Crypto Privacy Part 1: Bitcoin, Tumblers, and Privacy in the Digital Age
As private enterprises gather around the tracking possibilities of pseudo-anonymous Bitcoin, the crypto community is becoming all too aware of the necessity of privacy applications. Such a need has generated bushels of altcoins each hoping to outdo the last. Much graver implications than a booming market cap, however, are at stake. A society that lacks fundamental privacy apertures is likely hurtling into an Orwellian future in which every financial transaction is also linked to any personal information.
Fortunately, two parties are offering legitimate, albeit distinct, solutions to these problems. The analysis of both Zcash and Monero’s privacy technology will ultimately lend itself to a better orientation of which emerging cryptocurrencies may be worth considering.
The first of this three-part series will first look into the shortcomings of Bitcoin’s privacy features as well as those of third-party solutions, such as tumblers.
Defining Privacy for Bitcoin: Threats, Loopholes, and Risks
In 2018, as observers have already seen from reports from Chainalysis and Elliptic, it’s no hard task to match bitcoin activity with users. Whether this is via wallet transaction, exchanges, mining pools, or gambling websites, the pioneer cryptocurrency can be followed relatively quickly via the observation of its public ledger.
As reported in 2013, a team of researchers from the University of California, San Diego, and George Mason University outlined the fact that while “the ownership of money [Bitcoin] is implicitly anonymous, its flow is globally visible.”
Looking briefly into how these observations are conducted will also provide a vector of quality for what makes an excellent privacy-centric cryptocurrency. It will become clear that the very nature of an open ledger, while initially enticing, is Bitcoin’s greatest fault regarding privacy. Philip Gradwell of Chainalysis told BTCManager that this is achieved explicitly by grouping together transactions:
“Bitcoin addresses do not have IP addresses associated with them, so we cluster based on the protocol.”
In the first, it isn’t difficult to tie an identity to a specific Bitcoin address. When buying or selling goods or services in the form of bitcoin, most of the time the user must also include some form of identification. This idea is extended magnitudes following news of exchanges and crypto services adhering to strict Know Your Customer (KYC) and Anti-Money Laundering (AML) laws. Examples include early mover ShapeShifts mandatory membership program and the withering away of anonymous bitcoin exchanges like LocalBitcoins.
This first problem is easy to mitigate, however, and makes up best practices when handling cryptocurrencies. Such methods include using new addresses each time a Bitcoin transaction is made and keeping public addresses (even those for donations) distinct from any identifying information.
Second and third-degree threats to privacy are much more difficult to evade. The nature of Bitcoin’s peer-to-peer network means that nodes which manage the accuracy of the public ledger must be in contact with each other at all times. They achieve this by joining an Internet Relay Chat (IRC) to observe the activity of similar nodes joining that channel.
A node is identified by its IP address, of which, is easily traceable. This variety of identification is accelerated as each node can also “ask” every other node about all other nodes (and, thus, IP addresses) with which it is in contact. A large network of transparency quickly develops. This network becomes an easy attack vector if bitcoin is also being held on the node in question; otherwise, it is a non-threat. Gavin Andreson once explained that:
“Unless you are very careful in the way you use Bitcoin (and you have the technical know-how to use it with other anonymizing technologies like Tor or i2p), you should assume that a persistent, motivated attacker will be able to associate your IP address with your bitcoin transactions.”
An immediate response to this lack of opacity has been the emergence of tumblers or mixers. These services allow interested parties to “clean” the identity from the cryptocurrencies in question. Services like TumbleBit, CoinMixer, and BitBlender, are perhaps the most well-known but differ in a variety of ways.
TumbleBit generates “Puzzle-Promise” and “Puzzle-Solver” protocols which, when combined via the authority of Alice and Bob, releases bitcoin in question from escrow.
Another technique often hailed as an alternative is achieved via a bundling technique called “CoinJoin.” Developed by Bitcoin core developer Gregory Maxwell in 2013, CoinJoin bunches transactions together to obfuscate the owner and receiver of specific operations.
(Source: Bitcoin Wiki)
The privacy limitations of this method revolve around the centralized nature of the service. Data about who opts-in for which transactions risk being logged and stored in one place and thus turning into an attractive honeypot to the tenacious hacker. Developments such as JoinMarket hope to absolve this risk, but traction has been limited despite its enormous potential.
In any case, both TumbleBit and CoinJoin fall short for a handful of reasons. TumbleBit requires that all users are assuming best anonymity practices. If participants are using unsafe wallets or transacting through compromised IP addresses, then the mixer will also be flawed.
CoinJoin and JoinMarket also demand greater liquidity and a higher number of participants than what has been afforded thus far to achieve its privacy goals. Ultimately, there are variables and loose ends that still exist before these options become the preference.
Before taking a deep dive into the privacy solutions offered outside of bitcoin, it should be iterated the importance of privacy in the digital age.
Privacy: Unsung and Unachieved
In 1993, a small group of science fiction writers, entrepreneurs, and technologists foresaw the Internet’s future for the world at large. This included Eric Hughes, John Gilmore, and the late Timothy C. May. Even before the rise and rise of massive Internet tech conglomerates, these three and a reported twenty others began imagining the specter haunting the modern world, “the specter of crypto anarchy.”
The idea behind the manifesto was to respond to the opportunities unsung of a hyper-connected world. The societal effects of such a leap at that time rarely included the necessity for privacy in such an environment. In many ways, these warnings fell on deaf ears and in there place emerged the near-Orwellian techno-state into which we are stepping. The Crypto Anarchist Manifesto reads:
“Just as the technology of printing altered and reduced the power of medieval guilds and the social power structure, so too will cryptologic methods fundamentally alter the nature of corporations and of government interference in economic transactions.”
Fortunately, the folly of Google and Facebook has been the best lesson. Incessant data breaches and the leaking of sensitive data has worked better than any manifesto to bring the importance of online privacy to the mainstream. The power of the Internet has also triggered numerous states to react aggressively to control its border breaking ability.
China, for instance, is applying a similar pressure on the economic freedoms engendered from Bitcoin. In any part of the world, the rise of cryptographic assets has given citizens a second chance to capture what was missed during the arrival of the Internet. In the upcoming articles, an investigation into two privacy-focused technologies will reveal why bitcoin isn’t enough if society hopes for economic freedom in the digital age.