What You Need to Know About the Bitcoin 'Privacy War'

What You Need to Know About the Bitcoin 'Privacy War'

If you've been anywhere near Twitter recently you might have noticed Bitcoiners furiously debating Bitcoin privacy ins and outs. This feud has colloquially become known as the Bitcoin "privacy war."

Bitcoin isn't private by default. Because Bitcoin's transaction history is open for the world to see, users need to take the time to learn and use certain tools and wallets, if they want to fully privatize their Bitcoin.

Two of the most popular wallets out there today that make it easy for users to shield transactions include Wasabi Wallet (run by the company zkSNACKs) and Samourai Wallet. The teams have been at each other's throats for years due to philosophical differences in opinion about the best way to preserve Bitcoin privacy.

The latest round of debate started last week when Bitcoin hardware wallet Trezor announced it had partnered with Wasabi Wallet to allow an easy way for Trezor users to privatize their Bitcoin stash. Samourai Wallet advocates took aim because they criticized zkSNACKs' decision to blacklist transactions, causing the debate to flare up yet again.

Though much of the debate has devolved into mudslinging, it does surface important points. The so-called war sheds light on how complicated Bitcoin privacy is and many of the tradeoffs users need to consider when choosing a particular wallet.

Wasabi censorship

Wasabi Wallet and Samourai Wallet both rely on a privacy technique called a CoinJoin, where many Bitcoin users join together to create one big transaction. Jumbling the transactions together like this makes it unclear to any onlookers which user owns which Bitcoin.

The years-long feud between builders of the two wallets has taken different forms over the years. Most recently, Samourai Wallet supporters' main criticism of Wasabi Wallet is that last year Wasabi announced that the wallet's coordinator (run by zkSNACKs) would begin blacklisting certain Bitcoin transactions, not allowing them to be used in each CoinJoin, citing undisclosed “legal and regulatory” reasons.

Story continues

Wasabi admitted the decision was ultimately "undesirable," but argued that it was the best path forward for keeping zkSNACKs going, and thus successfully help as many users as possible to shield their Bitcoin. "[Blacklisting] is a small price to pay for the future of Bitcoin's privacy," the Wasabi Wallet said in a statement at the time.

But Samourai Wallet proponents see the decision as a betrayal of Bitcoin's ethos of censorship-resistance. "Once they crossed that red line the debate ended for me,” pseudonymous Samourai Wallet co-creator SW told Decrypt. “Our very existence derives from our desire to systematically dismantle every heuristic that chain surveillance firms rely on. To consort with your sworn adversary is unthinkable," he said.

He added that zkSNACKs was never explicitly asked by regulators to blacklist transactions, but they did so anyway. "By normalizing the incursion of chain surveillance into the realm of non-custodial bitcoin wallet software we are allowing an unthinkable ceding of territory without any justification whatsoever. No regulatory requirement, no legislative demand, nothing," he said.

Pseudonymous privacy and security researcher L0la L33tz noted that blacklisting transactions does not hinder Wasabi Wallet users' privacy.

Still, she agrees that blacklisting transactions could be a slippery slope. "Is a future in which we can only enact our right to privacy at the whim of third parties desirable? In my opinion, [EFF founder and privacy activist] John Perry Barlow put this best: “You cannot separate the air that chokes from the air upon which wings beat,'" she said.

Complicating matters, L0la L33tz also pointed out that users often conflate Wasabi Wallet with zkSNACKS, the company behind Wasabi Wallet, which is responsible for coordinating CoinJoins between users.

Wasabi Wallet gives users the option to use a different coordinator if they wish. Someone in the community could hypothetically set up another competing coordinator that does not blacklist transactions. Though, zkSNACKS admittedly operates the most liquid coordinator at the moment.

Samourai privacy concerns

On the other hand, critics of Samourai Wallet argue that the wallet's default settings don't protect user privacy well enough.

L0la L33tz calls Samourai Wallet's design decisions "questionable." For one, in Samourai Wallet, running the privacy-preserving tool Tor is not a default option. Rather, users need to flip a switch to use Tor​​—and therefore hide their IP address, which can be tied to a person's identity. If users forget or don't realize they need to flip this setting on, they could expose their IP addresses with Samourai Wallet.

The second decision she and other Samourai detractors criticize is that users need to run their own Bitcoin node in order to preserve the privacy of their Bitcoin, something many Bitcoin users don't do. If users don't run their own Bitcoin node, they share their "xpub" with Samourai Wallet, which exposes information about a user and which coins they own.

"It can’t be independently verified how many users run their own nodes for [Samourai Wallet], putting even those running their own nodes at risk of deanonymization through [Samourai Wallet] via exclusion," L0la L33tz said.

Meanwhile, Wasabi Wallet does not allow the option to track any of this data. "zkSNACKs, the coordinator behind Wasabi Wallet, does not learn anything about its users via default Tor and blockfilters," L0la L33tz said.

Samourai Wallet counters that they have never complied with requests to share this data.

Wasabians contend that users need to trust Samourai Wallet not to pass on this data, which runs counter to the "don't trust, verify" philosophy of Bitcoin.

Don't trust, verify?

Yet, verifying information for yourself, rather than trusting others, is tough and boundlessly time-consuming.

L0la L33tz argues that the war "actually keeps people from learning about Bitcoin privacy and Bitcoin privacy tools. There’s lots of noise and little signal which rather leads to confusion than education."

This is a problem for all Bitcoin users, she argues, adding that it's important that enough people as possible in Bitcoin use privacy tools, to increase the "anonymity set." The more people in this "set," the more privacy each user has.

"Only with enough adoption of privacy tools can those aiming to use Bitcoin privately gain a large enough anonymity set; so, in a certain sense, this debate should be important to everyone using Bitcoin," she said.

She argues that users need better tools to help them differentiate the signal from the noise: "Users need to be able to decide for themselves which tools fit their personal threat vectors best, and the constant infighting and accusations from both projects isn’t helping users to make educated decisions.

Related news

01 June 2023
Nobody should suggest using a Raspberry Pi for running a Bitcoin node in 2023!!! \ stacker news ~bitcoin
rPi 4 are Weak, NOT cheap, Old (2019), and NOT power efficient (compared to a modern low voltage CPU) I've been testing almost every Node in a box on rPi, and all the bad experiences below did happen to me at least once. rPi were designed in and sold as cheap toys to learn and experiment on DIY project using GPIO pins. They need assembly, heatsinks, screwing fans, plugging cables to the right PIN, ect ect. Come with cheap unpredictable fans that often don't last. The 5v3A power supply that comes with it most of the time is cheap and breaks. rPi only takes in 5 volts over that USB-C, some high quality power supply delivers ~4.9v and will trigger under voltage instability and throttling. Most newer, high quality power supply WILL NOT WORK, as they will try to jump up the voltage to 9, 12 or 20v instead of staying on 5v 5 volts mean that a high quality USB cable of relatively short length is required to make sure there are no voltage drop on that low voltage line. It's near impossible to find a charger that is above 2 AMP while the rPi needs 3A depending on the attached storage. Installing the OS on an SD card will lead to more corruption if the power is lost to the rPI The SD card has low and unpredictable write count. The SD card will become read only after a while. There is no way to attach HDD storage without a extra active USB to SATA adapter. This USB adapter is unpredictable and unreliable, might break on you, Might only work at USB 2.0 Speed No way to install the hard drive in a clean way, Most of the time the drive is left dangling on it's cable or is being taped to the bottom of the the rPi casing. The USB to SATA interface is slower than direct NVME or SATA connection. Being digitally sovereign is not ONLY about running a Bitcoin node to verify your transactions. Doing ANYTHING more than running a Bitcoin Core and a light electrum server (electrs) to verify only a small personal wallet will tax your rPi beyond it's limit. For about 100$ There are used, field test, computers that are about the same size, made of metal, 10 times more powerful, 2+ times the ram, Have ports for direct attachment of SATA and NVME drive. Wifi, Bluetooth, Have a very reliable power supply. All you might want to do it swap the HDD for a bigger 1 or 2tb one and boot from a USB stick to install a new Linux OS. The Electricity savings are ridiculously not worth it give the hassle. Each savings of 5 watts is equal to (0.005kwh) * 0.07 * 24 * 365 = $3.00 Link to Optiplex Micro search : https://www.amazon.com/s?k=optiplex+micro&s=price-asc-rank&crid=7OE2N02FZZIG&qid=1685628318&sprefix=optiplex+micro%2Caps%2C131&ref=srstprice-asc-rank [25 comments]