Topic: What happened to Bitcoins being anonymous? (Read 4736 times)

I use the term "private". Anonymous sounds like you have something to hide, private sounds like you have the right to hide something.

Also what you are seeing is the TX being relayed which isn't necessarily the IP/location of the sender.

You can see all the transactions but you don't know who owns each address

Hrm... I might see a pattern already...

Good. the allinvain thief, mybitcoin theif, bitcoin7 thief, bitcoinica feb 2012 thief, bitcoinica (linode) thief, bitcoinica (rackspace) thief, etc., should all be shaking in their boots by now.

I'm going to assume they're change addresses (no time to mess with pywallet).  I didn't realize RPC doesn't list all of them…though curiously it lists more than in the UI).

I presume you're just doing a simple analysis that looks at all transactions where that address is an input and gathers all the other input address from those transactions.  That got me thinking…how would you make that more private?  Maybe you could devise a "sprinkling service" …you could craft a transaction that sent coins to wherever and then send it to the service…the service would add some additional inputs and output ...basically moving some additional coins between some wallets that the service owns.  The service could require that some coins be offered as a fee.  There's probably some way of making that work with p2sh such that the service never has access to the coins being sent.  With something like that, you could no longer assume that all the inputs of a transaction originate from the same wallet (you can't really assume that now, but I imagine nearly all transactions are like that today).

And don't forget hookers. I was told once that hookers are always paid with cash

Don't forget blow..... I was told once that something like 90% of $20 bills would test positive for cocaine.

At least you don't leave your fingerprints, DNA, and traces food and germs you ate on bitcoins. Add to that surveillance cameras and dogs. Now that I think of it cash is quite icky.

Ah! You nailed it!
A pywallet wallet dump would show them, tho.

The RPC doesn't return the change addresses 

He will make something worse than posting such findings in a public place. No point on helping him to fine tune his script. Ofcourse you can be lying to him just to make him think his script has a problem lol

I'm sure.  I checked against all addresses, even the change…I certainly didn't go through all of these addresses by hand, I dumped them using RPC and checked the list against that.

Well, considering your inclination to post your findings in such a public place, no.  But, I am glad you're trying to determine just exactly what kind of analysis is possible.  Wouldn't the gap be explained simply by the fact that there are people I transact with that no one on these forums would even know exists?

^ this

Steve, are you sure the addresses you say you don't control aren't just change addresses that you're not seeing on the interface, but still yours?

Ackbar says NO!

Steve, if I may ask, could you give me an address in that list that you do not own?  Also, did you ever receive 25 BTC from 'Bitcoineruk' or 35 BTC from 'Luke-Jr'?  

You may be surprised to know that the addresses that you think were not identified correctly are almost assuredly yours... But I would be very interested to know if some of them had no relationship to you. 

EDIT: removed the sending values...

Well, that's pretty good, but not quite there…of the 76 you listed, I control 22.  Still it's quite interesting.

I think 100% certainty is a bit strong (obviously).  For example, do you really know that I control the address in my signature?  What if some of the keys to some of the addresses were given away others?  I think you'd have to have some kind of proof that someone sent a transaction in order to prove that they owned the address(es) associated with the inputs.

If you can build up a database of people and addresses that you're pretty sure they control, you may be able to infer some things with high, but not absolute, confidence.  Maybe you want to have a confidence factor…for example, if someone was in your presence and sent you coins, you'd know with almost certainty that they control the input addresses and the change address…assuming of course they are using a standard client that uses known behavior and not sending from some shared wallet or routing through a mixing service.  However, if someone just listed an address in the signature, you'd still have high confidence they own it, but maybe 90% instead of 99%.  Other sleuthing methods might yield associations with even lower degrees of confidence.  

But if you had this database and came access some new address, you could infer where that address intersects with addresses in your database.  You wouldn't know that it was all one person that is responsible for those intersecting transactions, but you could at least say some coins flowed from that address to some addresses with which you have some degree of belief that you know who owns them.