Writeups of my Mempool Observations

[TheArchaeologist]

Thanks for sharing. Enjoyed this very thorough write-up

Keep up the good work

[TheArchaeologist]

I finally came around to finish the Blockchaincom wallet write-up.

The Blockchaincom wallets follow the feerate recommendations of the Blockchaincom API closely (or over/underpay by a fixed percentage due to bugs in the wallets). This allows to identify a majority of the Blockchaincom transactions by combining the fingerprint and the feerate recommendation. I still believe the reported network share of one-third of all transactions is reasonably accurate.

The full article is here:

Following the Blockchain.com feerate recommendations - Wallet fingerprinting nearly a third of all Bitcoin transactions - https://b10c.me/mempool-observations/3-blockchaincom-recommendations/

Feedback, ideas, and potential future topics to add to my already long list are welcome. However, I'll be busy with other things in the coming weeks.

As said in your article the ability to deduct the wallet used for a specific transaction is a data leak. However I also think that if a third of the transactions is using the same Blockchain.com feerate API also centralization is an issue. As user of this wallet you have to trust the estimated fee to be correct. If Blokchain.com or a third party would manipulate the outcome of this API than almost a third of all on-chain transactions could be tampered with.

[0xB10C]

If Blokchain.com or a third party would manipulate the outcome of this API than almost a third of all on-chain transactions could be tampered with.

That's an interesting thought...
In theory, somebody controlling the feerate recommendations could collude with multiple miners and share the additional fee revenue. Thousands of transactions paying a higher feerate would affect other feerate estimators, for example, Bitcoin Core's estimator as well. This would increase the potential revenue even more.   

[gmaxwell]

As said in your article the ability to deduct the wallet used for a specific transaction is a data leak. However I also think that if a third of the transactions is using the same Blockchain.com feerate API also centralization is an issue. As user of this wallet you have to trust the estimated fee to be correct. If Blokchain.com or a third party would manipulate the outcome of this API than almost a third of all on-chain transactions could be tampered with.

I don't think it's *that* concerning. If they set the feerate to zero the txn won't confirm.. but they could also just take their service down.

If they set the feerate very high-- well in most cases they could just substitute the JS/app or guess the user's usually-weak password and simply take their coins directly.

Thousands of transactions paying a higher feerate would affect other feerate estimators, for example, Bitcoin Core's estimator as well. This would increase the potential revenue even more.    

Not by much: only to the extent that they increased the fee of transactions that weren't making it into blocks.

E.g. Say you add 1MW/block of transactions paying 0.001 BTC / WU in fees -- this would have the same effect on Core's estimator as if you added 1MW/block of txn paying 0.1 BTC/ WU in fees.  All that matters is that they were high enough to push things out... it's the feerate of the things that were actually delayed (and which were later confirmed) which drive the estimator.

It appears to me that they already bid pretty high too, enough that increasing their high fee would have no effect on what bitcoin-qt pays, and increasing their low fee would do no more than switching their users all from low to high would.