The surprise here isn't that Bitcoin isn't perfectly anonymous. There are two new findings. The first is the extent to which your Bitcoin payment details get leaked to third party trackers. I've been writing about the excesses of third party tracking for years , and I'm pretty jaded, but the extent of the leaks surprised me.
The second main finding is that CoinJoin isn't enough to protect yourself. We tested this on our own transactions, but also by coming up with a way to identity essentially all existing CoinJoins on the blockchain and analyzing their anonymity.
Even if you have a 100% anonymous cryptocurrency, you are spending it on a site that has information about you and your activities on that site. If you are dealing with physical items, it has your address.
This made me curious about the feasability of an anonymous postal service. One which you pay for with x-coin, with no identity attached, and you get physical deliveries at that address (placed into a box only you can access, maybe with some sort of private key).
With the security cams and all it might be hard, but probably not impossible if enough people are using it.
The point is you can take as many precautions as you want, but you'll never attain 100% anonymity. You get diminishing returns after a while.
Definitely use an open WiFi, definitely not your local Starbucks.
What you shifting to make all that subterfuge worthwhile? Other people are likely going to be your weak link.
(By dang I of course mean https://news.ycombinator.com/user?id=dang)
Other currencies have attempted to fix this problem, such as Zcash. But I think it will be hard to escape the volumes of metadata created through transactions on merchant websites. Ultimately, your spending habits and browser cookies will say more about you than your BTC address.
There hasn't been any vulnerabilities in the code affecting anonymity. Saying there will be vulnerabilities in the future is FUD.
Trust is a personal preference, but the code is open to all to analyze.
> Saying there will be vulnerabilities in the future is FUD.
Saying there will be vulnerabilities is 99.99% likely to be true. All software written by humans is highly likely to have mistakes. Remember Heartbleed? The code was open for all to analyze and used by millions, and yet we recently found a vuln that allowed attackers to dump the entire memory of a server. Open source is no guarantee against vulnerabilities.
Default assumption should airways be that there will be vulnerabilities.
Does anyone know how to get cryptocurrency without going through this process? Is there a way just to buy cryptocurrency with a simple credit card transaction?
But anyway, it doesn't matter that your initial cryptocurrency purchase is totally not anonymous. Just use mixing services. And do that through Tor. After a couple mixes, you will have totally different Bitcoin or whatever, with no association with your initial purchase.
Alternatively you can buy btc from bitcoin ATMs (tho some but not all ask for ID) depending on where you are.
Of course, if you then want to sell those coins, to "cash out" into a fiat currency, you'll need to comply with the KYC laws.
Exchanges as entry points to the network are required to make that conection. Merchants as the paper say, do too.
If a merchant required a certain amount to complete your transaction, and that amount came from an unknown, unregistered wallet (in the sense you didn't acknowledge its ownership), would they legally be able to say it coming from you?
In the end, yes, it's a technicality, because it's difficult to enter the blockchain without leaving a trace at the fiat-border. But still...
ZCash is definitely a different tier of privacy... or it would be if they made ZCash proofs required for every transaction. But instead they made anonymous payments opt-in and therefore your privacy can be defeated by people upstream or downstream of you.
The limitation for ZCash is that shielded tx's are only 1/5th of the total number of TXs by volume, so your anonymity set is not as large as it could be.
But it's likely considerably larger than the anonymity you get by mixing < 10 TX's and then doing this repeatedly both because of intersection attacks (which the attack here is) and because of the impossibility of correctly sampling the TXs to mix with.
You could identify a dozen or a hundred different features about a transaction or the transaction graph, then run standard machine learning tools to find clusters of usage patterns. You could then probabilistically infer connections between upstream and downstream usage patterns that implicate you.
I'm not arguing against the cryptography of zcash, which is solid as far as I'm aware. But while it does such a thorough job of bolting the front door, the window is left wide open.
But do you think the fact that 1/5th of transactions are shielded actually enables more attacks on shielded TXs?
This is further hardened with RingCT
Please explain how this is undermined, using techniques applicable within the last 9 months.
And I do not agree that this makes bitcoin any less anonymous. There is still the gap between key and owner that needs to be bridged before identification can take place, and I do not believe that the word anonymous guarantees no history available, only that the history cannot be linked to a person. By definition, I mean to say.
I would compare this to a headline titled "bitcoin is less secure" because of the Mt.Gox hack. Similarly not the fault of bitcoin.
But yes, if you don't compartmentalize like that, everything is linked.
In a sense it's similar to talking on the phone and being recorded by a security camera. If anyone thought that using Bitcoin or any cryptocurrency for purchases magically hides any side-channel privacy leaks, I would say it's lack of (self-)education.
The reality is with such influx of users in the space and countless of Youtube etc. channels educating without actually doing research and spreading wrong facts we have some poor level of intro-education for new people. But that happens to any new system getting mass attention.
The important thing to remember is that all transactions are public and that any linking of a single transaction will allow someone to link all other purchases / receipts with that address.
At best bitcoin is pseudo anonymous.
He was convinced it was anonymous. I attempted to bring up some points to convince him otherwise but found it to be a rather short conversation.
So, you may be as surprised as I was that it's relatively uncommon knowledge, even for intelligent and diligent technical folks, that Bitcoin != anonymous.
The problem is with the endpoint - the person or business you are transacting with (or the technologies they use for the interaction).
This problem will exist with any cryptocurrency if the endpoints still operate the same.
The distinction is important because conflating privacy in general (and pseudonymity in particular) with anonymity is one way people get into trouble.