Reclaim your privacy now! with Wasabi Bitcoin wallet. [Promoted]

in #bitcoin6 years ago (edited)

Wasabi wallet 1.0.0 was released a few days ago on Bitcoin's whitepaper 10th anniversary (Oct 31st) now available for download at https://wasabiwallet.io/

Here's a summary from their website :

As Bitcoin is becoming more and more mainstream, its fungibility is being threatened. Powerful interests are spending immeasurable resources on mass surveillance, and Blockchain analysis companies are rapidly gaining traction. Meanwhile, privacy work on Bitcoin is also gaining momentum, but it is up to You who wins this battle.

Wasabi is an open-source, non-custodial, privacy focused Bitcoin wallet, that implements trustless coin shuffling with mathematically provable anonymity: Chaumian CoinJoin, it is the first of its kind. However, "anonymity loves company", the more users there are, the better your privacy, and the faster the CoinJoin rounds will be. Whether you are looking for state of the art operational security or you are philosophically aligned with the principles of freedom and privacy, now it is YOUR time to contribute. Fire up your Wasabi and start providing liquidity for CoinJoins to bootstrap the system!

Below is, A Technical Overview of Wasabi Wallet, Future Ideas, Plans and Strategy available at https://github.com/zkSNACKs/Meta/blob/master/README.md


Abstract

Wasabi Wallet is a privacy focused Bitcoin wallet that is based on the ZeroLink Fungibility Framework. While statistical privacy can be achieved today with it, the cost, convenience, intuitiveness and strength of this privacy can be greatly improved. Wasabi must also improve its accessibility and its general Bitcoin wallet features. Furthermore Wasabi should look into ways of extending the scope of its privacy protection to other, not closely Bitcoin related fields, such as end-to-end encrypted messaging. Finally, Wasabi also needs to concentrate on its stability, performance, UX and code quality. This document aims to outline a starting plan to progress towards these objectives.

Table Of Contents

I. Introduction
II. Stability, Performance, UX, Code Quality
III. Education
IV. Bitcoin Privacy Improvements
V. General Wallet Features
VI. Accessibility
VII. Extending the Scope of Privacy
VIII. Unique Wallet Features
IX. Conclusion

I. Introduction

Wasabi's main focuses are Bitcoin and privacy, thus section IV. Bitcoin Privacy Improvements. However, a loss of privacy in fields that are traditionally considered to be outside the scope of a Bitcoin wallet, such as sharing addresses through unsecure chat clients or checking transactions in a block explorer through the clearnet also pose privacy threats, ergo Wasabi cannot consider them entirely out of its scope, thus section VII. Extending the Scope of Privacy.
In the paper Anonymity Loves Company: Usability and the Network Effect the authors note:

We show that in anonymizing networks, even if you were smart enough and had enough time to use every system perfectly, you would nevertheless be right to choose your system based in part on its usability for other users.

Therefore Wasabi should also pay attention to fields that help to increase the number of Wasabi users, bringing greater privacy for everyone, thus sections III. Education and VI. Accessibility.

Furthermore, Wasabi is software, therefore it must not neglect general software quality issues, thus section II. Stability, Performance, UX, Code Quality. The better software Wasabi is, the more users it will retain.

Wasabi is also a Bitcoin wallet, therefore it must improve general Bitcoin wallet related features as well, thus section V. General Wallet Features.

Finally, there are development opportunities, where the developers of Wasabi recognize that they could easily add some unique wallet features that no other wallets have, like in-wallet multi-wallet support or copypaste malware defense, thus section VIII. Unique Wallet Features.

Note that the developers of Wasabi are currently occupied by section II. Stability, Performance, UX, Code Quality. This enjoys the highest priority. New issues will constantly come up as new users try to use the software. At this point it is unclear if Wasabi will ever have the resources to tackle other sections in this document.

Wasabi Wallet Under the Hood

Wasabi is an open-source, desktop Bitcoin wallet, working on Windows, Linux and OSX, written in .NET Core (C#), which is cross platform and open source .NET. Wasabi uses NBitcoin as its Bitcoin library, to which Wasabi developers are frequent contributors: @lontivero, @nopara73. Wasabi uses Avalonia library as its UI framework where Wasabi developer @danwalmsley is a maintainer.
Wasabi does not support and does not plan to support other currencies in the future.

Let's look at what is going on under the hood for Wasabi, what design decisions and tradeoffs the developers made, so we can later understand where it can be improved.

After setting up Wasabi and generating a wallet, Wasabi welcomes the user with a load wallet screen. Unlike other wallets, Wasabi has a convenient way to use multiple wallets. Privacy centric users may be already used to achieve coin separation this way. However Wasabi provides a convenient in-wallet coin separation interface too, more information will be provided about that later on. Since coin separation can be easily achieved without multiple wallet files, initially the developers did not plan for such a wallet management system, our UX design choices naturally lead us down this road.

Wasabi has a status bar that shows meta information about the state of the wallet. To better understand the architecture of the wallet it is helpful to go through them.

The "Tor" label shows the status of the Tor daemon. Tor is an anonymity network which Wasabi ships with by default and runs in the background. The user can also opt to use their own Tor instance. All communication with Wasabi's backend server goes through Tor. Wasabi also utilizes multiple Tor identities where applicable. For example, registration of coinjoin inputs and outputs is done through different Tor identities to avoid linking.

Wasabi's backend is used to facilitate Chaumian CoinJoin coordination between the mixing participants and to serve Golomb-Rice filters to the clients, similarly to BIP158. More information will be provided about the difference soon. Before that, it is worth pointing out that the design choice of building a light wallet was made because such a wallet can attract orders of magnitude more users compared to a a wallet on top of a full node, and more users means larger and faster coinjoins. Historically, all light wallets were vulnerable to some kind of network observer due to unprivate utxo fetching. A few years ago, the only type of wallet that wasn't vulnerable was a full node, like Bitcoin Core. The first iteration of Wasabi was HiddenWallet, which was a full-block SPV wallet that aimed to leverage useability without compromising privacy through the omission of initial blockchain downloading compared to a full node. In theory, it was a light wallet. In practice, it was hard to compete with Bitcoin Core's micro-optimizations and it was still painful to wait for wallet synchronization every time the wallet was opened.

Back to Wasabi. After loading the wallet the user can generate a receive address. Some important design choices were made here. First, Wasabi had to be a Segregated Witness only wallet, so the registration of unconfirmed coinjoin outputs into a new coinjoin round is done to prevent malleability attacks. However, the developers of Wasabi decided to make the wallet native segwit (bech32) only, not supporting wrapped segwit. This way, the backend server can leverage this and only generate filters regarding bech32 addresses. This makes Wasabi's filter size a few megabytes today, instead of >1GB (ToDo: insert source here, I guess Blummer Tamas came up with this number an posted to the dev mailing list.) At first glance, this may be seen as hazardous to privacy, however Wasabi user utxos can be identified as Wasabi utxos by the huge coinjoins that only Wasabi does anyway, so no additional privacy loss happens there. In the future, as more and more wallets adopt bech32, Wasabi developers will have to look at how to scale the performance and network usage of the wallet. Failing that, Wasabi's initial sync will slow down.

Wasabi also maintains a connection to the Bitcoin P2P network. After Wasabi receives the filters from the backend, it can download the required blocks (there are false positives, too) one block from one peer. This does not currently happen over Tor since the NBitcoin library we use to do the job does not support Tor yet. Sensitive information leak is already unlikely here, as the only information a node can learn is that "one wallet may (false positive) have a transaction in one block that someone fetched from me." Wasabi then stores the block in its entirety on disk so it won't fetch it again. A possible privacy leak can happen if a wallet is being recovered, so more work on Tor support is required in the future. Furthermore, storing blocks on the disk may take up too much space when the wallet is used extensively. There is room for improvement there as well.

Wasabi receives incoming transactions from the nodes it is connected to. This is, while privacy preserving, a relatively insecure way of handling this, and should be improved in the future. Generally, unconfirmed transactions are considered to be insecure regardless.

Unlike in other Bitcoin wallets, generating a label for each Bitcoin address is not optional, but required. That is because Wasabi has an intra-wallet blockchain analysis tool built into it, which tries to cluster utxos (Wasabi calls them coins). Based on these clusters, the user can make an educated decision on which coins to merge.

Wasabi also has a History tab like any other Bitcoin wallet.

Unlike other Bitcoin wallets, the user cannot spend from Wasabi without selecting coins, since "Coin Control Is Must Learn If You Care About Your Privacy In Bitcoin", at least for today. The label field of the Send tab is also compulsory.

By clicking on the Max button, one can spend all selected coins. Spending whole coins is beneficial to privacy.
The Bitcoin fee rates are fetched from the backend server, the source of these fees are Bitcoin Core's estimatesmartfee's CONSERVATIVE output. Every fee query happens over Tor with a new Tor identity. When clicking send, the wallet will broadcast the transaction to the Backend over Tor. This is sub-optimal, but because there's no Tor support for NBitcoin yet, broadcasting transaction P2P over the clearnet would be more dangerous. While NBitcoin P2P Tor support should be an interest of future work, it is a smarter long-term objective to implement Dandelion from a broadcasting point of view when the Bitcoin network adopts it.

Coins in Wasabi have Privacy and History properties. The anonymity set is just a momentary estimation, however, by examining the mixes and other people's transactions we will be able to show accurate values. The History is the calculated clusters from the labels based on typical Blockchain analysis heuristics. For example, if the user joins together a "foo" labeled coin with a "bar" labeled coin at sending, then the change coin history will show "change of (foo), change of (bar)". From this, users are able to make educated decisions as to which coins not to join together at any cost. Human input is invaluable.

Wasabi has a CoinJoin tab as well, its use is straightforward. The user queues their coins for coinjoin and waits for others to join the mix.

If the user does not wish to proceed, they can dequeue their coins.

After a mix has successfully executed, the resulting CoinJoin transaction will look like the following (real example): https://www.smartbit.com.au/tx/a0855875fd3d19522568ad673e4b52e11691d837021d74eef0d177f9e0950bf2

Wasabi also has a Tor website where one can see real time statistics about the mixes: http://wasabiukrxmkdgve5kynjztuovbg43uxcbcxn6y2okcrsg7gb6jdmbad.onion/

The above number means that Wasabi's coinjoins have created >102 BTC outputs with equal value.

II. Stability, Performance, UX, Code Quality

As was discussed above, the main priority of Wasabi developers is currently the stability, performance, code quality and user experience of Wasabi. Great care must be taken here because the more users a network reliant privacy software has, the better privacy it offers. The more users there are, the better the software is. In Wasabi, this is most apparent during CoinJoins. The more users participating in a round, the higher the anonymity set the CoinJoin achieves and the more frequent the rounds will be. In our calculations, if Wasabi would acquire the volume of the most popular Bitcoin mixers, Wasabi could provide a 100 anonymity set round with the denomination of 0.1 BTC every 3 to 5 minutes.
This section consists of many small issues, waiting to be solved one-by-one. Since solving these issues is often more effective than discussing them, they won't be extensively discussed in this document. Related issues as of 2018 October:

Trimmed
(see full document at https://github.com/zkSNACKs/Meta/blob/master/README.md)

III. Education

While education, content creation and marketing have little place in a technical document, they are still important parts of the big picture. Through education, Wasabi can obtain new users. The more Wasabi users there are, the better their privacy. Advancing this issue can take various, often opportunistic forms.

IV. Bitcoin Privacy Improvements

At the Blockchain level Wasabi currently helps its users achieve the desired level of privacy in three main ways: mixing, coin control and intra-wallet clustering.

Coin mixing happens through Chaumian CoinJoin, as described in the ZeroLink protocol. In a nutshell, Wasabi users register their transaction inputs and desired outputs with a coordinator, and the cooperation of these users results in a large coinjoin transaction. The coordinator cannot steal from, nor deanonymize the users. However, with ZeroLink, in order to statistically avoid post-mix deanonymization, coins must not be joined together. This, however, is unfeasible in practice.
Thus, various strategies are needed to mitigate this deanonymization risk.

One such strategy is Wasabi's current compulsory coin control feature. It helps the users to not join coins together and spend whole coins, but it does not force them, so it is not perfect.
Another is Wasabi's intra-wallet clustering system, where the users must use required labels. This helps the user to make an educated decision if they must join inputs together at send.
Another thing that the author of ZeroLink did not anticipate was the frequent remixing of already-mixed coins. In every round, more than half of the inputs are remixes, which not only results in perfect mixes for those inputs, but also results in anonymity set growth somewhere between the scales of addition and multiplication, instead of simple addition as the ZeroLink paper anticipated. Whether the anonymity set gain is closer to addition or multiplication depends on how other users behave. Right now, Wasabi simply counts the worst case scenario: so it shows the user addition. As of today, mixes are so interconnected that not even extensive input joining can deanonymize the users. However, this is happening in a low Bitcoin fee environment, so this is not to be taken for granted in the future. Additional measures are necessary.

The ideas described in this section are just ideas. Many of them are not compatible with each other, not proven or require further research.

It is also worth pointing out that if Confidential Transactions somehow make their way into Bitcoin, there would be no need for most of the improvements described in this section.

Mixing Improvements

Unequal Input Mixing

One of the most exciting advancements could be achieved by improving the mixing itself. The intution behind Unequal Input Mixing, (https://github.com/zkSNACKs/Meta/issues/4, https://github.com/nopara73/ZeroLink/issues/74) that could replace today's fixed denomination mixing, is clear, and its benefits are huge. However this requires further research.

The currently identified advantages of unequal input mixing compared to fixed denomination mixing are discussed briefly below, using the following notation:

UIM - Unequal Input Mixing
FDM - Fixed Denomination Mixing
  1. UIM's main goal is to optimize the cost/anonymity set.
  2. In FDM, those who don't have enough money to mix will not be able to mix. In UIM, this is no longer an issue.
  3. In FDM, peers often join together their utxos in order to reach the desired denomination. This exposes common ownership. There is no such an issue in UIM. Because of this, joining utxos together after the mix is no longer such a big deal.
  4. In UIM, mixing can be done over and over again until the desired anonymity set is reached. In FDM, mixing cannot be repeated, because the mixed output of the mix will never reach the sufficient input level of the next mix (due to network fees.) In FDM, if the user would decide to participate with an already mixed coin, they would have to add another input in order to meet the mix requirements, which exposes common ownership.
  5. People with lot of money would get matched together and would not have to wait weeks/months to mix everything out.

Mix to Self vs Mixing to Others

Mix to Others (https://github.com/zkSNACKs/Meta/issues/6, https://github.com/nopara73/ZeroLink/issues/75) also has great potential, since it could completely replace Simple Send. It is, however, dubious whether there will ever be enough liquidity for this.

Simple Send Improvements

Improving simple send using current Bitcoin anonymity techniques is also an interesting topic. These do not even have to distrupt the current user workflow, they can mostly "just happen" in the background. Some additional thoughts and details on this section can be found here.

Coin Control and Privacy Feedback Improvements

Improving the user friendliness, the accuracy of coin awareness and what happens on the blockchain can be also beneficial.

Lightning Network Leverage

At this point, it is too early to start leveraging LN in a privacy oriented wallet. However, if Bitcoin is successful in the future, there will be a need to think about these questions, since blockchains don't scale.

V. General Wallet Features

Wasabi today has all the features a Bitcoin wallet needs that are not related to privacy. There may be other useful features to add, however.

VI. Accessibility

The more users use the wallet the more privacy it can provide.

Since most of the world does not speak English, localization (https://github.com/zkSNACKs/Meta/issues/22) of Wasabi is something to consider.

Wasabi, in theory could use P2SH over P2WPKH, wrapped segwit addresses, (https://github.com/zkSNACKs/Meta/issues/7) since the ability to spend to bech32 addresses is not quite there yet. On the other hand, this could be considered a backward-looking short-sighted improvement.

In theory, Wasabi could support smart phones (Android, iOS). In practice, these platforms and their tools are not mature enough just yet. The concept of network analysis resistant smartphone wallets are not yet proven. If we would try to port Wasabi's code today, the wallet would use too much storage space, battery and network. Another implementation issue comes from Wasabi's reliance on Tor, which adds another layer of friction. On the desktop, we were able to work around nearly all of the reliability issues of the anonymity network, but the current state of Tor on mobile platforms may pose additional challenges.
However, technology is improving quickly, thus, timing has special importance in this matter. https://github.com/zkSNACKs/Meta/issues/9

The question of a web-wallet is also something to think about. However, it may not be possible to build a network analysis resistent web wallet, nor to build a secure web wallet in general. Nevertheless this question deserves more thought. https://github.com/zkSNACKs/Meta/issues/20

Another way to improve the software is to let developers play with it through a daemon (RPC?) process. https://github.com/zkSNACKs/Meta/issues/12

VII. Extending the Scope of Privacy

Other non closely Bitcoin related features may be beneficial for the privacy of Wasabi users.

VIII. Unique Wallet Features

Unique wallet features are a set of unorganied ideas that are not closely related to privacy. These are by no means necessary for Wasabi, but what fun is there in programming if the developers are not allowed to play with their creativity once in a while?

IX. Conclusion

In this document, we gave a comprehensive overview of Wasabi Wallet. Unlike the creators of many other products, we deliberately decided to honestly and extensively describe and discuss Wasabi's shortcomings, tradeoffs and design decisions. We outlined our ideas and our future technical plans and helped the reader get familiar with our thinking process. This document can be analysed and used by anyone who would like to achieve the strongest privacy in Bitcoin today without falling prey to misinformation that is rampant in the space. Of course, it is unavoidable that the reader will still be suspectible to the authors unconscious biases, and we apologize for that in advance.


#sharingcontent

*Disclaimer: This post was heavily promoted using promotion bots. The reward shown is not reflective of the community's interest at large.

Sort:  

honestly they should just embed an app like that into all the thumbdrive secure wallet products to they can wash them and store and transfer in 1 product

old school drug dealers and illegal traders using btc will love this, the rest using zcash and other crypto (perhaps verge, dash, bitcoin private, blackball, monero, and others kinda-private ones)

When your coins are waiting to be coinjoined they the software has to be ready to sign. If it was part of a hardware wallet solution you'd have to stay next to it to authorize at the right time.

I think this is overall a cheaper and more convenient alternative to converting your BTC back and forth other privacy coins.

And why not use the benefits of both worlds? Only time will prove which of the two will give the superior results. I see it like wealth diversification. Only this time in the privacy world. Like an extra layer of protection, or security.

Posted using Partiko Android

I don't believe crypto ever will be private. You can always track where the money comes from

This post just prove otherwise.
Ever heard of zcash and monero, zksnarks and ring signatures?

They tell you that now. But will it be like that in the future? They told you bitcoin was private many years ago, right. Ever heard of cashless society to track evey move you make? ;)

How old are you, sir ?
I have heard similar opinions many times. Which makes me smile at the best. You seem to be very far from things discused in the OP

Posted using Partiko Android

How old I am? What a stupid question. I said I don't BELIEVE crypto will be private in the future. You can always track where the money came from and who bought it from what salary or whatever. The tell idiots like you that its private and you use it for 10 years like bitcoin and then they change something so that its not private anymore. But 10 years from now you are not going to care about privacy and freedom because you lost that a long time ago when government (mindcontrol) took it from you. Cashless society is one step closer to globalism and 100% slavery. You know that the government was involved in the creation of crypto?
Btw I'm old enough to know that ptivacy is a false dream. We have heard it before with BTC in 2009

It all depends on the amount of specific measures one is using to build his privacy, on his knowledge and a will to spend a certain amount of his money for that.
Crypto by default is NOT private, only certain, very few coins posibly are. BTC is not private, i never believed it. I do not need to believe, because I know exactly how does BTC works, ho blockchain works, how hashing and asymethric encryption works. And I know it from the first days i heard about them. I like these things, i learn them everyday.
Use cash, certain private coins, special soft, mixers, decentralized exchanges, VPN, TOR, SIGNAL, WIRE, specialy designed computers and phones with proprietary operating systems, get rid of ALL credit-debit cards, all free stupid social networks like FB, Instagr, Twitter, pinterest , etc-etc-etc, do use cash whereever you go and whatever you do, keep attention to privacy requirements exclusively 24/7 - and you will have it. You get what you pay - old rule is still valid. Depends also where you live.
I live in a country where people still buy homes, yahts and luxury cars with cash. Where less than 30% of population use bank payment card at least once a week. In the country which at the same time has the fastest internet in the world. But yet is probably most far away from that stupid "cashless society".

The media said that

I’m coming for you.

I hope you’re prepared.

This post has received a 6.25% upvote from @kennybrown!



Want more views to reach your posts? Try BlockGators Army Advertising Network

If you like what I do please consider delegating 100+ steempower to @kennybrown. If you would like to join you can also send 2 Steem to @kennybrown for a 30-day subscription. All revenue will be used to increase the steempower on a monthly basis.

You got a 36.10% upvote from @emperorofnaps courtesy of @steemium!

Want to promote your posts too? Send 0.05+ SBD or STEEM to @emperorofnaps to receive a share of a full upvote every 2.4 hours...Then go relax and take a nap!

Thank you so much for using our service! You were protected from massive loss up to 20%

You just received 42.66% upvote from @onlyprofitbot courtesy of @steemium!

Want to earn more with us? Our APR can reach as high as
15% or more!

More portion of profit will be given to delegators, as the SP pool grows!

Comment below or any post with "@opb !delegate [DelegationAmount]" to find out about current APR, estimated daily earnings in SBD/STEEM

You can now also make bids by commenting "@opb !vote post [BidAmount] [SBD|STEEM]" on any post without the hassle of pasting url to memo!

* Please note you do not have to key in [] for the command to work, APR can be affected by STEEM prices

You got a 36.00% upvote from @dailyupvotes courtesy of @steemium!

To support this service please vote for @chitty as a witness.

You got a 10.34% upvote from @booster courtesy of @steemium!

NEW FEATURE:

You can earn a passive income from our service by delegating your stake in SteemPower to @booster. We'll be sharing 100% Liquid tokens automatically between all our delegators every time a wallet has accumulated 1K STEEM or SBD.
Quick Delegation: 1000| 2500 | 5000 | 10000 | 20000 | 50000