There’s a common misconception among the general public that bitcoin is an inherently-anonymous currency. In fact, bitcoin offers users pseudonymity, and the privacy it offers is fragile at best. Though still masked from the average user, blockchain analysts can use powerful tools to sift through…
There’s a common misconception among the general public that bitcoin is an inherently-anonymous currency. In fact, bitcoin offers users pseudonymity, and the privacy it offers is fragile at best.
Though still masked from the average user, blockchain analysts can use powerful tools to sift through blockchain data and use it to identify the owners of particular addresses. Privacy quickly fades away once a person associates their funds with a service that requires identity verification.
That said, privacy-conscious bitcoin users have access to several tools designed to help them evade the watchful eyes of blockchain snoops. One such privacy-enhancing tool is CoinJoin, a coin-mixing method originally proposed by Gregory Maxwell.
CoinJoin allows bitcoin users to make joint payments, preventing blockchain analysts from identifying a direct link between specific inputs and outputs.
However, as CoinJoin developer Adam Gibson noted in a recent blog post, these transactions are nevertheless “unambiguously recognizable as CoinJoins” due to the metadata trail that they leave behind. In other words, blockchain analysts know that a CoinJoin transaction has occurred, but — assuming the process was executed properly — they can’t use that knowledge to spy on a particular payment.
But what if there was a way to make bitcoin transactions private by hiding them in plain sight?
Gibson, creator of CoinJoin service JoinMarket, believes this is now possible due to the activation of the Lightning Network (LN), a second-layer Bitcoin scaling solution. While traditional CoinJoin relies on “intrinsic fungibility,” his proposed system, dubbed “CoinJoinXT,” instead gives users “deniability.”
As Gibson explains, blockchain analysts rely on certain assumptions to unmask cryptocurrency users and trace payment flows. The goal for privacy-conscious bitcoin users, then, is to invalidate as all of these assumptions at once so that “no particular contiguous subset on the blockchain flags itself as being such a CoinJoinXT structure.”
This deniability is achieved by adding a new wrinkle to the standard coin-mixing process: a dual-funded LN channel, which, in his words, results in “bleed-through and amplification of off-chain privacy to on-chain” that prevents a blockchain analyst from deciphering the mixed outputs, even in the unlikely event that they manage to identify the transaction graph.
Gibson has a released a simple proof of concept demonstrating that CoinJoinXT is currently possible at a very basic level. However, he said that there is more work to be done to make it fully functional.
“Although it can be done today, there are barriers to making this work well. Ideally we’d have Schnorr key aggregation for multisig, and support for dual funded Lightning channels for the amount decorrelation trick mentioned. Without either of those, such a transaction graph on the blockchain will be somewhat identifiable,” he said, “but I still think there can be a lot of use doing it as an alternative to large sets of clearly identifiable CoinJoins.”
Featured Image from Shutterstock
Last modified: January 10, 2020 3:05 PM UTC