Vulnerability to privacy risk by combining UTXO on multiple addresses.

[Felicity_Tide]

It is generally advised that users should always change address often so as to reduce  privacy risk, but what if such risks are still possible even when we follow this advise?. This question actually came to my mind earlier today, as I had to perform some drawings inorder to explain things to myself and also ask questions in the lower part of the post.

UTXO as we all know are like small amount of bitcoin in different portions that we can receive or spend via transaction. By spending UTXO, it is destroyed and created in another portion of amount. So the image I drew below was the best way I could interpret it to myself and to others.

Reference for a single wallet address

Reference to number 2 below

The first image is based on so many UTXOs in a single wallet address. This particular wallet address has received 3 separate transactions of 0.5BTC, 1BTC, and 3BTC. Now, here is how UTXO can work on a single wallet address assuming we are to send 0.7BTC to someone else:
1. Using a UTXO model, the UTXO 2 (1BTC) is used in performing this transaction.
2. The entire 1BTC is been spent as an input, while the two outputs are produced, which are 0.7BTC to the recipient, and 0.2BTC as change that goes back to same address (this can be found in the second image).
3.  After performing the output calculation, we realize that it doesn't amount to the initial input (1BTC) i.e 0.7+0.2 ≠ 1. well this is because the remaining 0.1BTC is assumed as the tx fees, so 0.7+0.2+0.1 = 1.

It is important to note that when a transaction wants to be performed using a UTXO model, it uses  first in, first out pattern to choose a satisfactory UTXO. Which means for every address that contains multiple UTXO, the older UTXO are used (spent) for transactions before the new ones. Though, an UTXO can be skipped if it doesn't contain the neccessary input amount to be spent.


Simplifying my questions with a diagram and example

Reference for multi addresses

The image above is slightly different from the first, as this one involves multiple address in a wallet. Here we have address 1, 2 and 3. Address 1 and 3 contains one  UTXO each of 0.05BTC and 0.9BTC, while address 2 contains two UTXO of 0.003BTC and 0.0014BTC.

Assuming we were asked to send 0.8BTC to someone using an UTXO consolidation, it is ideal for all the UTXO in all addresses to combine their UTXOs into a single input before sending. Let's assume this input(0.9544BTC) also produce two outputs of 0.1244BTC(change) and 0.8BTC(to recipient), with a tx fee of 0.03BTC.

My Question:
1. Which address will the change(0.1244BTC) be sent to ?.( Address 1,2 or 3) - I am not quite sure if the first in, first out pattern would be used in this case.
2. Could this result to privacy risk since any of these addresses belonging to a single user can possibly get involve with a cex exchange ?.
3. Is there such thing as consolidation fee ?. If Yes, how is it different from tx fee ?.


I am 100% open to correction as I still see myself as a learner. Pardon any of my error and share your personal opinion. You might want to also DOYR after reading this.

[achow101]

It is important to note that when a transaction wants to be performed using a UTXO model, it uses  first in, first out pattern to choose a satisfactory UTXO. Which means for every address that contains multiple UTXO, the older UTXO are used (spent) for transactions before the new ones. Though, an UTXO can be skipped if it doesn't contain the neccessary input amount to be spent.

It doesn't have to. The wallet creating the transaction can choose whatever inputs it wants to use. Oldest first is an okay coin selection algorithm, but there's are many others which perform better, depending on the metric. Coin selection algorithms are an active area of research with many different ones being devised to optimize for some metrics, such as current fees, future fees, privacy, network health, etc.

1. Which address will the change(0.1244BTC) be sent to ?.( Address 1,2 or 3) - I am not quite sure if the first in, first out pattern would be used in this case.

Ideally none of the above. The wallet should create a new change address and send the change there. Otherwise, it's very obvious which output is change.

2. Could this result to privacy risk since any of these addresses belonging to a single user can possibly get involve with a cex exchange ?.

Yes, it's called the Common Input Heuristic. Strategies such as CoinJoin are designed to break this heuristic by having multiple people provide inputs to the transaction. If you don't want people to know that two UTXOs were owned by the same person, don't spend them in the same tx.

3. Is there such thing as consolidation fee ?. If Yes, how is it different from tx fee ?.

No. There is nothing that actually distinguishes consolidation transactions from other transactions nor some separate fee for them to pay. It's all just transaction fees. All transactions are validated in the same way, there's no special consideration for "consolidations", "regular", or anything else.

[promise444c5]

It is important to note that when a transaction wants to be performed using a UTXO model, it uses  first in, first out pattern to choose a satisfactory UTXO. Which means for every address that contains multiple UTXO, the older UTXO are used (spent) for transactions before the new ones. Though, an UTXO can be skipped if it doesn't contain the neccessary input amount

Might depend on wallet sometimes,if it's   Electrum you can place your wallet  under coin control which will allow you to choose the input to spend in a particular  transaction
I.e
If you want to spend 0.5BTC and you have  1BTC as your first input and 0.6BTC as your second input, if your wallet is under coin control  then you can select the 0.6BTC to be spent as your output

[Churchillvv]

My Question:
1. Which address will the change(0.1244BTC) be sent to ?.( Address 1,2 or 3) - I am not quite sure if the first in, first out pattern would be used in this case.

From what I have been learning in this site learn-me-a-bitcoin, You can not just open an output and spend some without spending the entire output, So basically you need to create an extra change output to send the remaining bitcoins back to yourself. So the first in and first out are not to be used.

3. Is there such thing as consolidation fee ?. If Yes, how is it different from tx fee ?.

There is no special consolidation fee, only tx fee and it covers for both combining the UTXOs and creating new outputs and also the change output.

All this are in this learn-me-a-bitcoin you visit if you mind.

[Frankolala]

You can spend from any of the output in your address as a new input. If they are all in one address, you can use coin control by freezing the outputs which you don't want to spend from and use the only the output that you want to spend from as your new input.

There is nothing like consolidation fee, the fee that you pay to make all your small output as one during consolidation is still transaction fee. This is why the best time to consolidate your transactions is when the network is not congested, and when TX fee is low, because the transaction fee is determined by how big in bytes your transaction is in the blockchain.

[nc50lc]

I am 100% open to correction as I still see myself as a learner. Pardon any of my error and share your personal opinion. You might want to also DOYR after reading this.

My only correction, rather a "note", is when learning about UTXO model and blockchain, do not include addresses in its logic since the address is only in the wallet-side.
So the article where you read "first in first out" (which isn't used in any of the wallet I know) must be applied to the UTXO where the first that's created should be the first to be spent,
not applicable to the change nor the related addresses (derived from those inputs).

My Question:
1. Which address will the change(0.1244BTC) be sent to ?.( Address 1,2 or 3) - I am not quite sure if the first in, first out pattern would be used in this case.

There's no rule in UTXO selection so any client can freely choose which to use first as long as those have larger total value than the output(s)' value.

As for the change, you should've already experienced this first-hand if you're using a "good" wallets like Bitcoin Core, Sparrow or Electrum... most self-custodial wallets do.
The change will be sent to a "change address" by default and not back to any of the address related to the inputs, unless specified not to.
And this isn't a rule either, the wallet can freely choose where to send the change.

2. Could this result to privacy risk since any of these addresses belonging to a single user can possibly get involve with a cex exchange ?.

Yes, using multiple inputs in a single transaction is a total giveaway that the address are sent by the same person.
The simple reason is: being able to sign those inputs in a single transaction tells that the private keys used are contained in the same wallet or owned by a single entity.

Except in cases of "coinjoin" or similar approach which uses inputs from multiple persons to one transaction.

3. Is there such thing as consolidation fee ?. If Yes, how is it different from tx fee ?.

No, fee is just the difference of the inputs' and output's amount.

[promise444c5]

3. Is there such thing as consolidation fee ?. If Yes, how is it different from tx fee ?.

No.. just as everyone replied
[Using Transaction fee (sats/vB) as "fee")]
It just from the word "consolidation " => combine into sing)le unit
Relating it to input  it's just the combination of existing inputs into single unit,with this you won't need to worry about paying too much fee when the need arises and the fee is a little bit higher .

Generally, consolidation are done when the fee is very low, it's just a fee you  can do it when it's high but that will defeat the purpose of doing it in the first place , fine you will have a new single input...
You can check topic on consolidation of inputs https://bitcointalk.org/index.php?topic=2848987.0  started by @LoyceV

[Felicity_Tide]

~

~

~

Might depend on wallet sometimes,if it's   Electrum you can place your wallet  under coin control which will allow you to choose the input to spend in a particular  transaction

All corrections and opinions have been NOTED. Regarding coin control, I can't find the feature on the Mycelium wallet

[promise444c5]

Regarding coin control, I can't find the feature on the Mycelium wallet

Don't know about mycelium wallet, but in Electrum you should probably find the option when you right click on an input in the coin section like this



After you select it there should be an active green stretch background at the bottom showing that it's under coin control.. you can reset it if you don't want it again

[Edit]
I've been trying to help you s3arch if they have the coin control feature all I could found was this https://github.com/mycelium-com/wallet-android/issues/306... (they don't have the feature)although that was around 2016, I believe newer versions would have been released can't still affirm if they added the feature but if you want to try it you can do it on Electrum..

[DannyHamilton]

You've already got several very good answers here, but I'd like to add a few points of additional detail.

It is generally advised that users should always change address often so as to reduce  privacy risk,

No. Not "often".  EVERY TIME you receive bitcoins, it should be to a brand new address.

but what if such risks are still possible even when we follow this advise?.

They are.  The advice does not ELIMINATE the risk, but it does REDUCE the risk. There are additional steps you can take to reduce the risk even more.

It is important to note that when a transaction wants to be performed using a UTXO model, it uses  first in, first out pattern to choose a satisfactory UTXO.

Several people have already pointed out to you that this is not true. UTXO can be used in any order that works well for the goal of your transaction.

Assuming we were asked to send 0.8BTC to someone using an UTXO consolidation, it is ideal for all the UTXO in all addresses to combine their UTXOs into a single input before sending.

If transaction fees are low, and your goal is consolidation of UTXO, then yes, it might be ideal for all the UTXO to combine into a single transaction (not a single input, each UTXO is it's own separate input).

However, if your goal is privacy, then perhaps it might be better to ONLY use the 0.9 BTC UTXO as a single input all by itself. Then you could have 0.8 BTC UTXO to recipient, 0.03 BTC transaction fee, and 0.07 BTC change UTXO.

Let's assume this input(0.9544BTC)

That's not an input. That's the sum of the values of the 4 inputs in the single transaction.

1. Which address will the change(0.1244BTC) be sent to ?.( Address 1,2 or 3)

Preferably? None of them. EVERY TIME you receive bitcoins, it should be to a brand new address. If you are not going to follow that rule, then I suppose it doesn't matter, re-use whichever address you want to.

2. Could this result to privacy risk since any of these addresses belonging to a single user can possibly get involve with a cex exchange ?.

Yes.  If privacy is important and you don't want to link these UTXO together, then be more careful about how you use them.

3. Is there such thing as consolidation fee ?. If Yes, how is it different from tx fee ?.

As already explained, there is no such thing as a "consolidation fee".  However, when you combine multiple UTXO inputs in a single transaction, it does require more bytes. That means that the total transaction fee will be more than if you had not included those extra UTXO inputs, since the fee is paid per vByte.  Combining UTXO that you don't have privacy concerns about can be a good idea if the current fee rate is low, resulting in just a single UTXO to be used later when fee rate is higher. You just have to decide if the reduction in privacy is worth the savings in future fees.