Blog

The Privacy of Bitcoin

As society moves forward digitally, more and more data about you and me is being exposed on the Internet, and it is becoming a matter of life and death. The first sentence of the crypto-punk manifesto says “privacy is essential to building an open society”, so how about the privacy of Bitcoin? Here’s a discussion.

Physical and Account Segregation

Bitcoin’s privacy policy is to isolate the physical identity of the bitcoin address and the holder.

Bitcoin’s privacy strategy is very different from that of traditional financial systems. In the tenth section of the Bitcoin white paper, which is devoted to privacy, Satoshi Nakamoto mentions that the strategy of traditional institutions is to bind users’ physical identities and their accounts within the institution, and that privacy is reflected in the fact that the public is not free to access this information. Bitcoin, on the other hand, uses the opposite idea, where the public can see all transfer records, which includes information such as the bitcoin address of the sender and receiver, the amount of the transfer, etc. The privacy of bitcoin is reflected in the fact that there is no binding relationship between the address of the bitcoin and the physical identity of the address holder.

However, it is very difficult to truly separate the physical identity from the bitcoin address. Satoshi Nakamoto recommends that everyone change their bitcoin address every time they make a transaction, but does that really isolate the identity from the address?

Transactions are traceable

Bitcoin is one of the most transparent payment systems in human history, and all transaction history is kept, a quality that makes Bitcoin’s privacy and security extremely challenging.

Once exposed again stealth becomes difficult. In practice, there are many occasions where real names are involved. Real names mean that the physical identity and our address are bound, which means that the privacy of that address is exposed. And once this initial address is exposed, even if we change a new address and transfer the coins from the exposed address to the new address, the correlation between the new address and the old address will be very obvious, so the new address will have no privacy to speak of.

Another more worrying thing is that even if I follow the best practices and do not expose my privacy, if the privacy of the address I am trading with is compromised, it will be easier to find my identity information from the holder of that address.

The process of diffusion of transactions across the network may also expose privacy. After a bitcoin transaction is created, it will gradually expand from the machine where it was constructed to many computers on the network according to a peer-to-peer propagation protocol, and it’s not that easy to locate the machine from which the transaction was originally sent. However, just because it’s not easy doesn’t mean it’s impossible. If a listener listens to many nodes on the network at the same time and records the time when my transactions arrive at each node, it’s still possible to compute the location of the node that sent the transaction based on the time difference. In response, Bitcoin has also proposed an improved solution called Dandelion, but as I write this article (January 2019), this solution is still in draft stage.

In summary, Bitcoin’s privacy is not good enough to guarantee long-term privacy, even with caution.

The Solution
The cryptocurrency community has been working non-stop to gain greater privacy.

The most notable are some privacy coin projects based on zero-knowledge proofs or other tricks. For example, Zcash and Monocoin, such projects are independent blockchain projects issuing their own cryptocurrencies.

Various improvement options are also being considered within the Bitcoin community. For example, Confidential Transaction, proposed by the core development team, and Coinjoin. Mimblewimble has not yet been adopted by the Bitcoin project. But there are two independent blockchain projects that have implemented Mimblewimble: Grin and Beam.

However, Jimmy Song and others have a different view [1]. They argue that there is a certain contradiction between privacy and scarcity. For example, with blockchains like Zcash and Monroe Coin, if someone one day taps the ECC algorithm and thus forges some additional new coins, it is undetectable to others. Bitcoin, on the other hand, doesn’t have this problem because it’s transparent. Scarcity is certainly more important than privacy. A good way to solve the privacy problem is not to write it directly into Bitcoin’s core protocol. If people in the digital space in the future are trading under screen names that cannot be traced in the flesh, then it is possible to achieve privacy by directly binding screen names and and bitcoin accounts.

There are quite a few other options, so I won’t go into them all here.That’s all there is to the main body of discussion about Bitcoin privacy. To summarize, there are several key points: First, Bitcoin itself advocates ensuring user privacy by isolating physical identities and Bitcoin addresses in this way. Second, because transactions are all publicly traceable, it is difficult to actually achieve privacy through Bitcoin in practice. Finally, the community has proposed various options to enhance privacy in cryptocurrencies. Bitcoin as an underlying protocol is similar to the Internet’s IP protocol, and as more and more upper layer facilities are built in the future, it will become increasingly difficult to reach consensus to modify the protocol, also known as Protocol Ossification, and many believe that privacy is the primary protocol upgrade we need to accomplish before Ossification arrives.