Bitcoin Forum
September 28, 2016, 05:05:33 PM *
News: Latest stable version of Bitcoin Core: 0.13.0 (New!) [Torrent]. Make sure you verify it.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Taking the 'pseudo' out of 'anonymous'  (Read 2312 times)
nelisky
Legendary
*
Offline Offline

Activity: 1554


View Profile
November 11, 2010, 07:38:56 PM
 #1

So the block explorer served one purpose above all others, showing what information is actually being stored.

What if I want to make it harder to trace transactions back to me, by design? Mind you, I have nothing to hide. But that doesn't mean I don't *want* to stay stealthy, and it should be our option to do so, if only for the heck of it Smiley

Ok, enough politics, not for the technical side of things; Transactions can be traced to addresses, sort of. It's hard to know which part in a transaction is a transfer, which part is change, and new addresses are always being created, but consider this:
- A sends 100 coins to B
- B sends 10 coins to C
- C sends 1 coin to A

looking at the block explorer, and assuming the wallet address that receives each transfer is the same that sends to the next hop (possible, as values are lower at each hop, thus unless there's a better match at the user's wallet, that one will be used, right?), A can see that the address used to send to B is the same C used to send to A, thus establishing a connection between B and C. That and a little googling may disclose the identities of the people involved, not to mention inbound address for C that B is using, thus (assuming C doesn't provide a different address to B each time) recurrent payments from B to C are now traceable.
And if you know that C gave you that address to pay for something morally opposable, like lawyer's fees, you will then be able to know how many coins C is receiving for such a service.

I know this scenario is kinda lame, sorry about that, but how can one avoid that without needing to do anything hard or complex?

Someone had a service for hiding transfers by proxying, delaying them and shuffling values. I think this is the answer, if we take it to the next level. A stealth proxy for bitcoin that would work close to this:

- A uses the proxy API to say "I want to send X to B".
- A receives an address Y
- A sends some value to Y, could be more, could be less multiple times
- Once enough is transfered, proxy sends to one or two new addresses internally, breaking the value in pieces with a little randomization along the way
- proxy sends X to B
- proxy sends change to A
--- and the tricky part
- after enough confirmations on both to A and to B transfers are received, proxy deletes the addresses from the wallet

If you add a 48h log rotation to /dev/null (the 48h are there to debug any real issue) and this should be completely untraceable. Another option to prevent tweaking the bitcoin client in to deleting addresses is to use a new wallet for each transaction and killing it afterwards. The hard part here is keeping a block db available to 100 bitcoin clients, but I'm sure we can think of something.

Am I forgetting anything?
1475082333
Hero Member
*
Offline Offline

Posts: 1475082333

View Profile Personal Message (Offline)

Ignore
1475082333
Reply with quote  #2

1475082333
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Bitquux
Member
**
Offline Offline

Activity: 117



View Profile
November 11, 2010, 08:04:57 PM
 #2

This has been on my mind too. I like your solution. You could even have the proxy send to multiple receive addresses in the same wallet to mix it up some more. The only real problem I see is a compromise / shakedown of the proxy server.
theymos
Administrator
Legendary
*
expert
Offline Offline

Activity: 2422


View Profile
November 11, 2010, 08:28:32 PM
 #3

- A uses the proxy API to say "I want to send X to B".
- A receives an address Y
- A sends some value to Y, could be more, could be less multiple times
- Once enough is transfered, proxy sends to one or two new addresses internally, breaking the value in pieces with a little randomization along the way
- proxy sends X to B
- proxy sends change to A
--- and the tricky part
- after enough confirmations on both to A and to B transfers are received, proxy deletes the addresses from the wallet

This prevents casual spying, but there would still be a connection between A and B. If an attacker was really serious about seeing where A was spending his coins, they would follow the transactions down to the the first known identity. If this is B, then they can force him to reveal who he received coins from at that address. They then either find A or find a closer person who they can question.

This simple mixing can be done without a third-party by creating some new addresses on your machine and doing the mixing yourself.

If the proxy has many customers and is careful not to give coins back to the customer who sent them, then you have a true "Bitcoin proxy" that can't be bypassed without compromising the proxy.

Relevant:
http://bitcointalk.org/index.php?topic=241.0
http://www.bitcoin.org/wiki/doku.php?id=anonymity

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
nelisky
Legendary
*
Offline Offline

Activity: 1554


View Profile
November 11, 2010, 08:41:05 PM
 #4

This prevents casual spying, but there would still be a connection between A and B. If an attacker was really serious about seeing where A was spending his coins, they would follow the transactions down to the the first known identity. If this is B, then they can force him to reveal who he received coins from at that address. They then either find A or find a closer person who they can question.

This simple mixing can be done without a third-party by creating some new addresses on your machine and doing the mixing yourself.


- Once enough is transfered, proxy sends to one or two new addresses internally, breaking the value in pieces with a little randomization along the way

This step actually does the disconnection. I am assuming the send address, as values differ the addresses used for sending should be different from the ones used for receiving. Did I understand this wrong?

And yes, a user can carefully do this without a proxy, but we know how many will do that...
theymos
Administrator
Legendary
*
expert
Offline Offline

Activity: 2422


View Profile
November 11, 2010, 08:51:44 PM
 #5

This step actually does the disconnection. I am assuming the send address, as values differ the addresses used for sending should be different from the ones used for receiving. Did I understand this wrong?

And yes, a user can carefully do this without a proxy, but we know how many will do that...

You can see him send the BTC to internal addresses. Someone looking at the block chain will see A send to Y, Y send to a few addresses, and all of those addresses send to the destination. You can only completely remove identities from transaction histories if you use someone else's coins: A sends to Y, and some other address sends to the destination using coins not gotten from A.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
ShadowOfHarbringer
Legendary
*
Offline Offline

Activity: 1470


Bringing Legendary Har® to you since 1952


View Profile
November 11, 2010, 10:18:01 PM
 #6

This step actually does the disconnection. I am assuming the send address, as values differ the addresses used for sending should be different from the ones used for receiving. Did I understand this wrong?

And yes, a user can carefully do this without a proxy, but we know how many will do that...

You can see him send the BTC to internal addresses. Someone looking at the block chain will see A send to Y, Y send to a few addresses, and all of those addresses send to the destination. You can only completely remove identities from transaction histories if you use someone else's coins: A sends to Y, and some other address sends to the destination using coins not gotten from A.

I like this solution better: Just toss all the bitcoins into one bag, randomize the receivers, and send random coins to random people (but with correct amounts) while making sure the coins of A (sender) don't go to B - use coins of somebody else.

However the problem with that is that there have to be some extra coins always avaiable in the "proxy bag". So perhaps some temporary period should be applied, like 1 hours, giving the proxy time to collect right amount of coins. Or the proxy can have some extra deposited coins for this occasion.

nelisky
Legendary
*
Offline Offline

Activity: 1554


View Profile
November 11, 2010, 10:28:08 PM
 #7

This step actually does the disconnection. I am assuming the send address, as values differ the addresses used for sending should be different from the ones used for receiving. Did I understand this wrong?

And yes, a user can carefully do this without a proxy, but we know how many will do that...

You can see him send the BTC to internal addresses. Someone looking at the block chain will see A send to Y, Y send to a few addresses, and all of those addresses send to the destination. You can only completely remove identities from transaction histories if you use someone else's coins: A sends to Y, and some other address sends to the destination using coins not gotten from A.

Is this not the default behaviour? I mean, the multiple coin pockets (addresses) will not have the correct amount for the final transfer, and yes I am assuming multiple users so multiple coin owners will all get randomized. A waiting period will always exist as the internal transfers will also need at least one block to get confirmed.

But I see now that this prevents the "one wallet per transfer"... maybe one wallet per day? Just span a new bitcoin every 24h with a brand new wallet, transfer any coins still in the old one there, rinse and repeat?
Anonymous
Guest

November 12, 2010, 05:59:27 AM
 #8

Can we all send our coins to a giant bucket which then mixes them and spits them out?

Onioncoin routing lol
nelisky
Legendary
*
Offline Offline

Activity: 1554


View Profile
November 12, 2010, 12:24:23 PM
 #9

So I guess the easiest way about this is to have multiple people sending transfers through a simpler proxy that makes sure txouts are always from a different compared to txin? A simple one address black list would do, which I assume is simple enough to implement... Then, if other addresses don't have enough the txout will just wait until there is.

The only downside I see is if volume is low, transfers may take a long time to be forwarded... the proxy could probably run on a fee based structure (1 coin for 100 transfers?) and the accumulated fees are there to mitigate this?
ribuck
Donator
Legendary
*
Offline Offline

Activity: 826


View Profile
November 12, 2010, 01:43:20 PM
 #10

...Just toss all the bitcoins into one bag, randomize the receivers, and send random coins to random people (but with correct amounts) while making sure the coins of A (sender) don't go to B - use coins of somebody else.
Surely if random coins are sent to random people, it doesn't matter if the coins of A might occasionally go to B. In fact it's more random that way.
nelisky
Legendary
*
Offline Offline

Activity: 1554


View Profile
November 12, 2010, 01:48:03 PM
 #11

...Just toss all the bitcoins into one bag, randomize the receivers, and send random coins to random people (but with correct amounts) while making sure the coins of A (sender) don't go to B - use coins of somebody else.
Surely if random coins are sent to random people, it doesn't matter if the coins of A might occasionally go to B. In fact it's more random that way.

Given the huge address space involved, I don't think the fact that 'address may or may not be used' helps in confirming or negating anything. I do see an up point to NOT having the address used, though, it will simply not appear on a search for the history of the transactions, even if it appearing is always subject to plausible deniability.
FreeMoney
Legendary
*
Offline Offline

Activity: 1246


Strength in numbers


View Profile WWW
November 12, 2010, 04:24:28 PM
 #12

So I guess the easiest way about this is to have multiple people sending transfers through a simpler proxy that makes sure txouts are always from a different compared to txin? A simple one address black list would do, which I assume is simple enough to implement... Then, if other addresses don't have enough the txout will just wait until there is.

The only downside I see is if volume is low, transfers may take a long time to be forwarded... the proxy could probably run on a fee based structure (1 coin for 100 transfers?) and the accumulated fees are there to mitigate this?

Average cycle time is posted on site, you get your place in the queue by bidding, people who get in under the average time pay a little, people who get it back over the average time get paid a little for facilitating others. Operator takes a tiny cut since it's mostly automated.

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
ribuck
Donator
Legendary
*
Offline Offline

Activity: 826


View Profile
November 12, 2010, 04:58:33 PM
 #13

Operator takes a tiny cut since it's mostly automated.
Operator takes a sizeable cut and saves it in his legal defense fund.
FreeMoney
Legendary
*
Offline Offline

Activity: 1246


Strength in numbers


View Profile WWW
November 12, 2010, 06:50:39 PM
 #14

Operator takes a tiny cut since it's mostly automated.
Operator takes a sizeable cut and saves it in his legal defense fund.

It's so simple to run you should be safe even without finding a free country. There isn't even anything particularly unique about this service, its just coins in and coins out.

No one is going to pay a big cut anyway because you can do it yourself if you are careful. A small price might be paid for speed and convenience though.

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
SmokeTooMuch
Legendary
*
Offline Offline

Activity: 873


View Profile
February 27, 2011, 01:49:21 PM
 #15

This thread could become relevant: https://www.bitcoin.org/smf/index.php?topic=3927.0

Date Registered: 2009-12-10 | I'm using GPG, pm me for my public key. | Bitcoin on Reddit: https://www.reddit.com/r/btc
You like what I'm doing? Why don't you send me a coin: 17Pj8jpUgY6qTaKgiopL5U48zxU4rTrkuB
markm
Legendary
*
Offline Offline

Activity: 1722



View Profile WWW
February 27, 2011, 03:15:50 PM
 #16

Quote: "Operator takes a sizeable cut and saves it in his legal defense fund." [ sic. s/fense/fence/ ]

And the defence is what?

"I am deliberately running a bitcoin laundry, but not at all for the purpose of laundering money! My gosh are you mad, bitcoin is in no way shape or form money! ..."

Hmmm...

-MarkM-

Browser-launched Crossfire client now online (select CrossCiv server for Galactic  Milieu)
Free website hosting with PHP, MySQL etc: http://hosting.knotwork.com/
marcus_of_augustus
Legendary
*
Offline Offline

Activity: 2016



View Profile
February 27, 2011, 08:15:19 PM
 #17


Why wouldn't you have just called the service some suitably obtuse technical euphemism like

"Bitcoin transaction randomisation"?

Actually calling yourself a (bit)money laundry is asking for attention.

Hide in the geek speak and you'll be fine, the gubmint drones are clueless. The SEC was watching porn while Wall St. raped America.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!