Search on TFTC
Issue #539: CoinJoins, fidelity bonds & Bitcoin's (lack of) privacy

Issue #539: CoinJoins, fidelity bonds & Bitcoin's (lack of) privacy

Aug 1, 2019
Marty's Ƀent

Issue #539: CoinJoins, fidelity bonds & Bitcoin's (lack of) privacy

A common misconception that we've covered in this rag throughout the years in an attempt to help educate the masses is the idea that Bitcoin is a private payment network. Due to the nature of the protocol, if users are not meticulous when transacting, their transaction history is trivially trackable throughout the timechain. Enter, the CoinJoin. A clever transaction construction method devised by developer Greg Maxwell that allows multiple users to combine their payments (of equal size) into a single transaction when sending to a service or personal storage in an attempt to throw off any would-be trackers. Done enough times, CoinJoin'ing UTXOs can significantly increase one's anonymity set when transacting on the Bitcoin network.

We've touched on wallets like Samourai and Wasabi in this rag before. Both teams provide software and coordination services that allow users to easily CoinJoin their UTXOs to achieve better privacy. Another implementation that hasn't gotten as much tick in the Ƀent is JoinMarket, which enables a marketplace of "makers" and "takers" to engage in CoinJoins. Yesterday, thanks to the Bitcoin Optech newsletter, I was made aware of a new proposal for JoinMarket from Chris Belcher, fidelity bonds.

In an attempt to prevent Sybil attacks which aim to deprecate individual privacy by using a single entity to dominate CoinJoins with multiple inputs, fidelity bonds force "makers" to put skin in the game. This is achieved by creating a time-locked address with "OP_CHECKLOCKTIMEVERIFY", making it so the maker cannot move the UTXO(s) in the address for an extended period of time. This makes the cost of successfully pulling off a Sybil attack on JoinMarket's CoinJoins considerably higher as the attacker has to lock up their capital and build up a reputation. An extremely useful application of "OP_CHECKLOCKTIMEVERIFY". Especially when, as Chris points out, one considers that it makes sense for committed long-term holders to engage in this type of activity because an increased authentic anonymity set leads to increased utility which leads to increased demand and, therefore, an increase in price over time. Holders are incentivized to contribute to this model.

With that being said, as we alluded to above, makers have to be extremely meticulous when creating fidelity bonds. Making sure they properly mix the UTXOs used to secure the bond before and after it is bought and used. If a fidelity bondholder were to slip up at any point and have their privacy compromised by some endpoint while transacting, they would decrease the privacy of those that interacted in CoinJoins with them in the past. I am hopeful that better UX and design is on the way to make transacting privately more natural on Bitcoin, but as you freaks can see from the long spiel I just went on, this shit is pretty complicated at the moment. Privacy is certainly achievable, but it certainly isn't designed for a novice.

This is why I am extremely excited by the idea of something like Pay-to-EndPoint (P2EP) being enabled and then widely adopted by Bitcoin users. Something like P2EP, while certainly not perfect, would make it more realistic to "make every transaction a CoinJoin" by making sure each participant in a transaction provides an input, mixing up outputs and confusing chain analysis companies. This also protects Bitcoiners who value their privacy and, therefore, participate in CoinJoins from the lazy, fearmonger-y rote response of "You could be mixing with criminals!" that the lowly mainstream bloggers like to harp on. Seems like it would be a better overall experience for everyone involved while taking away a narrative attack vector that is always exploited by sensationalists.

Hats off to all of the teams like JoinMarket, Wasabi, and Samourai working to make Bitcoin usage more private, but it would be nice if these teams didn't have to work so hard. And more importantly, if users didn't have to work as hard.

Thanks for tuning in to this explainer/rant.

Final thought...

I think I'd like to pilot a plane one day.


Current Block Height

Current Mempool Size

Current Difficulty