Topic: What's the situation with Bitcoins privacy/anonymity? (Read 537 times)

No, cash is several times more anonymous than bitcoin, or any other cryptocurrency whatsoever. With cryptocurrencies, there's digital traces, no matter what you want to do about it, there will be traces left, this decreases anonymity, because systems can't be perfect, this anonymity can eventually be exploited.

With cash, due it's simplicity, you get simply a piece of paper. These pieces of paper run in the wild with no traces. It does not get more anonymous than that, which is why governments are going to ban cash, and then it's when I predict anonymity features will be pushed into Bitcoin, or else Monero will get an huge pump, since everyone using cash will most likely use Monero.

You know, even if you did use a privacy/anonymous coin, the premise of the "system" you mention doesn't change. Transaction with anonymous coins can still be proven and verified, if coins were sent or received - only that in most cases, this information is privileged to parties to the transaction. So yeah, you couldn't look up the balance unless you were given access, but the anonymity features don't remove auditability, they merely restrict it.

I think that I know the reason why the blockchain network is not totally anonymous. People who use bitcoin are always hiding behind their bitcoin address and also their personal information, so no one can know you exactly your location or what is your name or specific details like that, but they know how much do you have in your address and they can see your transactions. I don't think it will be right if you also hidden this thing, so then you can't even make any proof that you are already sending/receiving bitcoins.

The real question is why ?, the whole ida behiend using the blockchain netowrk is that every transactions is veriefied and made public, it is how the system works, while the transaction information are public, the users are still anonymous because they are hidden behiend their bitcoin address and not their personal information, i don't think that anonymous addreess and transactions would exist because they would still need to be verified by miners.

This was a very interesting thread and as a lay person, aka normie aka non-techie, user of bitcoin, complete anonymity and privacy is low on my list. Security is top. But after reading, I see that all three are intertwined. There are bitcoin forks looking into more privacy. Bitcoin as is was envisioned to be pseudo-anonymous. Having a public ledger is necessary and thus, if by anonymity you mean completely obfuscated and private transactions, there are other coins that try to fill that need as an alternative to bitcoin. There were a couple mentioned. What is interesting for example is that malware and ransoware makers are moving from bitcoin to monero. That's indicative right away about privacy/anonymity of bitcoin versus alts.

 Bitcoin transactions are never truly anonymous and can be searched through the block chain.

In fact, for a long time already there are services that make it very easy to analyze the blockchain. bitcoin is not anonymous. This is a fact known to many people.

I may be wrong, but I believe that it's simply too late to improve bitcoin's privacy/anonymity at a protocol level... if segwit was controversial, then imagine adding that thing. A lot of big companies and exchanges are going to buy miners in order to not give hashrate to approve that update, because big companies im sure are not going to like anonymity at the protocol level since all of them are forced into KYC deals. Imagine people sending transactions into Coinbase in a totally obscured way.. im sure it's not going to be easy to get it done, we'll see a lot of opposition. I would like it to be optional, so if you want you could either do a clean transaction or obscure the amount + use a CoinJoin type of solution to obfuscate ins and outs.

When it comes to bitcoin, we talk about anonymous transactions, bitcoins are not anonymous. Bitcoin hides the identity of the seller and buys only leaving the number of transactions and it's manifest

The idea that bitcoin is fully anonymous is a myth. Government with the right resources can track down owners of bitcoin. Look at how Coinbase were just forced to hand over documents of their customers. I'd say bitcoin is semi anonymous or anonymous to anybody not looking for you

Satoshi did not develop Bitcoin with 100% anonymity for a reason :

1. 100% Anonymity will give 100% protection to scammers/thieves/hackers and criminals.

2. 100% Anonymity will get 100% push back from governments. They would have banned it long ago, if Bitcoin had 100% anonymity.

Satoshi gave it Pseudo-anonymity to place it in the same category as fiat Cash. It is after all a alternative Cash system. 

There are many situations where the weak anonymity of Bitcoin is far preferable to other payment means, such as PayPal, or CC.

A partial list would include such things as political donations and porn site payments. How many things can you think of, where people spend, but where there are issues, problems or outright risks with credit cards?

Bitcoin is often used as an anonymous currency because bitcoin can be sent and accepted without providing any personal identity information. However, bitcoin itself is not completely anonymous in most cases. Bitcoin transactions are never truly anonymous and can be searched through the block chain!

Technically  TumbleBit can work like, it makes a round in every hour. These transactions are leaving specific clues on the blockchain, so someone might can identify which addresses are participating in a round, but no way to tell which addresses sent to which one.

In the first topic, the guy was just giving his own opinion. It's a conspiracy theory that is around for a long time now. Maybe a friend of Alex Jones. You can read conspiracies about anything on the web. As for the document the member was talking about, this is the report from 1996.
http://groups.csail.mit.edu/mac/classes/6.805/articles/money/nsamint/nsamint.htm

In the second topic, i would say nobody here has enough knowledge to give us a proof. I don't say it's impossible Big Brothers NSA has broken already bitcoin, but if a single proof existed, it would be public all over the web

You have several inaccurate statements.

First, I have never once seen a Dev say "We don't care about privacy." However if your assertion was taken figuratively, privacy may indeed rank low on the list of Core changes because it would be a change from Satoshi's pseudo-anonymous design.

Second, no, the NSA is not "the people you should fear." There are similar agencies all over the world. There are commercial companies and operations that in my opinion, offer a greater threat. Facebook for example.

Third, there is no evidence for the assertion that "the only real privacy is a coin that has no link to NSA." How about the crypto-currency the Venezuelan government is deploying? How about a crypto by Goldman-Sachs?

These statements are wrong for important historical reasons, in which the NSA has actively worked with and assisted in better crypto. Other countries such as Russia kept their crypto secret, which meant it was not criticized, which meant it was quite easily broken. Therefore, having the NSA openly assist with crypto seems a good thing, not a bad thing.

I hope that makes sense...

Bitcoin transactions is not completely anonymous, rather a pseudo anonymous one. Personal information about the sender or receiver are kept confidential. Within every transactions, only the btc address and the amount of btc that was transferred or received can be seen, and no one knows whose the owner of that address unless someone knows your btc address. Every transactions are also listed on a ledger called blockchain and is publicized.
When talking about bitcoin bulletproof, it is a technology which is designed to enable efficient confidential transactions wherein amount that was tranferred is kept hidden. These confidential transactions contains cryptographic proof that the transaction that was made was valid.

https://news.bitcoin.com/stanfords-applied-cryptography-group-aims-to-bulletproof-bitcoin/

These are quite blunt statements without any reference to its origin. Also it is posted by a new member in the forum, where it is difficult to understand his level of reputation. Looking at his others post, there is no single reference, rude wording, and "look it up yourself". So credibility is low, very low.
I am wondering why @Danny Hamilton gave it some merits (probably to start a discussion on it, maybe I did not understand his merit policy correctly).

secp256k1
I skimmed through some older posts, which talk about security of secp256k1, and it is not recognizable, that NSA wrote the curves for bitcoin. The NIST recommends usage of secp256r1 (see the "r" for random), and NIST provides recommendations to NSA. The randomness is the factor, where people think, it is not "random" enough and includes the backdoor (implemented by the NSA). It looks like the "k1" curve has been chosen, becuase it was known, that "r1" is used by NSA. This is quite a complex theme, and these two links might provide more inside view:

https://bitcointalksearch.org/topic/is-bitcoin-v010s-new-libsecp256k1-safe-without-mathematical-backdoors-937058
https://bitcointalksearch.org/topic/why-did-bitcoin-choose-secp256k1-over-secp256r1-151120
https://bitcointalk.org/?topic=2699.0

From what I can read (or even understand), secp256k1 was used for performance reasons, knowing it will loose a bit of security.

SHA256
There is this thread (https://bitcointalksearch.org/topic/bitcoin-is-nsa-you-trust-cia-nsa-biggest-assholes-on-earth-2680267), which is also full of statements, but without any proof or link. Already the OP choose a name, which make the content doubtful, and the headline doesn't count at all for scientific proofs. It is good to start a discussion, but luckily this post remained unanswered.
This thread (https://bitcointalksearch.org/topic/has-the-nsa-already-broken-bitcoin-288545) has many links to SHA256 and NSA, but it doesn't become obvious, if there is a backdoor or not. It also looks more like speculation.
And then one can search vor NSA [secp256k1|sha256|ripemd|ECC|ECDSA] in the forum, just to find an overwhelmingly amount of non scientific comments and speculation.

This doesn't withstand scientific proofs. So I can sit more or less comfortably back, happy to know that at current point in time bitcoin is fairly secure, for the following 3 reasons:

1.) to break bitcoin, you need to crack sha256 and ripemed and ECDSA - if NSA had only one of them broken, bitcoin would be the smallest problem
2.) there is only speculation by newbies with low reputation, that NSA has hacked things. Good for bollywood movies and entertainment (and newbies), but doesn't reflect reality.
3.) Maybe there will be no mathematical proof, "only" empirical proof. A bitcoin blockchain with values in the billion dollar range gives me more trust than any centralized system that we are dependant on nowadays. It is based on hashing and signing algos, which are publicly verifiable. And you can't do this with organizations in the FIAT world...

Monero has made good strides towards proper privacy. I thought there were some lingering questions around the ring signatures, though?

Can the receiver of a private transaction prove a link to the sender? That's another biggy.

Can you elaborate what you mean?
ECDSA is maybe 25 years old and the cryptographer who offered ECDSA solution passed away years back...
And from I have read I quote: "a large number of brains have studied the possibility of designing a quantum computer to attack the security of algorithms such as RSA or ECDSA. In the case of ECDSA on 256 bits however, it seems that the laws of thermodynamics do not make it possible, in the current state of knowledge" translated from here