Bitcoin Forum

Hey everybody,

Preamble
I have written a simple coinjoin client which does peer-discovery via a central server (my own) and speaks with bitcoin-qt/bitcoind over RPC to construct transactions. The server opens a join session as soon as it receives an unsigned transaction. Then over the next 20 minutes it accepts more unsigned transactions, then closes the join session. At that point all the transactions are merged, the merged transaction is passed back to the clients, and they submit signatures. When all the signatures are in, the merged transaction is submitted to the network.

(If you don't use bitcoin-qt, it is possible to give txids and privkeys directly to the client, so our brainwallet-using friends are supported.)

Downloads
The download links are:
Source: https://github.com/apoelstra/cj-client
Windows binary: https://wpsoftware.net/coinjoin/dload/cj-windows.zip

More information, as well as a link to the web interface (for those who would rather deal with raw transactions than use a point-and-click client) is available at https://wpsoftware.net/coinjoin/client.php

When do the joins happen?

You can use the joiner any time. However, to get people on the same page during these early days of few users, we will have scheduled joins starting at 7PM PST and 7PM GMT on Monday, Thursday and Saturday. The recommended output size for these scheduled joins will be 0.5 BTC.

How do I use it?

First, start bitcoin-qt with the -server option. I think on Windows you can do this by Right-clicking on the program icon and going into `Properties'.

Even if you do not use bitcoin-qt, you will need bitcoin-qt or bitcoind to be running in other to do the transaction construction. I'm sorry for the inconvenience.

Next, start the joiner. It will communicate with bitcoin-qt to get a list of your coins. Choose the ones you want to join, and a target output size. When you are satisfied, click "View Transaction" to see the transaction that will get joined. You will see the inputs you selected, and several output addresses. These are new output addresses given to the joiner by bitcoin-qt.

(If you'd rather specify output addresses manually, click Advanced->Add Outputs... and type them in.)

If you are happy with this transaction, click 'Submit Transaction'. After a minute or so, the client will ask for your wallet passphrase. This is needed so that the client can sign the joined transaction. (The passphrase will not be sent over the network under any circumstances.)

That's it! Leave the client running, and when the session ends, it will sign a merged transaction and submit it to the network.
Good luck!

I should probably add a link to the original thread in which gmaxwell explains the justification and technical details of coinjoin: https://bitcointalk.org/index.php?topic=279249.0

Note that the centralization here is of a fairly benign sort: by being the server operator I know the original input transactions and can in principle publish these to undo the privacy-enhancing effects of the join. But then you are reduced to the position you were in just by using ordinary transactions. So there is no harm. (Also you have my word that I will not publish any of the original transactions I have access to.) In particular, my server never sees any private keys or anything, and has no ability to steal money.

Further, the client does many checks for funny business on the part of the server or other participants, and refuses to sign any transaction which spends money it is not authorized to. So not only is the server unable to spend your money, it is unable to trick you into doing so.

I hope this alleviates some of the concerns and confusion I have seen about this on IRC.

This will be the only time that I bump my thread. If people are not interested I suppose they are not interested.

I'd wait for a decentralized implementation myself for serious transactions but any tinkering that works toward more functional privacy is worthwhile in my book. Good work! I hope people join your joins.

Nice work!

/me is watching this.

Interesting!
If somebody is interested, could the source perhaps be adapted to use BitMessage instead of a centralized server?

For example:
- User sends message with requested CoinJoin transaction to a BitMessage channel or mailing list
- Others that are listening to the list and willing to join the transaction

This way, the IP address wouldn't be releaved.

Line 10910 is:


Do I need a newer version of something?

Thanks dserrano5, I see the error too on my old computer. I'll look into it, it's silly to require new dev tools for something this simple.

In the meantime you can find the line
in configure.ac and comment it out by prefixing with #.

Given the recent debacle about that 'StealthBit' trojan, please sign your code with your PGP key. Git now has per-commit signatures, which is what I recommend: git commit -S

I notice your PGP key, 0x7ad0a91c40bd0091, isn't in the web-of-trust, but signing the code is at least a good start.

dserrano5, I have fixed the autotools files in git HEAD. It should build now without any hackery.

Peter Todd, very good advice. I'll bug you on IRC if I have any trouble with this, and see if I can find my way into the wot.

Edit:
For web-of-trust purposes, here is a signed PGP statement:
It is also available on my website here: https://www.wpsoftware.net/andrew/pgp-statement.asc

I will tag the latest cj-client HEAD with this signature shortly.

Edit2: On github there should now be a tag "v0.1" which matches the commit in which I fixed the autotools stuff.

Bump.

Is anyone using this? Could we schedule a join today or tomorrow at 19:00 GMT? (just proposing something, not that I have an interest in mixing my funds right now).