Bitcoin Forum
November 02, 2024, 07:45:42 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 »
  Print  
Author Topic: [ANNOUNCE] Bitcoin Fog: Secure Bitcoin Anonymization  (Read 301535 times)
Akemashite Omedetou (OP)
Member
**
Offline Offline

Activity: 84
Merit: 13



View Profile WWW
October 27, 2011, 05:05:07 PM
Last edit: November 14, 2014, 11:08:17 PM by Akemashite Omedetou
 #1

“Bitcoin anonymization taken seriously”. (last update: 2014-11-15)
Public website with basically the same information from this thread: http://www.bitcoinfog.com
Service link (you will need tor): http://foggeddriztrcar2.onion
Twitter feed for updates: https://twitter.com/#!/@BitcoinFog

The bitcoin network might be anonymous in terms of single-handedly revealing your ip address, but the transaction history is recorded in the block chain and is publically available, which makes your anonymity very vulnerable. Once the interested parties, be it authorities or just interested researchers (http://anonymity-in-bitcoin.blogspot.com/2011/07/bitcoin-is-not-anonymous.html) have acquired any one of your addresses or transactions, they could easily track your money around the network.

And knowing your transaction history, connecting your bitcoin addresses to real you is possible, because you will at some point need to exchange your bitcoins to or from a fiat currency using a bank account number, a credit card, LR account or similar service which is much less anonymous than the bitcoin network.

We are providing a solution for this: using our service you mix up your bitcoins in our own pool with other users' bitcoins, and get paid back to other accounts from our mixed pool, which, if properly done by you can eliminate any chance of finding your payments and making it impossible to prove any connection between a deposit and a withdraw inside our service.

How Bitcoin Fog works

You register an account on our website and deposit bitcoins to the designated address. After a couple of network confirmations, your money is registered on your Fog account, and you can schedule withdrawals. Each withdrawal will be split in a random number of payouts, depending on the amount, and the relative size of each payout will be randomized as well. Even the timing of those payouts will be randomly spread out over a period of time you will specify.

Ideally you should deposit an amount of bitcoins to the Fog, wait some time (which will depend on how many users are using the service, right now in the starting phase we recommend a week) and request a withdrawal, which will not have the same amount as the original deposit, leaving some funds in the Fog.

Then you should deposit another batch of bitcoins and withdraw yet another amount, again different from the amount you have deposited. This time it can be lower than deposited, or higher, adding the funds you have left from the previous deposit. This way there is no practically reliable way to do statistical analysis on the block chain and link your deposits to your withdrawals.

“Do I get same bitcoins back or other bitcoins?”
You should understand that in bitcoin there is no “your” or “mine” bitcoins, nor are there “same” bitcoins. They are all just numbers. Whatever transaction you will get back from us will be just a number of bitcoins transferred to your address, not “marked” in any way.

A link could be made if you would get paid from the same address that you have deposited bitcoins to. This is not the case with Bitcoin Fog. The money you deposit actually stay on the random initial address we generate for you. Only when our main account is running low, do we transfer the money from your deposit address to the main pool. That way, you may get a payout from the pool, while your original money is still sitting on the random initial account, not linked to your payout anywhere in the block chain.  Since it is just a bitcoin address like any other, there is no way to even see that you have deposited money to Bitcoin Fog, and not to a random account you have generated yourself. (Until the pool runs low and transfers your original money.)

Even if you waited long enough time for your money to be transferred to the pool, there is still no reliable way to see that it was your original transfer that is the source of your payout, since it is mixed with other users' transfers.

Another thing to consider is the amount of your withdrawal. If you transfer 1.382 to us, and the next day you withdraw ~1.38 bitcoins to another account, those amounts will be visible in the block chain, and unless there were 10 other people that day that also withdrew just 1.38 bitcoins, the link between your deposit and your withdrawal will be pretty obvious. You will still have plausible deniability, since nobody else has access to our servers and can actually prove that those bitcoins came from your account, but the link will be found nevertheless.

This is why you should ideally never withdraw the same amount as you have deposited. We are already helping you to do this by transferring your money to you in multiple randomized payouts at randomized times (and optionally to different addresses), but to be sure you should withdraw to multiple addresses and different amounts than the one you have deposited. Also make sure to change your deposit address every now and then to further anonymize your payments.

Why us?
There have been a couple of similar services before, and as we see it, the problem with most of them was that they were not professional enough, not secure enough, and not taken seriously, thus becoming subjects to easy hacking and other problems. (mybitcoin, blindbitoin, etc.) We on the other hand, are here for the long run. Our team consists of professional secure web application developers with 5-10 years experience, and we have built this solution from scratch with security being our number one concern. We strive to be a mixing service that just works and does not loose it's private bitcoin keys due to poorly configured backups or because of someone hacker attacks on another sites from the same shared hosting, or because of any other silly reason.

The service is run on a dedicated server manually configured for this very purpose, which does publically connected from the internet (not needed if using Tor). Bitcoin daemon is run on another machine, and all suspicious activity is monitored and the website shuts down automatically if it even senses it is under attack. It is manually monitored and checked on a daily basis.

For security purposes, the service operates through the Tor network only. You can be sure your data is processed securely and only by our server if you use our .onion address. On the other hand, this also makes us feel more secure, knowing that we will never be found and dealt with by proper authorities. (Even if Tor network would be compromised, we have taken all the necessary precautions to still stay hidden.) This is better for you as well; while a freenet service may swear on not cooperating with authorities in case they show up at their homes, we can say with high certainty that not only will we not cooperate with any authorities, the authorities will not actually be able to show up at our doorstep, because finding a tor doorstep has proven difficult.

Are you going to run away with my money?
With a service like ours it will always be an issue of trust of course, but we can ensure you that the service will continue to operate, simply because of all the time and effort we put into building it, debugging it, setting it up at a secure location, etc., which makes it simply not worth for us to run away with a couple of hundred bitcoins which is collected at the initial phase. As the time will pass, you will see that our service will undergo changes and improvements, which someone who wanted to hit-and-run also would not do.

And once again, running through Tor makes it not likely for us to be shut down under pressure from the authorities. When in doubt about this, consider Silk Road.

Of course, we are still going to have to earn your trust. We suggest you trying the service out with small amounts, and increasing slowly as time goes.

Do you keep logs?
We keep logs for 1 week for debugging and troubleshooting purposes. After that they are automatically deleted. ALL logs are taken care of. Even the bitcoin client we use is purged every week, starting with a fresh installation of only the block chain, and importing all the addresses we need at that point automatically. That way, if you have received a payment from us a month ago, not even the address will be left on our server.

Fees and requirements:
The service takes 1%-3% (randomized for obscurity) fee on each deposit. No other fees are in place, no complex calculations based on the number of withdraws or similar.

Minimum withdrawal amount is 0.035 BTC.

We do wait for 6 network confirmations on all deposits to prevent double-spending.

Bitcoin Fog: Secure Bitcoin Anonymization

---
Creedy: Die! Die! Why won't you die?... Why won't you die?
V: Beneath this mask there is more than flesh. Beneath this mask there is an idea, Mr. Creedy, and ideas are bulletproof.
Coinabul
Hero Member
*****
Offline Offline

Activity: 588
Merit: 500


Coinabul - Gold Unbarred


View Profile WWW
October 27, 2011, 10:07:11 PM
 #2

While I question the legality of such a service, I do value the fact that in a world with an increasing amount of surveillance there are still little pockets of resistance.
I also quite like the name of the site. Good luck Smiley

Coinabul.com - Gold Unbarred
Website owners, let me put my ads on your site! PM me!
tvbcof
Legendary
*
Offline Offline

Activity: 4732
Merit: 1277


View Profile
October 27, 2011, 10:37:23 PM
 #3

How could you prove that your service is not a honeypot?

I've always felt that one of the most likely ways to be monitored up the wa-zoo was to sign up for a service which caters to privacy enthusiasts (and survives for more than a few weeks.)

sig spam anywhere and self-moderated threads on the pol&soc board are for losers.
sadpandatech
Hero Member
*****
Offline Offline

Activity: 504
Merit: 500



View Profile
October 27, 2011, 10:44:26 PM
 #4

How could you prove that your service is not a honeypot?

I've always felt that one of the most likely ways to be monitored up the wa-zoo was to sign up for a service which caters to privacy enthusiasts (and survives for more than a few weeks.)



 *thumbs up*

If you're not excited by the idea of being an early adopter 'now', then you should come back in three or four years and either tell us "Told you it'd never work!" or join what should, by then, be a much more stable and easier-to-use system.
- GA

It is being worked on by smart people.  -DamienBlack
Akemashite Omedetou (OP)
Member
**
Offline Offline

Activity: 84
Merit: 13



View Profile WWW
October 27, 2011, 11:25:17 PM
 #5

How could you prove that your service is not a honeypot?

I've always felt that one of the most likely ways to be monitored up the wa-zoo was to sign up for a service which caters to privacy enthusiasts (and survives for more than a few weeks.)


That's a difficult one, isn't it?
If you have any good ideas of how I could prove the service is not run by the government, I would like to hear them! Tongue
Everything I have is circumstantial, but here are some points:
  • The service specifically tries not to collect *any* extra information about users than what is needed. Any government-run site would probably use this chance to get as much information about users as they could.
  • They would probably not run the service in Tor network, because it is slower than a normal website and for them there would not really be any point. They would know that they will never be shut down. There are a couple of similar services out there that are not running through tor, so I don't think the community would get suspicious about yet another one.
  • Right now it doesn't seem like any existing government really has enough knowledge or will to do something like this, "play on our terms" so to speak. All I hear is French banks shutting down mt.gox accounts and American senators shitting bricks about how bitcoin is illegal and so on. They are not really in the net, for them bitcoins are just another liberty dollars or liberty reserves... Right now billions of dollars are stolen each year by means of carding, phishing, there are viruses, trojans, and other things for them to really worry about. Bitcoin just seems too small right now for any authorities to really consider seriously. They don't seem to care so much about bitcoins just yet.

The time will have to prove that of course, but Bitcoin Fog is not in any way affiliated with any government, state, authority or anything like that. We are a group of concerned individuals who saw a business opportunity and pure interest for the future of bitcoin. And, well, to be honest, we also need to anonymize some money sometimes Wink

If you are really unsure, I would suggest using multiple mixing services, for further security. With an average fee of just a couple percent that is still economically viable.

Bitcoin Fog: Secure Bitcoin Anonymization

---
Creedy: Die! Die! Why won't you die?... Why won't you die?
V: Beneath this mask there is more than flesh. Beneath this mask there is an idea, Mr. Creedy, and ideas are bulletproof.
randomguy7
Hero Member
*****
Offline Offline

Activity: 527
Merit: 500


View Profile
October 27, 2011, 11:33:11 PM
 #6

Can you add a gateway for i2p, too?
Akemashite Omedetou (OP)
Member
**
Offline Offline

Activity: 84
Merit: 13



View Profile WWW
October 27, 2011, 11:41:36 PM
 #7

Can you add a gateway for i2p, too?

We chose tor because it had a larger user base and seemed more mature by the research we have done. Plus, we have worked with it before and it was easier to keep the service secure with the technologies we already know. That said, we will certainly add support for i2p if the users want.

Does i2p have any other practical benefits over tor except for faster hidden service- lookup? (Tor's 1-2 minutes lookups for the initial connection can indeed be painful sometimes...)

Bitcoin Fog: Secure Bitcoin Anonymization

---
Creedy: Die! Die! Why won't you die?... Why won't you die?
V: Beneath this mask there is more than flesh. Beneath this mask there is an idea, Mr. Creedy, and ideas are bulletproof.
tvbcof
Legendary
*
Offline Offline

Activity: 4732
Merit: 1277


View Profile
October 27, 2011, 11:55:21 PM
 #8

How could you prove that your service is not a honeypot?

I've always felt that one of the most likely ways to be monitored up the wa-zoo was to sign up for a service which caters to privacy enthusiasts (and survives for more than a few weeks.)


That's a difficult one, isn't it?
...

Unfortunately, yes it is.  I don't really mean to piss on your cheerios (if you are indeed legit), and I probably would not have done so had the question been addressed in the OP.  I would actually really like to have such a service available but I am a deeply suspicious person by nature.

The marker along these lines which would tend to mean a lot to me would be if it were run by someone with a long history (like a decade or two) of making useful open source software and providing useful insights which are undeniably favorable to privacy advocates.

sig spam anywhere and self-moderated threads on the pol&soc board are for losers.
randomguy7
Hero Member
*****
Offline Offline

Activity: 527
Merit: 500


View Profile
October 27, 2011, 11:57:59 PM
 #9

Can you add a gateway for i2p, too?

We chose tor because it had a larger user base and seemed more mature by the research we have done. Plus, we have worked with it before and it was easier to keep the service secure with the technologies we already know. That said, we will certainly add support for i2p if the users want.

Does i2p have any other practical benefits over tor except for faster hidden service- lookup? (Tor's 1-2 minutes lookups for the initial connection can indeed be painful sometimes...)

Well I think i2p is easier to setup for the user than tor but this opinion is kinda subjective because I used almost only i2p and don't have much experience with tor.
Explodicle
Hero Member
*****
Offline Offline

Activity: 950
Merit: 1001


View Profile
October 28, 2011, 12:06:36 AM
 #10

If you're worried about honeypots, you can reduce your risk by using multiple anonymity services in series. If at least one works as advertised, you should be OK.
MysteryMiner
Legendary
*
Offline Offline

Activity: 1512
Merit: 1049


Death to enemies!


View Profile
October 28, 2011, 01:07:11 AM
 #11

Bloating the blockchain for profit of 2% of all transactions. And keeping log files for 1 week, yeah. You should be safe if using Tor to acess the site, but the site sill will have both of your adresses, from what the site recieves to what adress the site sends. Not talking about honeypot, seems more like greed to me, but who knows. Just don't associate your adress with your real life identity.

bc1q59y5jp2rrwgxuekc8kjk6s8k2es73uawprre4j
ctoon6
Sr. Member
****
Offline Offline

Activity: 350
Merit: 251



View Profile
October 28, 2011, 01:56:46 AM
 #12

use 2 or more mixing services on the tor network. yes it will cost more and add bloat, but you will be better off for it if you require anonymity.

evoorhees
Legendary
*
Offline Offline

Activity: 1008
Merit: 1023


Democracy is the original 51% attack


View Profile
October 28, 2011, 02:00:34 AM
 #13

Love this!  I don't really plan to use it but glad it is there.  OP - the writing on your site is pretty good, I like that you went into a bit of depth on some things. However, might want to check grammar/spelling a couple more times:

"We are The mixing service that will not loose it's balance because of “poorly configured backups” or because of someone hacking into another site on the same shared hosting."

Bad sentence =)

I wish you luck with this site and hope it is very profitable for you, so long as you fulfill your promises to customers. Also love the name - but you should have your logo done more professionally, it doesn't currently do justice to the great name (mostly referring to the font styling... the foggy coins are good in concept).
FreeMoney
Legendary
*
Offline Offline

Activity: 1246
Merit: 1016


Strength in numbers


View Profile WWW
October 28, 2011, 03:55:15 AM
 #14

Love this!  I don't really plan to use it but glad it is there.  OP - the writing on your site is pretty good, I like that you went into a bit of depth on some things. However, might want to check grammar/spelling a couple more times:

"We are The mixing service that will not loose it's balance because of “poorly configured backups” or because of someone hacking into another site on the same shared hosting."

Bad sentence =)

I wish you luck with this site and hope it is very profitable for you, so long as you fulfill your promises to customers. Also love the name - but you should have your logo done more professionally, it doesn't currently do justice to the great name (mostly referring to the font styling... the foggy coins are good in concept).

Yeah, gl OP.

I agree about text, make it different (haha, helpful I know). Maybe put it above the coins and have the fog that covers the coins billowing out from below the text.

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
hashcoin
Full Member
***
Offline Offline

Activity: 372
Merit: 114


View Profile
October 28, 2011, 06:30:18 AM
 #15

anything that requires trusting you is stupid and hopefully people will realize this.  see this post for the correct way to do these things:

https://bitcointalk.org/index.php?topic=12751.msg315793#msg315793

Short summary: Have a bunch of people connect to some network.  They pair off and form transactions with 2 inputs, 2 outputs, where the outputs are fresh addresses, one for each person, and thus noone else knows which input corresponds to which output.  They both sign for their curresponding input and agree to forget about each other.  Repeat more for more security -- repeating 32 times should be sufficient.

Of course, you won't do things this way because you just want to make money and in a decentralized scheme like that, noone makes money.  Participants just pay TX fee for each mix TX.
Akemashite Omedetou (OP)
Member
**
Offline Offline

Activity: 84
Merit: 13



View Profile WWW
October 28, 2011, 07:20:05 AM
 #16

Quote
Bloating the blockchain for profit of 2% of all transactions. And keeping log files for 1 week, yeah. You should be safe if using Tor to acess the site, but the site sill will have both of your adresses, from what the site recieves to what adress the site sends. Not talking about honeypot, seems more like greed to me, but who knows. Just don't associate your adress with your real life identity.

Well, any website that does any mixing will always have information about your input and your output address. Otherwise how will it transfer money to the right account?

As for logs, based on my experience with similar web applications, any website that says "we don't keep logs as all, not even for 1 second" are basically lying. What if the server crashes in a middle of a transaction? What if your server was down for hours yesterday and you don't know why? etc. etc. No good web master or programmer will have such a service running without any logs at all. That is why our policy is to be open about this, and make sure everything is deleted after one week (by making this automatic). For any reasonable debugging purposes a week of records will be more than enough, and if users are VERY concerned, they could wait for a week before using the money on the new address, knowing that now even we don't have any information about them except what is recorded in the block chain.

For 2 percent - do you think we should charge more to lessen the block chain bloating? Right now that value seems enough. As for having it free, we do indeed care for the future of bitcoins, and it feels good to be able to help the community and ourselves, but developing the solution, running the server, making changes, that all takes time and effort, which we think should be rewarded. Plus this makes sure the service will stay operational. Noone shuts down a service that is making one money.

About bloating the block chain we have actually discussed this a lot here, and it seems like "saving on transactions" is not the right way. A real solution will have to be found for this problem, and the sooner the block chain will grow to unmaintainable sizes, the faster the solution will be found, because then we will have to.

Quote
Love this!  I don't really plan to use it but glad it is there.  OP - the writing on your site is pretty good, I like that you went into a bit of depth on some things. However, might want to check grammar/spelling a couple more times:

"We are The mixing service that will not loose it's balance because of “poorly configured backups” or because of someone hacking into another site on the same shared hosting."

Bad sentence =)

I wish you luck with this site and hope it is very profitable for you, so long as you fulfill your promises to customers. Also love the name - but you should have your logo done more professionally, it doesn't currently do justice to the great name (mostly referring to the font styling... the foggy coins are good in concept).

Thank  you! It's really great to have this kind of input.

Quote
anything that requires trusting you is stupid and hopefully people will realize this.  see this post for the correct way to do these things:

https://bitcointalk.org/index.php?topic=12751.msg315793#msg315793

Short summary: Have a bunch of people connect to some network.  They pair off and form transactions with 2 inputs, 2 outputs, where the outputs are fresh addresses, one for each person, and thus noone else knows which input corresponds to which output.  They both sign for their curresponding input and agree to forget about each other.  Repeat more for more security -- repeating 32 times should be sufficient.

I have been following Blind Bitcoin project and in fact, many of the ideas in our service originated in that. (We are not however using any codebase from BB. Our solution is customly written.)
The decentralized idea is really interesting, as it is very alike the idea of bitcoin and in the end some service like this will be built. But for now, aside from the economical perspective, it has some issues which stopped us from implementing it. For example, both people must transfer the same amount for this scheme to helpful. If you are going to repeat the process 32 times, you will need 32 other people that want to anonymize the exact same amount... Also how to implement trusting of the other party, that he won't just run away with your signed bitcoins? It's possible to do this of course, but is not trivial.

Bitcoin Fog: Secure Bitcoin Anonymization

---
Creedy: Die! Die! Why won't you die?... Why won't you die?
V: Beneath this mask there is more than flesh. Beneath this mask there is an idea, Mr. Creedy, and ideas are bulletproof.
hashcoin
Full Member
***
Offline Offline

Activity: 372
Merit: 114


View Profile
October 28, 2011, 09:21:28 AM
 #17

If you are going to repeat the process 32 times, you will need 32 other people that want to anonymize the exact same amount... Also how to implement trusting of the other party, that he won't just run away with your signed bitcoins? It's possible to do this of course, but is not trivial.

There is nothing to run away with, because you both agree on a TX with two inputs and two outputs, and then sign it.  It doesn't matter who signs first: each person is signing a TX that already has both inputs, and both outputs fixed.  That is, both parties only sign transactions that have an output address they control.

Indeed, the values for both inputs/both outputs should be the same, or you have obviously leaked the mapping.  The parties that do this/the software that writes these TX would begin by breaking the input into chunks of the same size, say 10 bitcoins.  If you were concerned with spamming many TX and hence paying a fee on each chunk, parties could arrange into groups for each chunk size, maybe 10 bitcoin poor launderers, 1000 bitcoin high-rollers, and 100,000 bitcoin criminals/exchangeowners.  By doing so you are giving up privacy.  In the basic scheme, after O(log n) repetitions, an observer knows nothing more than that a particular input went to one of the n outputs of the last round, absolutely no information about which one.
theymos
Administrator
Legendary
*
Offline Offline

Activity: 5376
Merit: 13357


View Profile
November 06, 2011, 09:26:26 AM
 #18

Someone finally implemented the "easy" mixing method I described on the anonymity page!  Smiley This is the first service I know of that mixes properly.

Quote
To further anonymize your bitcoins you should change your deposit address every now and then. But don't to it while you are depositing money to the current account.

Anonymity is greatly reduced if there's more than one deposit at an address. It would be better to change it automatically as soon as a deposit is detected and not make the user deal with it.

There should be a way of deleting your account.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
Gabi
Legendary
*
Offline Offline

Activity: 1148
Merit: 1008


If you want to walk on water, get out of the boat


View Profile
November 06, 2011, 11:44:13 AM
 #19

While I question the legality of such a service, I do value the fact that in a world with an increasing amount of surveillance there are still little pockets of resistance.
I also quite like the name of the site. Good luck Smiley
Why it should be illegal? Bitcoin is just numbers, and everything is in the blockchain.

Akemashite Omedetou (OP)
Member
**
Offline Offline

Activity: 84
Merit: 13



View Profile WWW
November 06, 2011, 08:48:06 PM
 #20

Quote
There should be a way of deleting your account.
That's a great idea! This almost has-to-have feature of any anonymous service has somehow skipped our planning.
We are going to implement this in the near future (up to 1 week).

Quote
Anonymity is greatly reduced if there's more than one deposit at an address. It would be better to change it automatically as soon as a deposit is detected and not make the user deal with it.
This would work, but I worry a little about users who do not read all instructions properly/forgot instructions/similar that made two deposits to the same address. If we are going to change the deposit address automatically, every deposit after the first one, to each of addresses will be lost, because there are going to be a LOT of these addresses and we are not going to be able to keep track of all of them. Do you think that all users will be able to only keep it at max 1 transaction per address?
Maybe we could at least start by changing the text on the deposit page that it is HIGHLY RECOMMENDED to change the address after each deposit.

Quote
Why it should be illegal? Bitcoin is just numbers, and everything is in the blockchain.
Exactly. And if it was a subject of being legal/illegal, which country's law should we consider?  Wink

We have updated some information btw, some clarifications and corrections about same/different coins among other things.

Bitcoin Fog: Secure Bitcoin Anonymization

---
Creedy: Die! Die! Why won't you die?... Why won't you die?
V: Beneath this mask there is more than flesh. Beneath this mask there is an idea, Mr. Creedy, and ideas are bulletproof.
Pages: [1] 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 »
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!