Herman

Herman

HomeArchives

The anonymity of BTC

35
AI Translation
This post is translated from Chinese into English through AI.View Original
AI-generated summary
Common misconception: BTC is highly anonymous and can protect privacy. BTC is partially anonymous because users use pseudonyms instead of their real names on the blockchain. However, the pursuit of anonymity is ultimately for privacy protection. While BTC addresses can be used like online usernames, the transparency of the blockchain can expose the link between addresses and transactions, compromising privacy. Physical currencies like cash and gold offer better privacy protection as they do not contain personal information. Banks, if allowed to use pseudonyms for account registration, can also offer better privacy protection than BTC. The public nature of the blockchain and the ability to analyze transactions can easily reveal the link between addresses, compromising anonymity. To protect privacy, anonymity can be enhanced at the network and application layers. Using techniques like onion routing at the network layer and coin mixing at the application layer can help obscure the link between addresses and individuals. However, these methods may require centralized services, which can pose risks if the service provider is not trustworthy. Trading platforms can also offer some level of coin mixing to enhance privacy.

Common misconception: BTC is very anonymous and can protect privacy.

BTC is indeed anonymous to some extent.
Because in the blockchain ledger, you don't use your own name, but instead use a "pseudonym" to replace it.
This "pseudonym" is actually a difficult-to-remember hash address.

But we need to know what exactly we are pursuing anonymity for.
In fact, anonymity is for the purpose of protecting "privacy", so that others do not know who is associated with this name.
BTC addresses are like when we are online, we can have many accounts and use many usernames.
These usernames in BTC are actually individual addresses.
In many wallet applications, transactions are also made using different addresses, as recommended in the BTC whitepaper.
In this way, all the money is in different addresses, making it appear anonymous.
But does this kind of anonymity really protect your privacy?

Physical currencies like paper money and gold are actually the most private and anonymous.
The information printed on paper money is the face value or serial number, but it cannot contain information related to you.
Suppose you have a 100 RMB bill, and after you spend it, it goes through many hands.
The person who eventually holds the bill can hardly find any evidence that you once held this kind of bill.

If banks can use pseudonyms to register accounts, they can actually protect privacy better than BTC.
Because all your transaction records are not public, you use an account with a pseudonym, and only the bank knows how you deposit and withdraw money.
And the bank only holds your pseudonymous information. As long as I ask someone to register a bank account with a pseudonym, the bank cannot know that I am using this account, it only knows my pseudonymous information.
Of course, in reality, banks do not allow you to register with pseudonyms, and most registrations require real names. There is no such thing as privacy.

Why is BTC actually weaker in terms of "privacy protection" compared to the previous two?
The whitepaper mentions a way to protect your own security, which is to use different addresses for each transaction to prevent tracking.
Modern wallets actually come with this feature, and all the money is actually scattered into different addresses.
But one of BTC's major characteristics is that the ledger is completely public, and everyone knows it.
Every transaction recorded on the ledger leaks the connection between addresses, exposing all your transactions on the chain.

For example, there is a transaction now that transfers 8 BTC to your friend B.
Your account has UTXO records of 6 and 4, each stored in a different address.
This transaction record will look like this:
inputs: addr1(6), addr2(4)
outputs: addr3(8), addr4(2)

I can easily deduce that addr1 and addr2 are addresses held by the same person.
Because to construct a transaction, the initiator of the transaction must hold the private key to generate a signature.
The initiator of the transaction knows the private key, and this evidence can mostly prove that the addresses are held by the same person.

Through the outputs, it is also easy to determine that addr4 is the address of the same person as addr1 and addr2.
Because for change, if addr3 is the change address, there is no need to use two UTXOs, one is enough.
I can immediately deduce that addr4 and addr1, addr2 are addresses held by the same person with a high probability.

So it is not difficult to see that using multiple addresses to store BTC separately is not effective in achieving anonymity.
It is easy to analyze the UTXOs of transactions and deduce the relationship between addresses, concluding that these addresses are controlled by the same person.

On top of this, the ledger is public.
Suppose I am an online merchant and you want to buy something from me and pay with BTC.
After you pay me, you must tell me where the transaction hash is so that I can verify if the transaction has been confirmed by the nodes.
At this point, I immediately know which inputs and outputs you used.
I exclude the addresses of miners and myself, and most of the remaining addresses are likely related to you.
Then I find all the transactions related to these addresses, identify the associated addresses, and immediately know who you traded with, how much money was involved in each transaction, and how much money is left in your account.
Do you realize that your privacy is completely exposed? I can know everything as long as you have any transaction with addresses on the chain.
The "public ledger" not only fails to protect privacy but also exposes everything, leaving nothing hidden.

This kind of online transaction system is fine if it doesn't interact with the real world. You can always represent yourself with hash addresses, even if all the ledgers are known, they won't know it's you holding and operating them.
But once it interacts with the real world, it is easy to associate addresses with real-world individuals.

For example, if you use BTC to pay at a Starbucks and buy an iced Americano. I am standing behind you in line.
I know that you ordered an iced Americano, spent about how much money, and the time you spent, because I am right behind you.
Then I also buy a cup of coffee, also pay with BTC, and I can find out Starbucks' hash address (or any other method, in short, it is easy to obtain the merchant's hash address).
Then, based on the price and time, I can filter out the most likely transaction that you made and deduce several possible hash addresses.
By confirming your spending a few more times, the real-world person can immediately associate with the BTC hash address.

In fact, all online transaction systems have this common problem. Once you interact with the real world, it is easy to link you to your account.
Even banks that allow pseudonymous registration are the same.
BTC just directly exposes your spending records to everyone, while banks only know about it.

How to protect privacy#

  1. Anonymous at the network layer.
    BTC operates on the "application layer" on the "network layer" through p2p connections.
    If you really want to protect your privacy anonymously, you should start with anonymity at the "network layer".
    IP addresses are the easiest way to leak personal information. It is easy to locate where you are based on your IP address.
    So if you really need anonymity, you need to ensure anonymity at the "network layer", such as using multi-hop routing or using onion browsers.
  2. Anonymous at the application layer
    Coin mixing. Everyone's money is mixed together, and inputs and outputs are all shuffled.
    This makes it difficult to link addresses to you.
    Of course, this requires a centralized service provider to specifically provide this service and mix the money of those who need it.
    But because this service provider itself also needs to be anonymous, the risk is that if it runs away with the money halfway, you have no way to recover it.
    Exchanges can also achieve a certain level of coin mixing because all the money is mixed together.
Loading...
Ownership of this post data is guaranteed by blockchain and smart contracts to the creator alone.