Avoid Wasabi. Do not trust.
Thanks. A few memorable posts that I had wanted to find—these excerpts adequately summarize the whole thread as it stands, insofar as I am concerned:
I get NotATether's point, though. Wasabi was very effective at
keeping it on the low, so I feel it's crucial for us as a community to spread the word (e.g. through
a blacklist 
- I hope the irony in this topic title was appreciated!
).
The fact that their website not only doesn't admit that they are blacklisting, but in fact strongly implies that they aren't blacklist as I outlined above, is bordering on scam territory as far as I am concerned.
So I'm confused by the image, still. What do you guys think?
nopara73 and the Wasabi team are all under the delusion that they are the only viable privacy solution for Bitcoin and the last bastion of hope for the very existence of privacy. Without them, privacy is dead, in their minds. For example:
That's exactly why we introduced blacklisting: so we can continue to operate and users can still have privacy using Bitcoin.
Wasabi Wallet 2.0 is decades ahead of other privacy solutions in Bitcoin.
I assume this is what the candle is supposed to be. Them valiantly spying on and blacklisting their users is our last hope against the darkness.
For a wallet to censor some inputs as Wasabi is doing, then they must first choose which inputs to censor. They can only do this if they spy on every input, trace where it is coming from, who owns it, etc., in order to choose which ones they decide aren't good enough for them. If privacy is your goal, I would stay well clear of Wasabi, since they are now using your fees to pay blockchain analysis companies to spy on you.
[...] the solution to 'taint problems' is to simply avoid services that can out of the blue say 'oh these coins are tainted, we froze them'. Like, this is horrifying. What if I win a contest like Bitcointalk 2021 or someone donates me money, I need cash and send it to an exchange, only to find out they are allegedly 'tainted' and got frozen? This is not an argument against mixing, it's an argument against centralized exchanges / tainters.
Archive of Wasabi blog post on the subject:
http://archiveiya74codqgiixo33q62qlrqtkgmcitqx5u2oeqnmn5bpcbiyd.onion/hIYJOArchive of a duplicitous
Bitcoin Magazine article on this:
http://archiveiya74codqgiixo33q62qlrqtkgmcitqx5u2oeqnmn5bpcbiyd.onion/NVmpN
To that, I will add:
nopara73 seems to insinuate in that thread that Wasabi somehow had no choice. I DGAF. If he came under some covert pressure, I am deeply sympathetic—right up to the point that he complies. At that point, I DGAF about him.Ladar Levison of Lavabit showed us what a principled defender of privacy does, when placed under irresistible secret coercion to violate users’ trust in his company: He shut down the company!To be clear: I am considering the extreme case of what may have happened here. Reading between the lines. I needn’t even consider the plausible alternative: Just going with the flow of what seemed like a business requirement in today’s market, where centralized exchanges deter people from using Wasabi by declaring coins “tainted”. That would be even worse!
They will always comply with the regulation of the government because they know if they don't certain restrictions will be imposed on them and hurdles will be passed on with their system.But more importantly they also don't care about users as they have setup these CEX for primary motives of profit and it doesn't matter if comes at the cost of privacy of the users.
It does not come at the cost of privacy of our users and we do care about them. That's exactly why we introduced blacklisting: so we can continue to operate and users can still have privacy using Bitcoin. If we wouldn't care about our users, then we would not have sacrificed our reputation, just shut down the service and nobody would have got any privacy.
No, really: “Shut down the service” is the right thing to do here. Ladar Levison could also have rationalized to himself keeping Lavabit running. The point here is not how much of a breach of users’ trust is required: It is irrelevant that USG demanded instant total compromise of all Lavabit users, while Wasabi claims that their system is so invincible that it doesn’t matter for user privacy that they are in bed with commercial blockchain spies (!).
Their system is
not invincible. CoinJoin is, in practice, obfuscating information that you have leaked on the blockchain. It is only a cover-up.
* Now, there is a prominent company offering
paid commercialized CJ—effectively in a shady
de facto partnership with people who actively research every possible way to attack CJ. WTF?
What does the nopara73’s handshake with the devil really buy? The Wasabi-spy partnership is sufficiently lucrative to support a company with dozens of employees, plus
a Bitcoin Forum signature campaign currently advertising “Up to 0.005 BTC/W” payouts.
I am not generally against making money—
honestly.
Ladar Levison invested his personal wealth and years of his life in building a company that also had profits, employees, and numerous happy users who trusted him. He did the right thing in 2013. To protect his users
who trusted him, he even risked potentially going to prison if the USG could cook up some novel legal theory applying
NSLs to force someone to work as a slave running a honeypot spy service. There actually
was a serious attempt to argue that he was not legally permitted to shut down his own company, to evade compliance with the diktat of the almighty NSL. It was a battle. The USG was gunning for him so hard that I think the only way he survived was (a) he was standing on the grounds of accomplish facts, after his company publicly ceased operations; and, (b) he had numerous supporters in the mass-media, in nonprofit organizations that are armed to the teeth with lawyers, and in the general public. Regardless, in the moment of truth, he shut down his own company to avoid betraying his users’ trust.
For nopara73 to claim so sanctimoniously that he runs the Wasabi-with-spying-and-censorship service
for the sake of user privacy is outrageous.
(An edited/improved version of this post will probably appear in the relevant Development & Technology thread... sometime. I should polish it up, maybe add some links if I have time, and perhaps elaborate on the funny timing of
the Chainalysis announcement that they had allegedly doxed the Ethereum DAO hacker by tracing coins through a Wasabi CoinJoin. Oh, yes,
that is the service that nopara73 says is so invincible that nobody needs to worry here!)
* Although Greg Maxwell is a genius for having originally invented it, and CJ is
theoretically sound when considered in isolation with very restricted attack scenarios, the real world is not so kind. In practice, there are ways to attack CJ.
Typically, the attacks rely on correlating the leaked information that CJ tries to cover up with other sources of information, on partitioning CJ anonymity sets, on confirmation attacks, and/or on statistical probability rather than certainty. And per Schneier’s aphorism,
attacks only improve. When your transactions are on the blockchain forever, fully public, they can be retrospectively analyzed with any newly discovered attacks—or with any newly discovered information that correlates humans to transactions for partition attacks and confirmation attacks.
Yes, this is why I have been obsessed for
nine years with the dream of seeing zero-knowledge proofs for Bitcoin: The only way to prevent all possibility of such attacks is to leak no information at all. ZK proofs are called “zero knowledge” for a reason.
The prospect of a paid commercial CJ platform that cut a shady deal with commercial spies should raise the hairs on the backs of everyone’s necks. At this point, I frankly trust Wasabi
less than I trust a totally centralized blackbox “trust us not to track you” mixer service run by anonymous parties. After all, the latter
perhaps may not be a honeypot; and
if it’s not, then the anonymous operators are protected by their anonymity from coercion to violate their users’ trust. LOL, what a sad standard for privacy: That is strictly superior to a service that’s known to be in bed with blockchain analysis!
I might end up mad, AND poor. But I am thinking not.
