How private Bitcoin can be is debatable. We explain how Bitcoin users improve their privacy, introduce basic attacks on data protection and show how you can protect yourself against them – and what you can achieve with them.
By far the most important thing to stay private as a Bitcoin user is knowledge. You have to know what is transparent about Bitcoin and what is not, and how attacks on privacy work. Those who do not understand this at least in part will hardly be able to preserve their privacy. Therefore, it is important to study the topic of bitcoin from start to finish, it is just as important to follow the news on BD. Therefore we start with the essential information that a monitor can find on the blockchain:
Every Bitcoin payment goes to an address and contains a reference to the address from which it originated. The transactions leave a trail that winds its way from address to address and is exposed in the blockchain. If you always use the same address, your financial transactions are also completely transparent. As soon as someone finds out that you are the owner of this address, they’ll know all of your payments in and out, including your account balance.
Never do that. Your wallet should use a new address for each new payment to you. If your wallet doesn’t – change it. Even with trading platforms like Bitcoin.de, you can generate a new address for each deposit in order to protect your privacy. You should definitely do this as well.
This would solve the problem of different incoming payments being assigned to one address.But that’s not enough.
- Wallet Clustering
In addition to the chain from address to address, transactions can contain two other pieces of information.
First, the inputs. If the term doesn’t mean anything to you, please think of the coins and bills in your wallet. When you pay at retail, you select coins and put them together. Your wallet does the same. In doing so, however, it leaves a trace that can be misused for so-called “wallet clustering”: The two coins form the inputs of a transaction and thus reveal that they belong to the same person. If you receive money with address 1Anton and with address 1Bertha, initially nobody knows that the two addresses belong together. However, once you send the coins on both addresses in one transaction, it becomes clear that they both belong to the same person.
Second, most transactions involve change. Also clear: If you pay with a coin, it rarely pays off and you get a change at the checkout. It’s no different with Bitcoin. If your wallet uses an address that has already been used for change, it will link it to your other address. If your wallet does – change it. But even with a new address for the change, there is a risk that an analysis program will recognize which of the two payment outputs is the change. There are algorithms that try to estimate this, even if there is no complete certainty here.
If the wallet is used carelessly, this type of wallet clustering means that an observer with the right tools is able to merge a large part of the addresses you manage. We now come to the question of how to prevent this.
- Multiple Wallets
A simple way to increase your privacy is to use multiple wallet files. A wallet file stores the private keys used to sign a transaction. If you manage your keys and addresses in different files, it is not possible for the wallet to connect the coins in it.
Ideally, you use a new wallet file for each transaction. Of course, this is too cumbersome in practice, and it also suffers from the fact that not every request for payment can be settled with a single coin. But it is possible to at least reduce the size of the wallet clustering with several wallet files. You can easily use any number of files with wallets such as Bitcoin Core or Electrum. The Ledger and Trezor hardware wallets even support different wallets in one user interface. It gets more complicated on mobile devices, however, and Electrum is probably the best choice here.
- Coin Control
Most wallets select coins in a way that is supposed to be as private as possible. But this only works to a limited extent, as analysis and monitoring tools sooner or later learn how the wallets do this and orient themselves accordingly.
Ideally, you choose your coins yourself. With Bitcoin Core you can do this by activating “Coin Control” in the options, with Electrum by displaying “Coins” via the View menu. Now you can choose which coins you want to use.As long as you can make a payment with a single coin, you should do so. You can make a larger payment by sending the coins separately to an exchange to different addresses and paying them from there or by sending a sufficiently large coin from the exchange to your wallet beforehand.
That You should mark the resulting change so that you know which address it may be associated with. A little variety in the selection of coins – sometimes just above the amount, sometimes significantly above – makes it more difficult to identify the change through pattern analysis.
Coin Control is not only important because it is Allows you to individually select the coins used and avoid unwanted connections. It makes it clear what is happening in the wallet and how this affects your privacy. Accordingly, it is a shame that so few wallets support it. For mobile wallets, this is only possible with the mobile version of Electrum.
If you only take one coin at a time to pay for something, the change will make that coin smaller and smaller. As soon as you start combining change coins, this can allow conclusions to be drawn about which addresses your wallet contains. You can postpone this for a long time, but at some point there will be a lot of “dust” in your wallet, and you cannot avoid connecting it. What now?
First, you can selectively combine small coins with each other.For this it makes sense to note in your wallet where a Dust coin comes from. In the “Coin Control” menu, Bitcoin Core happily sorts the change coins under the address with which the Bitcoins were originally received, which makes dealing with dust a lot easier. You should definitely think twice about this step because there is a great risk that you will retroactively link addresses.
Second, you can use a middleman. For example, you can pay in the Dust piece by piece to an exchange with new addresses each time and then pay it out as a whole coin. The exchange knows that the dust belongs to your wallet, but there is no way for outsiders and observers who do not have a complete data comparison with the exchange to find out. Instead of exchanges, you can use any platform that offers a new address for every deposit; the more platforms you use, the more difficult it becomes to connect your addresses through the dust.
If it happens to you that someone “dusts” you, ie sends you a tiny transaction, this is usually done with the intention of spying on you. In that case, you should see to it that you get rid of the dust. This is again very easy with Bitcoin Core and Electrum: Mark the coins in the Coin tab or in the Coin Control menu and freeze them. If you use another wallet, you can import the seed into Electrum and then output the Dust individually – or specifically combined with another mini-input – or send it to nirvana.
- Mixer and CoinJoin
There is also the possibility to use instruments like Mixer or CoinJoin to anonymize coins by breaking the chain from transaction to transaction. Mixers are mostly central service platforms that operate in the gray to black area, while CoinJoin can be used locally through the Samourai wallet.
Such methods are actually great for converting Dust into larger ones Convert Coins. They merge the inputs and outputs of several users in a single, large transaction, so that you neither say who sent something to which address, nor that the inputs belong to the same wallet. Used in the right place, CoinJoin and one of its variants can make a significant contribution to preventing the wallet from being identified by clustering.
However, such methods have the disadvantage that your coins are potentially shared with others dirty coins.Exchanges could refuse to accept Bitcoins that have such a past, a “false positive” from a blockchain analyst could result in a visit from the police who will look at your wallet. Even then, if you are only using CoinJoin to legitimately protect your privacy from the intruders of the monitors, you run some risk. Whether you do this depends on your own preference and priority.
Transactions over the Lightning network are “offchain”, which means that there is no documentation of them on the blockchain. For example, you could import your Dust into a fresh Lightning node (or a Lightning wallet) and then transfer it to another wallet. You would have already solved the problem.
Most importantly, Lightning transactions prevent the problem from occurring in the first place. All coins in a wallet that you use to open payment channels are still connected to one another – and, if you use them incorrectly: also to your IP address! – but the transactions themselves are not traceable. This does not completely solve the problem of wallet clustering, but significantly reduces its damage.
Of course you can also increase your privacy with special Altcoins. There are now a number of patented altcoins that try to increase the anonymity of transactions. Important examples are Monero, Dash, Zcash or PIVX.The problem here is always the reverse conversion into bitcoins, which is desirable because the altcoins are usually less stable in value and less widely accepted.
Furthermore, you could take the same risk with such altcoins as with Mixing: You trigger a “false positive” in blockchain observers and land on a list of suspects, which only triggers surveillance measures that you would otherwise have been spared.
- Full Nodes and Tor
A topic that has hardly been addressed so far is the IP address. The blockchain has the great advantage that it does not contain any IP data, which is why there is no direct link to physical identity, such as the place of residence. However, Bitcoin users can leak their IP address at various points, and a Bitcoin observer can record it.
Electrum nodes pass their IP address on to Electrum servers, SPV nodes like Breadwallet (BRD) to other full nodes, light wallets with servers like Mycelium to the server, and also hardware wallets like Ledger and Trezor transmit their transactions via the company’s servers to the network (at least as far as I know). In each of these cases, there is a risk that the IP address will be tapped in connection with wallet data such as addresses and transactions, to a greater or lesser extent. Here, only a full node protects, which receives and forwards all network traffic, i.e. all transactions. He barely sweats out information that brings the IP address and Bitcoin addresses together.
Lightning is a special case: if you have a full-fledged Lightning node, you create your IP address AND your payment channels public. This release of information is a harsh invasion of privacy.
It is difficult to say to what extent a monitor can use it to systematically collect information.Electrum has more than 100 servers, and the client connects to a few randomly chosen ones; an SPV wallet automatically connects to eight random full nodes, and company servers such as those from Mycelium, Trezor or Ledger will not simply give out the data – if they collect it at all. Only with Lightning is it easy for a supervisor to match IP and Bitcoin addresses.
Protection against IP leaks is to connect a VPN in front of it or use Tor.
- Private enough?
It is apparently controversial to say that Bitcoin is “private enough”. Logical – how much privacy is enough is a subjective opinion, and the level of privacy Bitcoin offers obviously depends on how Bitcoin is used. Those who only use a single mobile wallet are much easier to identify and monitor than those who use wallets on different systems and decide for themselves which coins to spend on what.
Some (like Paul) say that real privacy is only feasible when everyone has them. Altcoins like Monero protect all users equally, you either get everything or nothing. Others (like me) think that it makes sense to make privacy “conditional” in the sense that, if it is important enough, criminals can still be caught by resource-intensive policing while citizens are safe from it To become a victim of mass surveillance.
Another controversial issue would be whether Bitcoin meets these requirements.In theory, yes – there are enough practices that, if followed consistently enough, will protect you from being monitored. In any case, they make mass surveillance much more difficult. In order to infer the real identity of an entity found on the blockchain – i.e. a wallet – in real time, an automatic data comparison between the supervisor and the exchange would have to be available. If this is the case, then it also applies to banks. Even in this case, Bitcoin would be a very big step forward over what is possible with established finance, as the monitors only see part of the whole and the monitored have numerous options to make it difficult for them.
More than anything, it depends on how users deal with Bitcoin. And that’s what cryptocurrency is about anyway: that you are responsible for your money in a self-determined manner.