Topic: Wasabi wallet data privacy questions (Read 587 times)

Kruw's passionately defending Wasabi wallet but it won't be simple to forget what zkSNACKs did. Their lost rep isn't coming back. As a mixer they'll never reset relations with users it's over. Other coinjoin options exist so they'll grow but Wasabi's going to lose users.

I've waited for Kruw to answer about what Coinfirm does with addresses but he didn't reply so I'm locking the thread.

The passion that Kruw shows in defending Wasabi's business model is amazing to me. He has no problem defending a so-called privacy tool that asks a non-privacy entity to check if selective privacy is allowed for user X. Before privacy is approved, the user's privacy will be violated by checking the history of their UTXOs and finding as much information as possible. If the history is considered to be bad and checks any of the secret checkmarks no one knows anything about, the person using the privacy tool (for privacy reasons) will be rejected. Amazing! 

When I've mentioned Coinfirm to Kruw he hasn't denied so I've assumed it's them. It isn't about the codebase it's about Kruw didn't deny they're using Coinfirm.

Thanks o_e_l_e_o I've moved on to other topics but there's one question Kruw hasn't answered. I'd like to read his answer. When Coinfirm's in possession of addresses to run analysis what else are they doing with them. I'll ask Kruw for the answer.

Other topics to learn include Monero so I've put a I'm about to test Monero so should I use gui wallet or light wallet thread. I wanted to test Bisq after my Monero review but if I'm going to download the pruned blockchain it's possible I'll test Bisq first.

They also shouldn't be surveilling or censoring their users, but here we are.

No one from Wasabi has ever confirmed nor denied it is Coinfirm. We are assuming as much because of this code in the Wasabi codebase: https://bitcointalksearch.org/topic/m.62438954

You've learnt enough about Wasabi to know they are an enemy of bitcoin and no one should ever use them. You can move on to learning about other topics now.

This is the unfortunate consequence of being biased.  You will support the policy your money depend on; moral standards secondary.  We have no idea how much money they are making out of this, but judging by the many partnerships with Wasabi, I believe lots.  Even achow101, one of the most active Bitcoin developers, is sponsored by Wasabi to do live streams in Twitch: https://www.twitch.tv/videos/1886617304

That is exactly one of the points, or maybe they don't even have concrete reasons to tell, they just spy on you and then decide whether you have a right to their CoinJoin or not.
I don't have a problem if people defend who they represent, but there are flaws that are just so obvious that it becomes so malicious to continue defending. It is obvious you lose privacy when you use Wasabi's CoinJoin, because they use your fee to pay a blockchain analysis company to spy on you, they are working contrary to how BTC is supposed to work, how can one continue to argue against the fact and claim they are the ultimate privacy solution?
No.

If it's a secret it's another reason why Wasabi gets negative rep. It's important info they shouldn't be hiding from users.

Kruw's busy giving answers in threads he's inundated with questions about Wasabi's data. I respect him I don't have a bad impression of Kruw. He's believing in Wasabi Wallet so I'll respect him for defending it but if he doesn't know it's better he says.

If we don't know what Coinfirm's doing with data they've received from zkSNACKs we can't be satisfied it isn't spying outside the scope of blockchain analyis for coinjoin.

Didn't Kruw says it's Coinfirm?

I've used it recently for tests but else don't use Wasabi wallet. I've done the same with Sparrow wallet when I've tested it. I'm stacking sats so I'm a small saver using Electrum wallet so I'm asking about Wasabi Wallet because I'm interested learning about wallets, mixers, TXID, blockchains

You are surely free to ask questions, but i don't think you'll get any honest response from this user about all the questions you've been asking, you can follow the discussion in this topic and you'll get most of the honest info that you want, as for the rest, we do not know because Wasabi is keeping it a secret, even reasons why you can be blacklisted is a secret. It is just better not to use wasabi and forget about it.
It has been clear from the beginning. The backlash wouldn't have been this much if wasabi and this user too just admit that with blacklisting certain UTXO they are not working in line with what BTC stands for... and some other consoling statements along those lines, it will put an end to the case asap, though wasabi would still not be recommended, but to still be arguing that they are the ultimate privacy solution for BTC is really malicious.

We don't even know for sure it's Coinfirm.  The community in this place and in Twitter had reached in that conclusion, but they have not made it official.


At this point, I think Kruw is only defending the Wasabi project from bias, because he is a contributor.

No, it's secret. Wasabi won't even tell you something as basic as why your coins are being censored. They certainly aren't going to tell you what is in the small print of their agreements.

He is deliberately not answering that because either he doesn't know, or he does know and it's awful as I described above. If he does respond to this direct question, I fully expect him just to repeat his same nonsense sound bites.

When zkSNACKs made the deal they should've guaranteed info wouldn't be used for other analysis or sold. What's in the fine print between zkSNACKs & Coinfirm matters to users. Is it available? Kruw's saying Wasabi wallet isn't taking data collection but he hasn't said what Coinfirm's doing with data.

Being rejected from a coinjoin means being rejected from having your privacy protected, which is rather the opposite of harmless.  You are harming the people who might have not done anything and whose coins are arbitrarily subjected to crime by denying to anonymize their coins.  Sure, they can go and try out in another software, as JoinMarket, but you do harm the reputation of Bitcoin privacy software.

As for the "simply register with a different coordinator", how is that going?  Is there even one that is running separately from zkSNACKs?

The weakness that if you use Wasabi, you can no longer use bitcoin as it was designed - peer to peer with no third parties. You can't do this because you have to ask Wasabi to ask Coinfirm for permission to spend your coins in the way you want. If Coinfirm decide you are a naughty child, then you are censored. This is obviously a significant weakness compared to other coinjoin implementations.

A typo. Fixed.

He was specifically asking what Coinfirm do with the data Wasabi pay them to gather on your UTXOs. Whether or not Wasabi is open source is utterly irrelevant to this question. As usual you are answering completely different questions to what is actually being asked because you aren't honest enough to give the uncomfortable answers.

Coinfirm are a blockchain analysis company whose entire purposes and entire existence depends on gathering and selling data. Any data Wasabi pay them to gather will be used for any other analysis they want and sold to any other third parties they want.

How are zkSNACKs servers connected to Coinfirm to check incoming UTXOs. They haven't told how it's processed. If mixers wanted to reject stolen coins wouldn't it be convenient for hacked wallets addresses be posted in a central site. It stops blockchain analysers in direct communication with mixers.

When a company gets data it means they can make money from selling it. If it's sitting with data collection companies you're sure it's going to be sold. They way Kruw's explained Coinfirm isn't doing anything with the data except checking for stolen coins. Should zkSNACKs develop a different strategy to check for stolen coins?

What "weakness"?  What do you mean "blockchain implementation"?  You are making no sense.


Not quite:  Rejected coins never leave their original addresses at all.  No fees is paid, no coins are spent, no data is revealed.  Being rejected from a coinjoin is completely harmless to the user, they can simply register with a different coordinator with absolutely no consequences whatsoever.


zkSNACKs or Coinfirm cannot follow you or connect you to the naughty coins because your IP address is protected by Tor.  They cannot connect the UTXO to any other coins in your wallet because your xpub address is protected by your client's use of block filters (https://bips.xyz/158).

This is the most important difference between Wasabi and other clients like Samourai/Sparrow:  Wasabi's developers and coordinators NEVER gain any data from you, whereas the Whirlpool coinjoin coordinator collects your data and will notify you when it gets turned over to the government:  https://samouraiwallet.com/canary


You do know because Wasabi is open source, just like Bitcoin itself.  You can verify for yourself that no identifiable data is ever leaked by Wasabi clients to its developers or any coordinators.  Wasabi is very proud about its zero data collection policy, yet you continually say that "you don't know" what data is collected.

The answer is ZERO.

Whatever coins you try to coinjoin, Wasabi pays Coinfirm to spy on those inputs and decide whether or not they are "naughty".

We don't know, and Wasabi won't tell us. I suspect Kruw doesn't know this either - the knowledge is probably limited to the top 2 or 3 devs at Wasabi. But given that all blockchain analysis companies only exist to gather data and then sell and share that data with third parties, I would be very surprised if Coinfirm don't use this data that Wasabi pay them to gather in a variety of other nefarious ways.

Before I didn't understand what happened to rejected naughty coins so I assumed the negative. It's better if there isn't a risk of coins beings sent back to addresses. If funds sit in Wasabi wallet it's owners can send them when it's convenient.

How's Wasabi wallet connecting with Coinfirm for data analysis and what's Coinfirm doing with the info after they've decided coinjoin status? Kruw said Coinfirm secret analysis isn't connecting coinjoin outputs so does it mean it isn't bad if it's true?

Wasabi won't automatically send your coins anywhere. If you deposit them to your Wasabi wallet and zkSNACKs decides you are a naughty little kid who is not allowed to coinjoin, then your coins just sit in your Wasabi wallet until you send them somewhere else. They won't automatically be returned to the previous address.

He can't answer this because he doesn't know. Nobody except Coinfirm know what their secret analysis involves or know just how far backwards or forwards they are keeping track of your coins. Suffice to say, however, it's more than a single transaction, and they will be using all the data they have at their disposable to deanonymize and track your coins. This is what you subject yourself to if you use Wasabi.

Kruw I've used a previous example so here's a newer. Rejected coins return to original address that's perfect if it's Bitcoin Core or Electrum wallets types. What happens next shouldn't include zkSNACKs or Coinfirm keeping tabs on my prior history UTXOs in Wasabi wallet or any future ones. As the receiver user I'd like to know will zkSNACKs or Coinfirm put eyes for following me or connect me to the naughty coins? It's important for understanding what Coinfirm does with data if they've analysed naughty coins.

tx1 Satoshi uses Binance sends 0.1 btc to arabspaceship123 Electrum wallet
tx2 arabspaceship123 Electrum wallet sends 0.1 btc to Wasabi wallet for mix
tx3 Wasabi wallet use Coinfirm for analysis. My 0.1 btc considered naughty so banned
tx4 Wasabi wallet returns 0.1 btc to arabspaceship123 Electrum wallet

Naughty coins will be sent back to the same address but the receiver won't get them if they've originated from mixers. What happens to banned naughty coins if they're sent from single use addresses in Sinbad Coinomize or Whirlwind?

tx1 Satoshi uses Binance sends 0.1 btc to arabspaceship123 Electrum wallet
tx2 arabspaceship123 Electrum wallet sends 0.1 btc to Sinbad wallet for mix
tx3 after mix Sinbad sends 0.1 btc to Wasabi wallet for mix
tx4 Coinfirm for analysis. My 0.1 btc considered naughty so banned
tx5 Wasabi wallet use Coinfirm for analysis. My 0.1 btc considered naughty so banned
tx6 Wasabi return 0.1 btc to Sinbad address but I won't get received funds

Except you do have to trust zkSNACKs not to censor you after they are done paying blockchain analysis companies to spy on you.

There are other blockchain coinjoin implementations which do not have this weakness. Any sensible person will use one of them instead.

Edit: typo.