18775
-snip-
What you've written is correct for Wasabi coinjoins, but their new WabiSabi protocol is different. You can read the full technical paper here: https://github.com/zkSNACKs/WabiSabi/releases/latest/download/WabiSabi.pdf. You can also read a simplified explanation here: https://github.com/zkSNACKs/WabiSabi/blob/master/explainer.md. WabiSabi does not place constrictions on transactions having equal amounts as the original Wasabi coinjoin protocol does, and uses Pedersen commitments to hide the input amounts.

Credit where it is due, what they have come up with is impressive, but unfortunately it is rendered completely useless by their surveillance and censorship.
legendary
Activity: 2464
Merit: 4419
🔐BitcoinMessage.Tools🔑
even if it did blind inputs completely during the registration phase,
As far as I know, only information about outputs is blinded; everything else is open for a coordinator to analyze. A CoinJoin coordinator verifies if provided inputs meet certain criteria, particularly, it checks if inputs haven't been double spent in the same round, haven't been spent before a round started, and that they have a sufficient number of confirmations (for coinbase outputs it must be more than 100, for others I think a single confirmation is enough), and more importantly, it checks whether those inputs contain a sufficient amount of coins to participate in a CoinJoin round. Without this special check, it would be a tough task to construct a transaction because (1) these transactions require equal amounts in the first place, and (2) the amounts should be sufficient to cover mining fees and coordinator fees. Also, the cost of attacking CoinJoin rounds would be very low - a nefarious actor could indefinitely interrupt mixing rounds by spending tiny amounts. So, I don't think blinding inputs would work out, at least not in an adversarial environment where no one trusts his neighbor.

I'm not sure how.
I have no idea, either, but the Trezor team has confirmed on their Twitter that they are working on a CoinJoin implementation: https://nitter.net/Trezor/status/1566708740597972997, and Wasabi Wallet team is excited about "hardware wallet coinjoins."
legendary
Activity: 2268
Merit: 18775
I just quickly checked and somehow it just uses it to hide amounts; but that wouldn't work if they wanted to implement a blacklist.
It hides amounts in that it allows an individual user to include many inputs all registered from different identities, without allowing the coordinator to know those inputs are owned by the same user, and then specify outputs which total the same as the sum of all their inputs. It doesn't blind inputs in such a way that the coordinator can not still see which inputs are being used. And even if it did blind inputs completely during the registration phase, at some point they must be unblinded in order to create the final transaction, at which point they are vulnerable to surveillance and censorship.
hero member
Activity: 924
Merit: 5950
not your keys, not your coins!
How do you know which code Wasabi is running on their servers, though?
You don't. You only know what code is running in your local copy of Wasabi wallet, which isn't the entity doing the spying and so is irrelevant to the discussion here.
It was a rhetorical question.

As soon as you attempt to join a coinjoin through Wasabi's coordinator, your inputs are sent away to a third party server with who knows what code running on it. From there, you have absolutely no control over what happens to your inputs, where they are stored, who gets to see them, or which other third parties they are shared with.
To be honest, I am not 100% sure right now how WabiSabi works, but in theory it uses zero-knowledge proofs for something. I just quickly checked and somehow it just uses it to hide amounts; but that wouldn't work if they wanted to implement a blacklist. They'd definitely need to know the UTXO hashes in cleartext to match them against such a list.
Which in turn means that no matter how they do it -- it's not even required for us to check the client-side code -- it has to provide them this information in one way or another.

I am not aware of them implementing anything in the realm of 'proving your UTXO is not in the blacklist without revealing the UTXO under zero-knowledge'. They have zkSNARK, but that doesn't cover this application.
Also, if they would (technically, it may actually be possible to do such ZK proofs), they surely would have announced that everywhere; at the very latest, when replying to our 24 questions. After all, they're so proud of their ZK proof that they put it into their company name. Implementing ZK into another aspect of their wallet would most definitely have been emphasized, no?
legendary
Activity: 2268
Merit: 18775
How do you know which code Wasabi is running on their servers, though?
You don't. You only know what code is running in your local copy of Wasabi wallet, which isn't the entity doing the spying and so is irrelevant to the discussion here. As soon as you attempt to join a coinjoin through Wasabi's coordinator, your inputs are sent away to a third party server with who knows what code running on it. From there, you have absolutely no control over what happens to your inputs, where they are stored, who gets to see them, or which other third parties they are shared with.
legendary
Activity: 2730
Merit: 7065
Code is open source and haters would be first to expose this and report it everywhere.
Wasabi or their CoinJoin implementation being open-source has nothing to do with it. That's just a piece of software the end user works with. n0nce touched upon the subject. You have know way of knowing what's happening on a hardware-level and away from the piece of software you can download from the internet. We also don't know what is being checked, how it's being checked, and who does the checking. But Wasabi is not hiding the fact that it is/will be as you can see from o_e_l_e_o's quote of their documents. 
hero member
Activity: 924
Merit: 5950
not your keys, not your coins!
How do you know that UTXOs and all its history are already not being checked, compared, exchanged, and stored in some databases somewhere to be used for who knows what? There isn't going to be proof for that and open-source or closed-source doesn't matter one bit for that to be the case.
Code is open source and haters would be first to expose this and report it everywhere.
How do you know which code Wasabi is running on their servers, though?

I do know that CoinJoin somehow encrypts things under ZK so some things can be 'coordinated' by the coordinator without it seeing the actual data, as the operations work under ZK, too.

However, if the coordinator or the company they work with, had no way to 'see' the (cleartext) UTXOs, there would be no way to checking their history, right?
So Wasabi has to have a way of seeing your CoinJoin inputs in the clear.
legendary
Activity: 2212
Merit: 7064
It doesn't work that way.
I honestly don't know why you are blabbering about some secret government agencies, unless you had a very boring day  Roll Eyes
If you are using closed source devices and wallets than you can speculate about this things much more.

How do you know that UTXOs and all its history are already not being checked, compared, exchanged, and stored in some databases somewhere to be used for who knows what? There isn't going to be proof for that and open-source or closed-source doesn't matter one bit for that to be the case.
Code is open source and haters would be first to expose this and report it everywhere.
Maybe ask owners od closed source wallets if they doing that with their secret signed NDA's and privacy policy third parties.
I still didn't hear a single case in the whole world that people complained about blacklisted transaction using wasabi, when I hear it I will be the first to report it here.
Till then I leave you to write fantasy fbiciami6 stories  Cheesy
legendary
Activity: 2268
Merit: 18775
What we don't know is whether they're already sharing UTXOs with external companies before each and every CoinJoin. There has been no confirmation or denial of this information, yet.
It's already in their legal documentation, so you can only assume it is already happening:

a statement about the presence of a blacklist in coinjoin will discourage scammers from using the protocol
To effectively run a blacklist, you must first check every input to decide which ones you are going to censor. This invades everyone's privacy. The presence of a blacklist will discourage anyone who is serious about privacy from using the service, not just scammers.
legendary
Activity: 2618
Merit: 1505
I doubt that there really are or will be messages about blocking, because in fact, a statement about the presence of a blacklist in coinjoin will discourage scammers from using the protocol, and the blacklist itself can only be made public as a result of an internal leak or hacking.
legendary
Activity: 2730
Merit: 7065
Please show me a single proof of someone privacy being exposed for using any of this products.
It doesn't work that way. You can't have proof of everything and claim that the lack of evidence means such activities are not taking place. Can you show me proof of what the CIA or MI6 have done in the past 6 hours, what people they are looking into, and what actions are being discussed in their meetings? Does your lack of such proof mean they are not intelligence agencies?

How do you know that UTXOs and all its history are already not being checked, compared, exchanged, and stored in some databases somewhere to be used for who knows what? There isn't going to be proof for that and open-source or closed-source doesn't matter one bit for that to be the case.
hero member
Activity: 924
Merit: 5950
not your keys, not your coins!
If no, i doubt anyone can provide proof unless someone who works there become whistleblower.
Or someone could simply do one easy experiment with sending their coins to wasabi coinjoin and see what happens... if bomb will explode, special forces storm your apartment, and your transaction gets rejected for some reason.
The problem is that if they will / do already blacklist, a very low percentage of inputs will be affected. It's probably not going to be trivial manually forcing an input to be rejected.
That does not mean that user inputs are not already shared with their blockchain analysis company, though!

The problem is not that your input can get declined; in that case, you take another one and call it a day, sure. And if they don't do it yet at all, even better.
What we don't know is whether they're already sharing UTXOs with external companies before each and every CoinJoin. There has been no confirmation or denial of this information, yet.
legendary
Activity: 2212
Merit: 7064
If no, i doubt anyone can provide proof unless someone who works there become whistleblower.
Or someone could simply do one easy experiment with sending their coins to wasabi coinjoin and see what happens... if bomb will explode, special forces storm your apartment, and your transaction gets rejected for some reason.
Full disclosure, when I did my review of wasabi wallet few months ago I was not able to complete my coinjoin for unknown reasons, after trying for few days.
During this time there was some issue with Tor network so this could be one of the reasons.
One more problem I faced is that I was not able to connect Trezor device with wasabi wallet, and I was not the only one with this issue.

legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
I still love you though but you confirmed my doubts. I don't see how someone like you who is generally criticizing all moves that affect user privacy, anonymity, and centralized control doesn't see anything bad in Trezor partnering up with Wasabi and their spy agencies.  
I will repeat again if you don't unedrstand english language and I can repeat that in your native language in our local forum:
Show me a single proof that wasabi coinjoin blacklisted any transaction or spied anyone, and I will join your little hate club.

Do you count statement by WasabiWallet as proof[1]? If no, i doubt anyone can provide proof unless someone who works there become whistleblower.

I still love you though but you confirmed my doubts. I don't see how someone like you who is generally criticizing all moves that affect user privacy, anonymity, and centralized control doesn't see anything bad in Trezor partnering up with Wasabi and their spy agencies. 
Maybe because we don't know how this partnership will actually work.

I agree. It could be as simple as better Trezor support on Wasabi Wallet.



[1] https://blog.wasabiwallet.io/zksnacks-blacklisting-update/
legendary
Activity: 2212
Merit: 7064
Not at all. I'm very pro-coinjoin. The only thing I'm anti here is wallets which style themselves as a privacy tool while spying on their users.
Please show me a single proof of someone privacy being exposed for using any of this products.

I would love to see that neutral position sometimes in your posts. Maybe it's just me, but I have always felt that it disappeared after the infamous Ledger leaks.
For things you say I have clear proof and my own user experience using that crap and leaking my personal information.
You have to show nothing but speculation Tongue

I still love you though but you confirmed my doubts. I don't see how someone like you who is generally criticizing all moves that affect user privacy, anonymity, and centralized control doesn't see anything bad in Trezor partnering up with Wasabi and their spy agencies.  
I will repeat again if you don't unedrstand english language and I can repeat that in your native language in our local forum:
Show me a single proof that wasabi coinjoin blacklisted any transaction or spied anyone, and I will join your little hate club.

I still love you though but you confirmed my doubts. I don't see how someone like you who is generally criticizing all moves that affect user privacy, anonymity, and centralized control doesn't see anything bad in Trezor partnering up with Wasabi and their spy agencies.  
Maybe because we don't know how this partnership will actually work.

PS
This is my honest review of new wasabi wallet:
https://bitcointalksearch.org/topic/m.60506126
legendary
Activity: 2730
Merit: 7065
Regarding partnership with Trezor I can't see how this could be bad for anyone, you are not forced to use this two together, and everything is open source.
There it is . Wink The part I have been waiting for. It's so good to use an open-source wallet that made a deal with a service provider that has given itself the right to invade everyone's privacy and decide which coins are allowed and which aren't. Censorship and non-fungibility are sought-after features of bitcoin as long as it's open source. You want to be able to read how you are getting fukced after all.   

I am speaking this from neutral objective position, I don't support wasabi or trezor wallet in any way.
I would love to see that neutral position sometimes in your posts. Maybe it's just me, but I have always felt that it disappeared after the infamous Ledger leaks.

I still love you though but you confirmed my doubts. I don't see how someone like you who is generally criticizing all moves that affect user privacy, anonymity, and centralized control doesn't see anything bad in Trezor partnering up with Wasabi and their spy agencies. 
legendary
Activity: 2268
Merit: 18775
You guys should seriously think about joining some anti-coinjoin club  Cheesy
Not at all. I'm very pro-coinjoin. The only thing I'm anti here is wallets which style themselves as a privacy tool while spying on their users.

Please let's be realistic and don't burn a witch that don't even exist...
They have announced they are going to and have said they will partner with a blockchain analysis firm (the latter part may already have happened and your Wasabi inputs may already be being sent for analysis, we can't tell).

Please show me a single proof of wasabi coinjoin blacklisting case so I can join the club, or chill down a bit with this exaggeration drama.
If I was an escrow on this forum, and announced that occasionally and without warning I would choose to renege on a deal and not release the escrow funds to the other party when I should, would it be logical for everyone to keep using me until I actually did what I said, or would it be logical for everyone to simply use another escrow which has not announced such a thing? If Wasabi announce that they are going to blacklist, then it is only logical that people will stop using Wasabi and warn others not to as well, even if they have not yet started actively blacklisting.

Still, given that most privacy conscious users have stopped using Wasabi, and someone is unlikely to broadcast the fact that a specific address/output they own which they were trying to coinjoin was refused, we probably wouldn't know for a while once they do start blacklisting (if they haven't already).
legendary
Activity: 2212
Merit: 7064
You guys should seriously think about joining some anti-coinjoin club  Cheesy
So much hate towards wasabi-coinjoin and I still didn't saw a single case of coinjoin transaction being blacklisted so far!
Please let's be realistic and don't burn a witch that don't even exist...
Regarding partnership with Trezor I can't see how this could be bad for anyone, you are not forced to use this two together, and everything is open source.
I am speaking this from neutral objective position, I don't support wasabi or trezor wallet in any way.

PS
Please show me a single proof of wasabi coinjoin blacklisting case so I can join the club, or chill down a bit with this exaggeration drama.

hero member
Activity: 924
Merit: 5950
not your keys, not your coins!
I expected harsher words here when reading about such an announcement. I can only think what kind of comments there would be if this was the always-to-blame Ledger company that did this and not the much better and ultra-safe Trezor who cares about us. Oh, but they are open-source. Oh yes, it's certainly a plus to use an open-source wallet that has built a partnership with a company that wants to cooperate with blockchain analysis firms to tell you if you have been a naughty boy or not.

They are all the same. Their profit margins matter, you/we don't.
The difference is that due to the firmware and hardware being open-source, I can verify that they're not doing nasty stuff without announcement / behind my back.
It never guarantees that they won't implement nasty stuff, but at least they're kind of forced to announce it, because people would otherwise notice in the code diff.
legendary
Activity: 2730
Merit: 7065
I expected harsher words here when reading about such an announcement. I can only think what kind of comments there would be if this was the always-to-blame Ledger company that did this and not the much better and ultra-safe Trezor who cares about us. Oh, but they are open-source. Oh yes, it's certainly a plus to use an open-source wallet that has built a partnership with a company that wants to cooperate with blockchain analysis firms to tell you if you have been a naughty boy or not.

They are all the same. Their profit margins matter, you/we don't.
legendary
Activity: 2268
Merit: 18775
If one were to use Wasabi via Trezor Suite, all of these privacy features they've provided suddenly become meaningless.
Not just meaningless, but worse than before. Previously it was case of Trezor being able to link all your addresses together and link that information with your IP address. Now it's still a case of that, but also feeding some or all of those addresses to a blockchain analysis entity and then associating your entire wallet with whatever nonsense that blockchain analysis entity tells them. And given what we know about how much blockchain analysis entities like to sell data, I think it would be very naive to assume that such analysis will not end up in the hands of other entities and businesses.

Ouch! What a horrible move.
I've been pretty unimpressed with Trezor since they took no steps  to warn their users about the unfixable seed extraction attack, and this complete disregard for their users' privacy is another step in that direction.

A CoinJoin directly from a hardware wallet has seemed so far like a pipe dream, but it may be that Trezor developers have found a way to make hardware wallet CoinJoin possible?
I'm not sure how. Either you need the owner to sit beside their computer/Trezor device the entire time and manually approve each transaction, or you need to introduce some piece of software which can automatically sign transactions (or extract the private key and store it temporarily in a hot wallet), which defeats the very purpose of a hardware wallet. I guess we'll have to wait and see what they've come up with.
legendary
Activity: 2464
Merit: 4419
🔐BitcoinMessage.Tools🔑
While I am not going to use ever again the coordinator that zkSNACKS and their chain surveillance friends control, and Trezor Suite which is terrible for privacy in general, I am somewhat optimistic about this news. Currently, in order to participate in a CoinJoin transaction, you have to have a hot wallet containing private keys to the inputs you'd like to CoinJoin so that a signing process can be done automatically without the direct participation of users. In short, the software has access to these private keys and can use them directly to sign transactions for users. In hardware wallets, however, private keys are isolated from software access, and users need to sign every transaction manually. A CoinJoin directly from a hardware wallet has seemed so far like a pipe dream, but it may be that Trezor developers have found a way to make hardware wallet CoinJoin possible? If so, then other developers will also be able to implement CoinJoins in their software interfaces for hardware wallets, adding different coordinators and implementing different, even decentralized, CoinJoin solutions.
hero member
Activity: 924
Merit: 5950
not your keys, not your coins!
Ouch! What a horrible move.

Sounds like a nightmare partnership for privacy.
Yup. I'm going to make sure everyone I know that uses a Trezor, moves to Bitcoin Core / Electrum / Sparrow, as fast as possible.

Everyone, please do note that you don't need Trezor Suite for firmware updates. You can thus use it completely without their software.
The only way around this is to run your own node, and use your hardware wallet solely via your node. You can run an Electrum server on top of your node and then use your hardware wallet with Electrum, but you can also point Trezor Suite at your Electrum server directly: https://blog.trezor.io/connecting-your-wallet-to-a-full-node-edf56693b545
Do note that setting up your own Electrum server in a SPV wallet software is no guarantee that no data is leaked.
A bad implementation (intentional or not), especially when closed source, may still connect to the developers' server as a fallback, without anyone noticing.
Furthermore, it appears that some mobile wallets allow you to receive push notifications, which can not be triggered by your Electrum server or your device locally, so they have to transfer some data to themselves.

Just wanted to point that out when people go looking for a Trezor Suite alternative.
I recommend checking out something on https://walletscrutiny.com/ to make sure that the software is not only open-source but also that the release builds match the source (reproducibility).
copper member
Activity: 2338
Merit: 4543
Join the world-leading crypto sportsbook NOW!
I've got to question the smartness of submitting addresses from your hardware wallet directly to a blockchain analysis company for surveillance and monitoring by using Wasabi, especially since Trezor (if you use their software) can link all the addresses in your hardware wallet together. Sounds like a nightmare partnership for privacy.

I read about this yesterday, and I must say I'm really disappointed in Trezor's management team for doing this.  There are other centralized coinjoin providers they could have implemented into Trezor Suite, but partnering with any centralized agency seems like a betrayal to their customers.  If someone would have asked me two days ago to wager on whether Trezor or Ledger was more likely to pull such a stunt, I would have bet the farm on Ledger...

I don't use Trezor suite myself, at least not for transacting with my bitcoin, and have very few alts to worry about.  The saving grace for Trezor suite has been that it's possible to assign your own SPV (Electrum) server, and it also allows you to use Tor for network connectivity.  So, even if you are using Trezor's SPV servers there're ways to at least obfuscate your IP address.  If one were to use Wasabi via Trezor Suite, all of these privacy features they've provided suddenly become meaningless.

I really would have expected more from Trezor, I'm literally heartbroken buy this news.
legendary
Activity: 2268
Merit: 18775
I was starting to really like Trezor Suite, but looks like I have to ditch it in the near future if they continue going down that path!
It is the exact same situation for any other wallet which is not Bitcoin Core or is not pointed exclusively at your own server. A popular combination with any hardware wallet is to use it via Electrum rather than its own software (Trezor Suite, Ledger Live, etc.), but all this does is shift the point of failure from the hardware wallet manufacturer to whoever is running the Electrum server, in that the person running the Electrum server can now link all your addresses together.

The only way around this is to run your own node, and use your hardware wallet solely via your node. You can run an Electrum server on top of your node and then use your hardware wallet with Electrum, but you can also point Trezor Suite at your Electrum server directly: https://blog.trezor.io/connecting-your-wallet-to-a-full-node-edf56693b545

I'm not sure how compatible (or more likely incompatible) all of this will be with whatever coinjoin integration they end up with.
legendary
Activity: 2968
Merit: 3406
Crypto Swap Exchange
especially since Trezor (if you use their software) can link all the addresses in your hardware wallet together. Sounds like a nightmare partnership for privacy.
I was starting to really like Trezor Suite, but looks like I have to ditch it in the near future if they continue going down that path!
- Considering that they've been "pushing back CoinJoin updates on numerous occasions", I was expecting to see their own implementation at some point in the future [SMH].
legendary
Activity: 2268
Merit: 18775
But we don't know yet whether Trezor run their own CoinJoin coordinator server or simply use Wasabi's coordinator.
Why would they partner with Wasabi if they were planning to run their own coordinator? The Trezor team are more than capable of building their own coinjoin implementation and integrating it with Trezor Suite without Wasabi's help. The only reason I can see for the partnership is to give Trezor users direct access to Wasabi's liquidity, but that comes with all the downsides of using Wasabi's coordinator.

Oh well, I guess that nobody is forced to use Wasabi/CoinJoin from Trezor Suite (although I'm afraid many will do).
Better hope Trezor don't start "pre-screening" all your addresses for coinjoining by sending them to Wasabi's blockchain analysis partners for vetting. But of course, we would have no way of knowing one way or the other.
legendary
Activity: 2212
Merit: 7064
But won't this lead to pressure from the authorities on the Trezor team, as it was with Tornado Cash?
No, because Trezor is doing this in partnership with Wasabi wallet, and it's possible this move will lead towards creating more coinjoin coordinators.
If regulators are going to make pressure on someone it's probably going to be Wasabi wallet, but coinjoin itself is not illegal in any way.
However, in theory regulators could ban potatoes, meat, milk or anything else related with privacy.
legendary
Activity: 3668
Merit: 6382
Looking for campaign manager? Contact icopress!
Sounds like a nightmare partnership for privacy.

This was the first thing that came into my mind. I was expecting more from Trezor, I was expecting they won't be as "hungry" as Ledger and as eager to make questionable partnerships.
Oh well, I guess that nobody is forced to use Wasabi/CoinJoin from Trezor Suite (although I'm afraid many will do).
legendary
Activity: 2268
Merit: 18775
Yes, you're right, because in fact the CoinJoin protocol is centralized
No it isn't. CoinJoin is neither centralized nor decentralized; it is simply a protocol. Wasabi's implementation of it is centralized. There are other better implementations, such as JoinMarket, which are decentralized and are not pro-censorship and anti-fungibility like Wasabi are.

so speaking of anonymity, Trezor developers get an additional tool for accessing the list of users and their IP, as well as the possibility of blocking.
I've got to question the smartness of submitting addresses from your hardware wallet directly to a blockchain analysis company for surveillance and monitoring by using Wasabi, especially since Trezor (if you use their software) can link all the addresses in your hardware wallet together. Sounds like a nightmare partnership for privacy.
legendary
Activity: 2618
Merit: 1505
But won't this lead to pressure from the authorities on the Trezor team, as it was with Tornado Cash?
Probably not since they're with Wasabi, they might impose the same regulation that censors some UTXO.

For more info about that topic, refer to these threads:

Yes, you're right, because in fact the CoinJoin protocol is centralized and does not really guarantee complete anonymity of transactions, so speaking of anonymity, Trezor developers get an additional tool for accessing the list of users and their IP, as well as the possibility of blocking.
legendary
Activity: 2646
Merit: 6681
Self-proclaimed Genius
But won't this lead to pressure from the authorities on the Trezor team, as it was with Tornado Cash?
Probably not since they're with Wasabi, they might impose the same regulation that censors some UTXO.

For more info about that topic, refer to these threads:
legendary
Activity: 2618
Merit: 1505
Trezor in partnership with the Wasabi Wallet team. he talks about adding a tool for mixing bitcoin transactions CoinJoin to the Trezor Suite, which, according to the developers, will make bitcoin transactions more private, it is expected that the new feature will be available in 2023.
But won't this lead to pressure from the authorities on the Trezor team, as it was with Tornado Cash?

Source: https://decrypt.co/109019/trezor-and-wasabi-join-forces-to-make-bitcoin-more-private



Jump to: