 |
October 21, 2013, 07:03:32 PM
Last edit: October 21, 2013, 07:28:07 PM by etotheipi |
|
Consider a government that is trying to reduce the privacy of the network as a whole. They have observed 10,000 different transactions. Of those 10,000, they know some of them are drug deals, some are suspected money laundering, some are political contributions, and some of them are withdrawals or deposits made to exchanges accounts for which they know the identities. The point is, they know the identities of a few points on this web of 10k transactions, and they know the nature of some of the other transcations, but they are working with a very incomplete set of information.
Let's say you execute both tx A (a deposit to a coinbase account), and tx B (an "anonymous" political donation). The government knows that you are responsible for tx A, since Coinbase had to follow AML/KYC rules and has your identity. Or tx A was a purchase you made on some website where the government saw that you purchased some alpaca socks for 1 BTC (a lot of socks). But since you never re-use addresses, they don't know that tx B was executed by you, they only know that the address is a donation address that has received multiple donations.
But now the entity/gov't dust-spams all the input addresses of all these transactions. There's a chance, on your next transaction, that your wallet will try to clean up the dust, and put all of it into a single transaction to aggregate it. However, by doing so, it is including dust from input addresses from tx A and input addresses from tx B, which makes it immediately obvious that both addresses are owned by the same person, and thus the same person who owns the coinbase account also was the payer of tx B. They have now linked together identities that were not otherwise linked. And it was totally unknown to you, because the wallet needs to handle dust, change and coin-selection totally transparently to the user.
It doesn't have to be a government. There are other ways this can be used to compromise privacy. In all instances, it has to do with the dust spam being "cleaned up" by the wallet, and leaking information in form of linking addresses that otherwise would not have been linked. Theoretically, a critical mass of CoinJoin transactions will reduce the strength of those linkages, but it probably it will still "suggest" linkages that might otherwise not have been made.
Expert users who understand this might want the ability to blacklist dust that is of unknown origin. The wallet might even do this automatically, if it has a reliable set of rules to follow. For instance, Armory only bundles in extra dust if doing so wouldn't reduce the privacy of a transaction. But sometimes it's unavoidable to include that dust: say you sweep your wallet to a new wallet/address. And you can't even dump all the dust without linking all the dust addresses together. Given that they are worth effectively nothing, the best thing to do might be to ignore/blacklist it.
Of course, we'd like it if the dust didn't just atrophy the network. But for the super-paranoid folks, there may be no other option.
|
