Pages:
Author

Topic: Wasabi blacklisting update - open letter / 24 questions discussion thread - page 8. (Read 1967 times)

legendary
Activity: 2828
Merit: 7315
Answer to question 9 and 21 clearly show Wasabi 2 isn't ready for release.

Quote
--snip--

Users are able to choose which coordinator they want to communicate with but unfortunately there are not many options, as running one has its risks and not many people are willing to do it.

Most users aren't even aware they can choose different coordinator, unless they're advance user who open Wasabi wallet configuration file.

Quote
Answer: Chainalysis! = chain analysis. Let’s say we have 200 inputs wanting to register for a coinjoin. We take those and 200 other random bech32 UTXO’s that we send to their API. We get back a response where they let us know if any of these UTXOs match any of the categories and criterias zkSNACKs has set. Those addresses that we accept will proceed to the input registration, those that are blacklisted will get a notification that this UTXO is blacklisted. As a reminder, Wasabi coinjoin is built in a way that the user never loses control of their coins. The coordinator is never custodying users’ money, therefore it can not seize them etc. The querying process doesn’t affect users' privacy.

1. Adding 200 other random Bech32 UTXO is pointless when they can just see Wasabi CoinJoin transaction on blockchain later.
2. If certain UTXO doesn't meet zkSNACKs criteria, that means owner of the API know owner of that UTXO attempt to use CoinJoin at specific date/time.
3. We need to trust about how the blacklist works.
legendary
Activity: 2268
Merit: 18492
How exactly do they make money? Coordinator fees?
Yes. They have claimed in multiple interviews and blog posts, including in the answers above, that they are being pressured or harassed to stop accepting certain inputs. We don't know by whom, when, why, or in what way, because they haven't chosen to answer those questions. They made it clear that the only two possible solutions to this in their view was to either stop running their centralized coordinator and therefore lose out on their revenue stream, or start surveilling their users and censoring their inputs. They chose the latter.

How is paying for some shitty service helping them with that?
By allowing them to continue running their centralized coordinator against the unknown harassment they claim they are facing.

Having said all that, they have also said on more than one occasion that they aren't actually being forced to do this at all, and this is a proactive decision on their part, so it is impossible for us to know for sure:
In a Bitcoin Magazine article, one of the owners of zkSNACKs Ltd., Bálint Harmat said the decision to blacklist was done proactively. While it is correct that there's no legislation that specifically says coinjoin coordinators must blacklist their customers' UTXOs, the challenges encountered operating the business in even the most liberal jurisdictions are numerous and multiplying.

But one other thing is that: if you, as a CoinJoin coordinator, if you want to work with institutional clients, hedge funds, insurance funds, Michael Saylor, and all these people, well, even if ZKSnacks were not to be regulated, those customers might very well be, maybe because they’re custodians of other people’s money or whatnot. And then these regulated entities can only become users of a coordinator—arguably, I’m not sure—if such a blacklisting is involved. Again, the major feedback that I got from institutionals regarding CoinJoin adoption was, I don’t want to mix with criminals—my compliance team is gonna take me apart on that one. Now, I don’t know if there is an actual concern here or if this is just, again, some preemptive speculative compliance, but arguably there is. So we might see this world where ZKSnacks specifically has a bunch of liquidity from institutionals that are just not comfortable to CoinJoin with another coordinator which has the Anyone can join policy, including criminals. And so there’s really a lot of nuance here. So yes, this alienates a lot of users—me being one of them—but also this will encourage a lot of new users to come in. And that is why it was a preemptive step from ZKSnacks, because the question was—I mean, we’re already really big, but we want to get even bigger—how do we not just attract more liquidity, but how do we also ensure that our legal set up will survive in the long run and we’re just not completely overwhelmed with court cases and things like this.

The second quote is also relevant to your second point, where they say they primarily want to cater to financial institutions.
legendary
Activity: 3612
Merit: 8904
https://bpip.org
Not at all. As I said above, Wasabi know fine well what they are doing is shitty, and they also know fine well that continuing to try to justify their shitty actions is also shitty. But it makes them money, so (in their words) we "should be grateful" and stop "whining". Roll Eyes

How exactly do they make money? Coordinator fees? How is paying for some shitty service helping them with that?

I don't understand the whole "institutional investors" thing. The idea that Microstrategy would mix coins via Wasabi, or that Wall Street would invest into a wallet that kinda sorta helps with privacy but not really - sounds utterly absurd. It seems they're getting swindled in more than one way, or it's all just a steaming pile of baseless speculation.
legendary
Activity: 2268
Merit: 18492
And the others tend to already blacklist mixed funds as a whole (which is utterly stupid), or go by "shades of gray" (I don't know how to say it better) and by the rule "the stream's water can be considered clean if it went over 7 stones" (again, I don't know how to say it better and more concise).
Which is another good point as to why blacklisting is just plain wrong, in addition to the point I made above in which it is all based on guesswork. What happens if I combined a tainted input with a clean input in the same transaction? What about a tainted input with 100 clean inputs? Are all the outputs still tainted? Are they all 1% tainted? What about if a tainted input moves through 5 transactions? What about 100? What about 1,000? Is it still tainted? When does it become clean again? We've been able to trace some stolen coins to Binance. Does that mean the entirety of Binance's hot wallet is tainted? Or does the taint magically disappear once Binance have touched the coins?

Go far enough in to the future, and every bitcoin in active circulation will be tainted in some way or another.

Blacklisting is arbitrary nonsense based on provably false assumptions, and it is an affront to bitcoin.

Maybe we, as community, should start boycotting the services who don't go by 1BTC=1BTC.
I've advocated this for a long time, and I will continue to do so. Wasabi is just the latest to be added to the list.

Is anyone really surprised at the answers? They did what they did and now are forced to defend their actions.
Not at all. As I said above, Wasabi know fine well what they are doing is shitty, and they also know fine well that continuing to try to justify their shitty actions is also shitty. But it makes them money, so (in their words) we "should be grateful" and stop "whining". Roll Eyes
legendary
Activity: 3388
Merit: 6072
Crypto Swap Exchange
Is anyone really surprised at the answers? They did what they did and now are forced to defend their actions.

We can spend hours picking apart what was said but in my view it comes down to "This is what we are doing, if you don't like it le me show you the door [points] there is the door"

There have been and still are other ways of hiding where your inputs came from. There have been and still are other ways of mixing / coinjoining your coins. Wasabi, for the moment is still looking like one of the larger ones. BUT, as more people move away from them and recommend others they will shrink.

It's just me, but when I saw the news about this originally I only gave a shrug since I figured this or something similar would happen sooner or later anyway.
Now, I am just waiting for someone to launch their own larger coordinator OR another way of doing things.

For those people who ONLY relied on them for their service and had no other plan, then now is the time to start thinking about it.

As for going through all the Q&A I only have 2 comments

The 1st is question 4 about institutional investors. How about large investors. It's a bit of semantics / wordplay but if they are just getting funds and have people using their services that are not 'institutions' but rather people with a lot of BTC and or fiat it's a true answer that it's not about institutional investors but rather bitcoiners. Just a bunch of really really rich ones.

The 2nd comment is just about 22 with the 'you should also open all your Lightning channels with coinjoined coins' is complete crap. But that's just my opinion. If you are really running your own lightning node then you probably know better ways that are more technical to hide things.

-Dave
legendary
Activity: 3262
Merit: 16303
Thick-Skinned Gang Leader and Golden Feather 2021
Imho fungible means that no matter how hard you try, you cannot distinguish one BTC from another BTC.
I don't think that definition is correct. Dollar bills are fungible, but you don't have to try very hard to distinguish one from another. They even have serial numbers for that.

I would love to see everybody act like 1BTC=1BTC. But as I said, Bitcoin, by design, allows people make certain decisions. And some companies do that. And I don't see any massive boycott against them (although they'd deserve it).
And I'm advocating to change that Tongue There's no need to choose for one Bitcoin to be different than another. I fear that would be the only thing that could end Bitcoin, because people stop trusting money that can be "tainted".

Bitcoin is only fungible as long as people act like it is.
legendary
Activity: 3500
Merit: 6205
Farewell LEO, you *will* be missed.
We have to stop fooling ourselves, Bitcoin, by design, is not fungible. Some already use this, some will do. Sadly, against us.
Bitcoin is fungible as long as people act like it is. If you treat Bitcoin as if it's not fungible, you risk that the payment you receive today becomes worthless tomorrow when you find out the previous owner had stolen it. Treating Bitcoin as if it's not fungible seems to be the most successful attack on Bitcoin so far.
1BTC=1BTC. The end.

Imho fungible means that no matter how hard you try, you cannot distinguish one BTC from another BTC.
Somehow I feel that you want to convince me about something. Somehow I feel that you see my post as an attack against Bitcoin. But what I've done was only to state the reality.
I would love to see everybody act like 1BTC=1BTC. But as I said, Bitcoin, by design, allows people make certain decisions. And some companies do that. And I don't see any massive boycott against them (although they'd deserve it).

As soon as a transaction has more than one output, it is impossible to say which bitcoin ended up where.

It's a very interesting point of view, 10 levels better than any explanation I've seen until now.

Still, we both know that before getting into a mixer, the chances are very high to have the full funds from a hack, for example.
And having blacklisting exactly when one tries to mix those funds may be more precise in detecting.. things.
And the others tend to already blacklist mixed funds as a whole (which is utterly stupid), or go by "shades of gray" (I don't know how to say it better) and by the rule "the stream's water can be considered clean if it went over 7 stones" (again, I don't know how to say it better and more concise).


Again, it's not a situation I like. I just state what I've seen/heard of.
Maybe we, as community, should start boycotting the services who don't go by 1BTC=1BTC. Because unless it starts hurting their business, they may do that more and more, to stay on the safe side, just in case.
legendary
Activity: 2268
Merit: 18492
We have to stop fooling ourselves, Bitcoin, by design, is not fungible. Some already use this, some will do. Sadly, against us.
Bitcoin, by design, is fungible. As soon as a transaction has more than one output, it is impossible to say which bitcoin ended up where. It cannot be done. Everyone who claims to be able to do it is guessing, lying, or both. All blockchain analysis companies, all centralized exchanges, and now Wasabi too (which is particularly hilarious considering they base their whole existence on coinjoins). They have made up a system based on guesswork, and have successfully marketed it for their own profit to large parts of this space as some infallible law. It is not, and the only way to get rid of it is for the community to agree to shun companies and entities which support and enforce this made up nonsense.

Your answers are very conflicting.  Someone please correct me if I am wrong.  But this is what they said.  We do not care who you are but we decided to work with a company instead who does.  We do not like censorship and all that crap but we are exercising our right to choose who to serve or not.
This is what I took away from it as well. This crazy doublespeak, deliberately used as they think it absolves them of the consequences of their decisions and the responsibilities of their actions. We don't care what you do with your bitcoin (but lots of other people do and we are going to assist them). We aren't spying on you (we are just paying someone else to do it for us). We aren't against fungibility (we are just partnered with a bunch of people who are).

It's like when Coinbase say "Coinbase don't sell your data"; technically it's true, because it's actually Coinbase's blockchain analysis subsidiary which is selling all your data, not Coinbase themselves, but that hardly makes it any better.

I am fairly sure the Wasabi team know this is all a pack of lies, but will obviously never come out and say "Yup, our wallet is bad for privacy and bad for bitcoin."



I have long fought against any company which treats bitcoin as non-fungible. Almost all centralized exchanges (use a DEX like Bisq instead), some payment processors like BitPay (use BTCPay instead), and so on. But this is the first time I've seen a service market themselves as a privacy solution while also treating bitcoin as non-fungible. It is unforgivable.
legendary
Activity: 3262
Merit: 16303
Thick-Skinned Gang Leader and Golden Feather 2021
We have to stop fooling ourselves, Bitcoin, by design, is not fungible. Some already use this, some will do. Sadly, against us.
Bitcoin is fungible as long as people act like it is. If you treat Bitcoin as if it's not fungible, you risk that the payment you receive today becomes worthless tomorrow when you find out the previous owner had stolen it. Treating Bitcoin as if it's not fungible seems to be the most successful attack on Bitcoin so far.
1BTC=1BTC. The end.
hero member
Activity: 728
Merit: 1695
Crypto Swap Exchange
Thank you, n0nce for the effort.  I truly appreciate it.  So many wrong things with their answer I could not wrap my head around it.

We do not care who you are and what you do with your bitcoins! We don't want to know. Unfortunately, some people do collect data, attach it to bitcoin addresses and make decisions based on that information.

We don’t want to do any chain surveillance ourselves, so we would rather just buy that information from others.
We do not care who you are and what you are doing in life.  Unfortunately, some people care who you are.  We do not murder ourselves, so we would rather just pay a hit man to do the job.

This explanation does not make it in ANY way better than I thought it is before their reply.

The company is getting in trouble and harassed because apparently some of the users of our coordinator are so-called “criminals”, according to the people keeping up these databases.

We are exercising our right as a company to choose not to serve those people who could get us in trouble and the ones whom we wouldn’t want to support for ethical reasons. This includes known thieves like politicians.
First off.  If you are choosing whether to serve someone or not based on harassment, then it is not 'exercising your right'.  A right to serve or not is when you choose one or the other.  When you are harassed to make a decision, that is enforced.

And then I go back to what I said in the other thread.  I am well aware some politicians are thieves.  But here is what I would call a conflict initiated by powerful politicians and figures where as a small politician you can get screwed by just one bribe towards these 'people keeping up these databases'.  If there was a system to decide whether you are a criminal or not by 100% accuracy, it would be one thing.  This system can easily be brought to discrepancy between powerful and less powerful Elites by bribe and other tools of power.  There are also many other ways this can happen and not only between politicians.  Anyway, you get the idea.

If you knew a pedophile/murderer was eating at your restaurant, would you serve him? Especially if serving him gets you in trouble? Basically, are you willing to sacrifice yourself and your restaurant for him?
If my restaurant promised to be the best and only solution for privacy while eating without discrepancy and I wanted to exclude a client then what I would do is either change what my restaurant promises or, if I think this is incorrect and does not fit my principles then I would abolish the idea of owning a restaurant.  We are living in an increasingly authoritarian world where you have to make sacrifices that put you in one boat or the other.  By blacklisting, Wasabi put themselves in the authoritarian boat by leaving ours, turning to the enemy and sacrificing their own beliefs and promises for monetary gain.

Your answers are very conflicting.  Someone please correct me if I am wrong.  But this is what they said.  We do not care who you are but we decided to work with a company instead who does.  We do not like censorship and all that crap but we are exercising our right to choose who to serve or not.  In fact, would you serve a bad guy if you were us?

Pick a side.  If you do not want censorship, why are you censoring?  If you do not like spying on users, why have you collaborated with someone who does it for you?  Because in my world and set of mind, if you are doing what you say you do not like doing then you either blatantly lied all along or you are doing it all just for the monetary gains!  And what frustrates me even more is what you said in the answer for the third question.  'we feel like Wasabi Wallet is the best way to improve privacy within Bitcoin'.  How is it the best way to improve privacy when you said yourself that you had to make changes you do not like to the way Wasabi works?

Hopefully all users, wallets and services won't have to “consult a centralized blacklist before accepting bitcoin”. But it’s their choice if they want to discriminate against a certain coin, user or service. That’s part of the freedom of association if it's their decision. If this would be mandated by authority, it would be bad. But that’s not the case in our blacklisting, like I explained in the first answer.
This definitely does not make things better for me.  You already said you are being harassed to exclude certain UTXO's out of your wallet, you are working with someone who spies on users.

In the answer to the first question, you said this.  'If you knew a pedophile/murderer was eating at your restaurant, would you serve him? Especially if serving him gets you in trouble?'.  Then in the answer to the seventh question you said this.  'we dont care to become martyrs by serving thieves'.  Tell me again why you would NOT blacklist a 'criminal' by 'exercising your right to serve someone' when you are being told they are definitely a criminal.  I repeat.  If you are being harassed to do something, it is NOT exercising your right!

I can not express how frustrated I am after reading just a small part of your answers.  You are actually avoiding the answer by telling us it is fine for now since this is not a mandated blacklist and it is your right to choose whether to have an UTXO go through or not.  But, you choose to not be 'martyrs by serving thieves'.  So you are going to censor everything this great spying company tells you to, just put it like that!

We have not said that we would be buying services from the Chainalysis company. This is, again, projecting/assuming. We are going to buy info from a chain analysis company, but not from Chainalysis. We are not asking them which inputs we can include in a coinjoin, but what they know about these inputs.
Oh, right.  You are not working with the police.  You are working with the authorities, which makes it SO MUCH different, right?

You said you do not care who we are and what we are doing with our Bitcoins.  Then what the f*ck are you doing by asking this chain analysis company what they know about the inputs?  Not caring at its finest?

Without privacy, there’s no fungibility. Only after we fix the first one, can we dream of the latter.
And you found the best solution to fix the lack of privacy.  Blacklisting!  Congratulations, Wasabi.

I am not even going to bother continuing to read the rest of the answers.  They are calling us stupid right in our faces.  F*ck this, I am not having it.

-
Regards,
PrivacyG
legendary
Activity: 3500
Merit: 6205
Farewell LEO, you *will* be missed.
From what I see:
* they try hard to minimize what blacklisting means
* they try hard to cover their blacklist under noble/good reasons (don't you just love politics?)
* they contradict themselves - first they say they buy info from others (info that will lead to same conclusions and blacklists others may have), then they say that's not about centralized blacklist. Well, imho it's just 1mm away from centralized blacklist

But all in all, it's unfortunately expected. I am surprised that they do it publicly, I would expect at least some of mixing services analyze the inputs and, if they're 100% sure from hacks, seize them and return them to rightful owners. It's not normal, I don't know if it happens at all, but it will happen rather soon.

We have to stop fooling ourselves, Bitcoin, by design, is not fungible. Some already use this, some will do. Sadly, against us.
legendary
Activity: 3262
Merit: 16303
Thick-Skinned Gang Leader and Golden Feather 2021
I'll post my (mildly sarcastic) response to the CEO's answers here instead of in Wasabi's thread:

Quote from: answers are 100% coming from the decision maker
We do not care who you are and what you do with your bitcoins! We don't want to know. Unfortunately, some people do collect data, attach it to bitcoin addresses and make decisions based on that information. The company is getting in trouble and harassed because apparently some of the users of our coordinator are so-called “criminals”, according to the people keeping up these databases.

We are not saying that the database is correct, as we do not agree with most of the classifications
So you're telling me someone harassed the company until you paid them for data that you don't want and may not even be correct? Isn't that extortion?

Quote
Quote from: answers are 100% coming from the decision maker
we want to be able to see the same information that apparently others already have. We don’t want to do any chain surveillance ourselves, so we would rather just buy that information from others.
It sounds to me like someone created a business of pointing fingers and now forces people to buy their idea. Just don't do it. If nobody would do it, nobody else would be "forced to join".

Quote
Quote from: answers are 100% coming from the decision maker
If you knew a pedophile/murderer was eating at your restaurant, would you serve him?
If I told you to give me 20 bucks, so I can tell you which one of your customers is a murderer without any evidence, would you pay me? I've done the same to other restaurants in your area, so you should join the mob mentality, right?
legendary
Activity: 2254
Merit: 4260
🔐BitcoinMessage.Tools🔑
Answer: Regarding the linked, no wallet can prevent users from consolidating coins if they want to. In Wasabi Wallet 1.0 users see a big warning when they try to spend private and non-private coins together. If they want to do it anyway, we should allow it. In 2.0 they see who knows about the transaction they are making but we should add more warnings. Creating a separate wallet for private coins doesn’t help as the user can still consolidate outside the wallet and it’s a very bad UX if sending all coins is urgent. Wasabi Wallet coinjoins are designed to be very large to make sure that even if many users consolidate, you’ll still have plenty of ambiguity from non-consolidated outputs. Deanonymization is a problem in smaller coinjoins with very few participants and low remix rate. Especially if users by default send the server their xpubs, like in Samourai Wallet.

What are these post-mixing tools exactly? Ricochet is very expensive and doesn’t provide you any privacy. 6 hops between cj and exchange is something you can do manually with 10x lower price if you think that helps. Or do you mean small coinjoins after the main coinjoin that is supposed to make sure even the people who leak xpubs can get a little bit privacy from the service provider? Otherwise it’s just a crappy coinjoin.

Wait, they think that "post-mix tools" is an invention of Samourai Wallet's devs? Or that, if the question like this is raised during discussions, it necessarily comes from Samourai's sockpuppet? Otherwise, why do they behave childishly attacking other developers instead of giving a clear answer to a justified question?

Yes, a privacy-oriented wallet with in-built CoinJoin functionality must do everything it can to prevent users from consolidating mixed outputs with unmixed change. And yes, advanced users will always find a way to merge privacy coins with toxic change, but who cares if your target audience is newbies who aren't even allowed to coin-control the coins they control (what a wordplay, huh)? And if they are your main audience, then you must protect them first, not advanced users.

hero member
Activity: 868
Merit: 5808
not your keys, not your coins!
I'm quoting the first reply from our community to their answers from o_e_l_e_o:

Thanks for doing this icopress, but they are pretty disappointing answers, to be honest. Don't really clear up very much, and continue to beat around the bush without giving any firm answers in terms of why they decided to start blacklisting, what pressures they were facing, which blockchain analysis companies they will work with, what criteria they are using, and so on.

Quote
These answers are 100% coming from the decision maker (I was asked who should answer the questions, I said I expect a response directly from the CEO).
Who is the "decision maker"? nopara73?

Quote
We do not care who you are and what you do with your bitcoins!
I mean, that's just simply not true. If you didn't actually care, then you wouldn't be implementing blacklisting, would you?

Quote
The company is getting in trouble and harassed because apparently some of the users of our coordinator are so-called “criminals”, according to the people keeping up these databases.
So fight the harassment rather than selling out your users. Other privacy focused projects manage it.

Quote
We are not saying that the database is correct, as we do not agree with most of the classifications but we want to be able to see the same information that apparently others already have. We don’t want to do any chain surveillance ourselves, so we would rather just buy that information from others. We are not interested in applying sanctions or other immoral crap.
And in supporting, cooperating with, and even paying blockchain analysis firms, you are absolutely complicit in applying sanctions and plenty of other "immoral crap".

Quote
If you knew a pedophile/murderer was eating at your restaurant, would you serve him?
Strawman. Restaurant food isn't supposed to be a fungible currency, and a restaurant owner isn't supporting and paying a mass surveillance operation for intimate details about all their customers.

Quote
It’s the same as having a washing machine that by default collects xpubs. Privacy. All implementations have tradeoffs, pick your poison.
Honestly, what does this even mean? A childish attack at Samourai without answering the question whatsoever.

Quote
Hopefully all users, wallets and services won't have to “consult a centralized blacklist before accepting bitcoin”. But it’s their choice if they want to discriminate against a certain coin, user or service.
Absolutely. But the exchanges which spy on where their users' coins are coming from and discriminate against ones they don't like also don't market themselves as a privacy solution. You can't have it both ways.

Quote
If this would be mandated by authority, it would be bad. But that’s not the case in our blacklisting, like I explained in the first answer.
You said you were "getting in trouble and harassed". If not by the authorities, then by whom?

Quote
people should be grateful for the tools that zkSNACKs has built and take advantage of the situation by capturing the market. Instead of all the whining we’re hearing.
Honestly laughed out loud at this. How childish.

Quote
What you are looking at is 1.0 documentation. 2.0 docs are still under construction.
And yet you still host the 1.0 documentation and you still link to it quite visibly on your website.

Quote
The querying process doesn’t affect users' privacy.
You send off 200 outputs to your blockchain analysis partners. They say that 195 of them are fine, but 5 are blacklisted because they are all associated with gambling. Turns out, they were all withdrawals from the same gambling site, which the blockchain analysis company will be able to clearly see. Congrats, they've just linked all 5 of those outputs to the same person.

Quote
Every node has blacklists for nodes that behave badly for one reason or another.
If you honestly can't see the difference between blacklisting a node which is DoSing you and blacklisting users who you have unilaterally decided shouldn't be allowed to coinjoin their outputs, I don't really know what to say.

Quote
Nopara73 actually got into an argument with Scamourai originally because he wanted to explore the possibility of creating decentralized coinjoins without any coordination fee. Scamourai didn’t like that so as usual, they started attacking him. Eventually Nopara73 gave up on that idea and decided to use a centralized but trustless server. To this day, there’s no decentralized version, other than in people’s dreams.
Scamourai? Was this written by a 12 year old? Also what is JoinMarket, if not a decentralized coinjoin?

Quote
We will share everything we can, which is nothing.
Didn't answer the question. To remind you, here is a direct quote from your documents:
If You find any reason to violate the law during Your transaction (for example, in a transaction with a third party), please let us know at one of the contacts listed at the end of this document.
The Service Provider shall assist the investigation in any case, if so instructed by an authorized body, a final court judgment or a final regulatory decision.
Why would you invite people to let you know about an illegal transaction if you actually have no data to share? How will you assist the investigation?

Quote
Everything is shit, but this is the best we got. Better get to work if we want something more.
A blockchain analysis supporting, blacklisting, pro-censorship, anti-fungibility wallet is absolutely not the best we have got. If we want something more, then better to go use and work on projects which are actually offering something more.
hero member
Activity: 868
Merit: 5808
not your keys, not your coins!
For anyone out of the loop, a quick introduction. On the 13th of March, 2022, the CoinJoin-enabled Bitcoin wallet WasabiWallet.io announced they will start blacklisting certain UTXOs.
More on this here.
The tweet: https://twitter.com/wasabiwallet/status/1503091503207432193



Essentially, they will start refusing UTXOs associated with illegal activities, preventing them from participating in CoinJoin transactions. The list of what they are considering illegal can be found here: https://twitter.com/ODELL/status/1503141547071754242

It is not clear how they will determine if certain UTXOs are illegal or not, but it all definitely can be called an attack on fungibility and privacy. If this news is true, the default coordinator run by zkSNACKs company is no longer a reliable solution to coinjoin your transactions.

Since icopress was speaking to them regarding a signature campaign for multiple months prior to that, and it went live recently, he had a good contact at Wasabi and offered to send a list of questions directly to Wasabi's CEO.
For full transparency: icopress contacted me and he kindly offered me to send him a concise list of questions which he'd directly forward to the Wasabi CEO.
I'm partly speculating myself in this thread, but also gave Wasabi the benefit of the doubt in some cases and generally try to be as objective as I can. Therefore I thoroughly read everything you guys are writing and will summarize a list with the 'top questions'.. Smiley

We now got our answers, so I created this thread to talk about them, as not to clutter the main WasabiWallet.io thread.



I posted my questions just when I sent them to icopress, here:
[...]

The answers are below. I'm not really satisfied with them, since they don't really explain the discrepancy between privacy and surveillance, between fungibility; supposedly allowing everyone to use the service, but employing a blacklist, and don't explain the reason behind the switch either. What do you guys think?
  • Guys, below are the answers to 24 questions that n0nce formulated on behalf of the public.

These answers are 100% coming from the decision maker (I was asked who should answer the questions, I said I expect a response directly from the CEO). I also hope that these answers can shed some light on some of the nuances, and cool the discussion (or make it even hotter).  Cheesy



1. Who is your target audience / target user demographic? Due to the recent changes, we must assume it's people who are interested in mixing coins, while at the same time not having a problem with the mixer discriminating between UTXOs. Mixing with a blacklist seems like an oxymoron to us and we struggle to see the use case.
Answer: Our target audience is Bitcoiners.

Many people seem to struggle understanding what zkSNACKs blacklisting really means and why we are doing it, so let’s start from the basics. ZkSNACKs is a company that sponsors the development of an open-source project called Wasabi Wallet. This company also runs the default coordinator that is needed to create coinjoin transactions in Wasabi. This coordinator service can be run by other entities too, as everything is open and available. Users are able to choose which coordinator they want to communicate with but unfortunately there are not many options, as running one has its risks and not many people are willing to do it.

The zkSNACKs coordinator is clearly the largest and has substantially more liquidity than others; hence, this is why most people use it. Wasabi Wallet was built in a way that the developers and zkSNACKs don't collect any data about their users. We do not care who you are and what you do with your bitcoins! We don't want to know. Unfortunately, some people do collect data, attach it to bitcoin addresses and make decisions based on that information. The company is getting in trouble and harassed because apparently some of the users of our coordinator are so-called “criminals”, according to the people keeping up these databases.

We are not saying that the database is correct, as we do not agree with most of the classifications but we want to be able to see the same information that apparently others already have. We don’t want to do any chain surveillance ourselves, so we would rather just buy that information from others. We are not interested in applying sanctions or other immoral crap. We are exercising our right as a company to choose not to serve those people who could get us in trouble and the ones whom we wouldn’t want to support for ethical reasons. This includes known thieves like politicians.

Ostracization is, in our opinion, a libertarian way to react to the problems that have occured because of these high profile users. We are still not collecting data about our users nor are we revealing anything new to chain analysis companies. The blacklisting has no effect on users' privacy. If you knew a pedophile/murderer was eating at your restaurant, would you serve him? Especially if serving him gets you in trouble? Basically, are you willing to sacrifice yourself and your restaurant for him?

2. Related to point 1, we found comments on your own Twitter profile from presumably former Wasabi users, like:
What's the point of a washing machine that only washes clean laundry?
- do you have a response for that?
Answer: It’s the same as having a washing machine that by default collects xpubs. Privacy. All implementations have tradeoffs, pick your poison.

3. Is it correct that you now officially focus on institutional investors and chose to implement a blacklist for this reason? Your blog post and other statements make it seem like this is the case. For example in this interview: https://stephanlivera.com/episode/364/, Max Hillebrand said: 'if you, as a CoinJoin coordinator, if you want to work with institutional clients, hedge funds, insurance funds, Michael Saylor, and all these people, well, even if ZKSnacks were not to be regulated, those customers might very well be, maybe because they're custodians of other people's money or whatnot. And then these regulated entities can only become users of a coordinator—arguably, I'm not sure—if such a blacklisting is involved.'
Answer: No, we’re certainly not exclusively focusing on institutional investors and this has nothing to do with why we are implementing a blacklist. Just like Bitcoin adoption, there are different levels of users and we feel like Wasabi Wallet is the best way to improve privacy within Bitcoin. Therefore, we would like our wallet to be used by any user: institutional or recreational.

4. If institutional investors are now your target audience, why didn't you communicate this openly and transparently - maybe even continued running Wasabi 1.0 for the vast majority of users, without all this tainting and blacklisting and explicitly stated that this 'Wasabi with blacklisting' is dedicated to such investors that are regulated and thus aren't allowed to use a mixer that has no blacklist?
Answer: Lots of loaded assumptions again in this question. Institutional investors are not our main target audience, bitcoin users in general are. Institutional investors are of course part of that group. We are extremely transparent and that’s the problem. We inform our users about blacklisting as soon as we know we are going to implement it, without actually knowing how or when. Some might say we should have informed users about it only when it's implemented but we didn't feel comfortable keeping it a secret.

5. We believe:
If Wasabi were actually being targeted by laws and regulations, then the correct course of action is to let all their users know about it, inform all their users how to mitigate it, explain to their users how to swap to a decentralized coordinator, create easy tutorials for people to set up and run their own coordinators, and shut down their centralized coordinator long before they are forced to start cooperating with blockchain analysis.
Did you consider taking such a course of action instead of the pretty low-key Twitter announcement that got very little visibility and no changes to the website (front and docs page)?
Answer: Regarding the company’s regulatory situation, more info will be shared when possible. We’re always happy to share information about how to change coordinators when someone asks about it but there is no decentralized one. Here’s a link for instructions on How to Connect to Chaincase Coordinator from Wasabi? · Discussion #119. More info about the blacklisting will also be provided once it’s closer to being implemented.

6.
Why do the institutions of all people need to use CoinJoin on their assets in the first place? Do they have something to hide too?
It seems odd that institutional investors want to use a mixing service; since they usually rather prefer to keep their Bitcoin investments in the hands of a broker / exchange or hold Bitcoin ETFs. Or are the 'institutional clients, hedge funds, insurance funds' trying to hide something from their customers?
Answer: Privacy is not about secrecy. It’s an ability for you to choose what information you share with others. Institutional adoption for our wallet is more than just investors. It’s also the several exchanges conducting thousands of transactions daily. It’s the banks who are wanting to offer their customers the privacy that was commonplace in the banking industry for hundreds of years. It also includes all the companies who are paying their employees in Bitcoin and are obligated to conceal each employee’s compensation.

7. Your website still says:
The aim of bitcoin is to be a decentralized digital currency, but if all users are eventually required to consult centralized blacklists before accepting bitcoin, then its decentralization will be destroyed.
This stands in direct contrast to your blacklisting update. Has your opinion on blacklists changed or how is this view compatible with providing a Bitcoin anonymity service that only allows certain UTXOs to use it?
Answer: Hopefully all users, wallets and services won't have to “consult a centralized blacklist before accepting bitcoin”. But it’s their choice if they want to discriminate against a certain coin, user or service. That’s part of the freedom of association if it's their decision. If this would be mandated by authority, it would be bad. But that’s not the case in our blacklisting, like I explained in the first answer.

We are implementing our own blacklist, as we dont care to become martyrs by serving thieves. We want to keep building the best privacy tools for bitcoiners to take advantage of. Instead of social justice warrioring on behalf of politicians, shitcoiners and other thieves, people should be grateful for the tools that zkSNACKs has built and take advantage of the situation by capturing the market. Instead of all the whining we’re hearing.

8. WasabiWallet also states this; which we all agree with.
If Bitcoin fungibility is too weak in practice, then it cannot be decentralized: if someone important announces a list of stolen coins they won't accept coins derived from, you must carefully check coins you receive against that list and return the ones that fail. Everyone gets stuck checking blacklists issued by various authorities because in that world we'd all not like to get stuck with bad coins. This adds friction and transactional costs and makes Bitcoin less valuable as money.
- Now Chainalysis is the one providing such a list and you're asking them which UTXOs are on the list and which are acceptable. Don't you think you're helping set a precedent which may lead exactly to the scenario described, where everyone will be stuck checking blacklists upon blacklists, published by tons of different authorities, which will make Bitcoin less valuable as money? Are you now making Bitcoin less valuable as money?
Answer: Even though we have the saying “Don’t trust, verify” embedded in the bitcoin culture, very few seem to be actually doing that. We have not said that we would be buying services from the Chainalysis company. This is, again, projecting/assuming. We are going to buy info from a chain analysis company, but not from Chainalysis. We are not asking them which inputs we can include in a coinjoin, but what they know about these inputs.

We decide who we serve. It’s absurd for people to even think that bitcoin would already be fungible when it’s so easy to gather and attach data to the event in the chain. Without privacy, there’s no fungibility. Only after we fix the first one, can we dream of the latter.

9. This statement on your website also strongly implies you are not censoring users, which you now clearly are doing.
The only known possible 'malicious' actions that the server could perform are two sides of the same coin; Blacklisted UTXO's: Though this would not affect the users who are able to successfully mix with other 'honest/real' peers.
In general, it seems like you intentionally never changed the website until the latest redesign (which didn't affect the docs page quoted here, though). Why was there so little communication around this huge update and everything kept so 'on the low'? (big credit to o_e_l_e_o for digging these out)
Answer: What you are looking at is 1.0 documentation. 2.0 docs are still under construction. Blacklisting is still not implemented.

10. Many users were puzzled about your very minimalistic Twitter announcement; and what the image is trying to convey isn't clear either. Was this intentional? Some of us speculate that you believe WasabiWallet to be something like a 'last glimmer of hope' for Bitcoin privacy or something like that, since it sounds like that in various interviews and Twitter voice calls, too. Or are you aware that other, even better solutions exist, especially for the people who need privacy the most?
That's exactly why we introduced blacklisting: so we can continue to operate and users can still have privacy using Bitcoin.
Wasabi Wallet 2.0 is decades ahead of other privacy solutions in Bitcoin.
Such statements make it appear like you believe yours is the only privacy solution and that there is no privacy in Bitcoin without Wasabi. Would you confirm this? Actually, later you admit that LN has better privacy, so this already seems like a contradiction.
Answer: We sincerely see WabiSabi as the best on-chain privacy technology in bitcoin today. We are aware of various other projects but in all honesty, they are shooting very low. Once you understand WabiSabi, you’ll see why we think it’s on a completely different level. Lightning is nice but not for on-chain privacy.

11. We're talking about political refugees, government critics and investigative journalists for example; these are amongst the ones needing privacy the most (and therefore switching to Bitcoin in the first place). But in https://twitter.com/HillebrandMax/status/1537503087987937283, at 1:32:10, Aviv Milner says that 'the average person who's using the product especially if you're not in a situation where you're your life depends on it and there's a large government organization that's well funded that's looking to to find you and hunt you down if you're not in that extreme situation then wasabi provides an incredible amount of privacy'. So it means WasabiWallet is not the 'ultimate privacy solution' for Bitcoin after all; just maybe for 'getting a little privacy' or how should we call that? Someone who really, really needs actual privacy cannot rely on Wasabi then? What should they use in your opinion? On one hand, you say Wasabi is the only / best option for privacy, but then admit it doesn't provide enough privacy if someone's life depends on it; so what's the point of it all then? We don't believe privacy is something quantifiable; it's more a yes-or-no kind of deal. Either your UTXOs and transactions are private or they're not.
Answer: Privacy is not black and white. Name a service that promises you 100% guaranteed privacy? Thought so too, there is none or they are lying. Privacy is not a simple matter. There are always risks and tradeoffs. Everyone is just trying their best. Wasabi is far from perfect but it’s one of the only options and compared to other wallets, it’s privacy is very, very good.

12. We noticed your download numbers have almost collapsed since the blacklisting announcement; did you expect this and how does this reflect on the anonymity set? https://tooomm.github.io/github-release-stats/?username=zkSNACKs&repository=WalletWasabi
Answer: Not sure what you mean, we’ve been working on 2.0 for a long time and havent been working on 1.0, hence no feature updates.

We launched 2.0 on the 15th of June during Tor DDoS attack and it took a few days to get coinjoins running but we already have a lot more than 5k downloads at this point, which is very nice. The amount of users using 1.0 is expected to drop as people move to 2.0. The biggest coinjoin we’ve conducted now has 250 inputs and a bit less than 300 outputs, so from an ambiguity perspective, coinjoins look better than ever.


13. Are there any insights on how you blacklist? Do you rely solely on the data from Chainalysis or do you pre- and / or post-process the data? Since we assume blacklists are used to block coins from illegal origins; which laws or rules are used to determine if an origin or past activity is legal or not? Since Bitcoin is a global currency tied to no nation in particular, it appears impossible to declare 'legality' in this context. For example, copyright laws differ widely across the world; or when it comes to anything sexual, some stuff is illegal in certain countries, but totally legal in others. How can a legal ground be found to determine which UTXOs are 'good' and which are prohibited?
Answer: Chainalysis! = chain analysis. Let’s say we have 200 inputs wanting to register for a coinjoin. We take those and 200 other random bech32 UTXO’s that we send to their API. We get back a response where they let us know if any of these UTXOs match any of the categories and criterias zkSNACKs has set. Those addresses that we accept will proceed to the input registration, those that are blacklisted will get a notification that this UTXO is blacklisted. As a reminder, Wasabi coinjoin is built in a way that the user never loses control of their coins. The coordinator is never custodying users’ money, therefore it can not seize them etc. The querying process doesn’t affect users' privacy.

14. Are all UTXOs sent to Chainalysis for inspection, whenever someone wants to do a CoinJoin or only if after some pre-filtering you have some suspicion?
Answer: Chainalysis != chain analysis. Fresh bitcoins are queried only for coinjoin.

15. Let's take an example: An investigative journalist uncovered a government or other wealthy entity's dirty secrets and now they're after them. People want to donate to the whistleblower or they want to spend their donations through WasabiWallet. However you get a notice to block those UTXOs, so you do exactly that; isn't this exactly the target audience? Isn't this exactly the person who needs a Bitcoin privacy solution? (This refers back to point 1). Don't you also go straight against Bitcoin's original goal of pseudonymous, fungible currency that can be received from and sent to anyone, anywhere, anytime? What's the use of a privacy solution if the ones needing privacy are not allowed to use it? (this refers back to point 2)
Answer: Nothing prevents users from using the open-source wallet to receive and send payments however they want. ZkSNACKs coordinator implementing blacklist does not affect any other wallet features than coinjoin. The company is not implementing a government sanctions list or blocking users like the Canadian truckers.

16. We believe that starting censoring some users opens the door to censoring anybody and everybody. Would you agree with this?
Again: Bitcoin is either censorship resistant, or it isn't. You cannot pick and choose who it is censorship resistant for. If you, like Wasabi, start censoring some users, then you open the door to censoring anybody and everybody
Answer: Luckily we are not making changes to Bitcoin protocol but to our very own server. Every Bitcoin node has the right to choose which transactions it includes in its mempool or relays. Every node has blacklists for nodes that behave badly for one reason or another. ZkSNACKs coordinator has always banned the coins of misbehaving users, as that’s part of the DoS protection. None of these are censorship, as only a government can do such a thing. Everything else is personal preference under the freedom of association.

17. Let's take a step back to the beginnings. Did you consider building something decentralized instead of the current coordinator model? As we can see now, it created a central point of failure.
Answer: Nopara73 actually got into an argument with Scamourai originally because he wanted to explore the possibility of creating decentralized coinjoins without any coordination fee. Scamourai didn’t like that so as usual, they started attacking him. Eventually Nopara73 gave up on that idea and decided to use a centralized but trustless server. To this day, there’s no decentralized version, other than in people’s dreams.

18. You already said this isn't the case; so you don't have to confirm or deny if this happened; but if we're being skeptic, we have to consider the idea that you were pressured by authorities after all, with an extra clause that you're not allowed to say anything about it. Did you ever consider that a privacy-enhancing service would sooner or later be targeted and pressured by authorities? Other similar services explicitly made sure from the beginning that the creators and developers are anonymous, pseudonymous or generally unknown, to make sure such pressure can't be exterted on the project. Actually, satoshi himself may have left Bitcoin to remove such a central point of failure (through pressure on the creator).
Answer: Information about pressures will be posted later. Satoshi is one of the few people who have actually stayed anonymous and left the project. Otherwise, I’m not sure who you mean. Working on a privacy project in today's day and age is very risky. If the project succeeds and grows, it’s only a matter of time before the people involved get harassed. This is expected and that’s why it’s important that we build as much as we can before the worst comes. Even though there’s not necessarily a law forbidding a privacy focused business, it’s only a matter of time before regulators find a way to try to shut the project down. We want to try to distance ourselves from these problems as much as possible, by avoiding unnecessary negative attention.

19. Did you pay for this post? https://bitcoinmagazine.com/business/wasabi-wallet-2-contains-new-features-for-optimizing-bitcoin-coinjoins We wonder how it completely ignores the blacklisting update, given the generally bad reception by the (vocal, even on Twitter) community. There is no mention of collaboration between WasabiWallet and blockchain analysis companies.
Answer: No. But as the announcement has nothing to do with blacklisting, it’s no wonder why the blacklisting topic was ignored.

20. Another question quoted directly from the community:
I'm also interested in the scenario (which will definitely happen sooner or later) where someone is allowed to mix their coins and then afterwards Wasabi decide that their inputs were tainted and they shouldn't have been allowed to mix them at all, since the document linked to above also invites you to inform them of any illegal transactions and states that they will fully cooperate with any investigations. Why would reporting an illegal transaction to Wasabi achieve anything at all, unless they have the ability to track those coins and are going to share that information with law enforcement?
Answer: We will share everything we can, which is nothing. That’s the point of zero-knowledge software. Legal papers have all kinds of formalities. False positives and false negatives on blacklisting is unfortunate, but we will try to minimize those as best we can, of course.

21. Automatic CoinJoin and the removal of manual UTXO selection altogether is a deal-breaker for some users (especially in the context of the whole update). We believe it's unexpected behaviour of a wallet to automatically (without user opt-in) send all of a user's UTXOs to a blockchain analysis company for vetting (whether blacklisted or not) and afterwards be mixed. Some users are worried that the very act of mixing makes the UTXO 'tainted' in the eyes of the exchange and that it will freeze those funds. By the way: this is exactly what you predicted in your old docs pages; if everyone starts coming up with 'taint definitions' and blacklists, using (moving) Bitcoin will become infeasibly cumbersome.
Answer: Automatic coin selection and auto coinjoin are a good option for newbies who have no idea what they are doing but we totally understand that advanced users would like to have more insights and control. Features that enable these will very likely be added in the future in one way or another. Before users even open the wallet, they see our terms and conditions, which they have to accept in order to use the software. Coinjoins are considered inherently high risk by many chain analysis services and they are advocating their clients to block them all. Let’s see if a “blacklisted coinjoin” can get a lower score and we can remove the stigma from coinjoins.

22. Another quote from the same recent Twitter group chat: https://twitter.com/HillebrandMax/status/1537503087987937283 (at 1:32:40) - Aviv Milner says that 'Maybe there is a little more privacy in Lightning'; and elaborates that LN is tricky to use though, so he implies that Wasabi is actually less anonymous / less private than Lightning, but just easier to use? Would you confirm that, that Wasabi CoinJoin privacy is lower than Lightning privacy? So if I need the absolute most privacy, you would recommend to create a Lightning channel and / or doing a submarine swap instead of doing a WasabiWallet CoinJoin? This is practical, important information for a lot of users who need as strong privacy guarantees as possible.
Answer: For strong onchain privacy I don’t know anything better than coinjoin. You never know who’s coin you end up with in a swap. You should also open all your Lightning channels with coinjoined coins. Everything is shit, but this is the best we got. Better get to work if we want something more.

23. Right before, he also says that it's much more private than the vast majority of alternatives; what are those alternative privacy solutions that are much worse than WasabiWallet? Or did he talk about the 'alternatives' as non-privacy-promising, plain and normal non-custodial wallets, with no CoinJoin implementation in them; that these are less private?
Answer: See above.

24. For the last point, we have an important observation:
Wasabi Wallet doesn't utilize any post-mix spending tools, and if part of the users practices bad spending behavior (like spending directly to a centralized exchange), then the other part of the users (more advanced) can potentially be deanonymized in a process of elimination.
If I recall correctly, this is also a potential issue / attack on other such mixing technologies; where bad behaviour (unintentional or even intentional) can put the privacy of other users at risk. This sounds like a loophole / security issue just looking to be exploited. Would you confirm this issues and if yes, are there any plans yet to improve this?
Answer: Regarding the linked, no wallet can prevent users from consolidating coins if they want to. In Wasabi Wallet 1.0 users see a big warning when they try to spend private and non-private coins together. If they want to do it anyway, we should allow it. In 2.0 they see who knows about the transaction they are making but we should add more warnings. Creating a separate wallet for private coins doesn’t help as the user can still consolidate outside the wallet and it’s a very bad UX if sending all coins is urgent. Wasabi Wallet coinjoins are designed to be very large to make sure that even if many users consolidate, you’ll still have plenty of ambiguity from non-consolidated outputs. Deanonymization is a problem in smaller coinjoins with very few participants and low remix rate. Especially if users by default send the server their xpubs, like in Samourai Wallet.

What are these post-mixing tools exactly? Ricochet is very expensive and doesn’t provide you any privacy. 6 hops between cj and exchange is something you can do manually with 10x lower price if you think that helps. Or do you mean small coinjoins after the main coinjoin that is supposed to make sure even the people who leak xpubs can get a little bit privacy from the service provider? Otherwise it’s just a crappy coinjoin.
Pages:
Jump to: