My noob questions

[Folio]

So regarding the hack on twitter, what exactly happened in this transaction?




1 is the address of the sender, right?
2 is the address of the receiver, right?

So what are those other addresses? The sender sent money to those other addresses as well? If so why are those addresses showing in the transaction as well?

[pooya87]

1 is the address of the sender, right?
2 is the address of the receiver, right?
So what are those other addresses? The sender sent money to those other addresses as well? If so why are those addresses showing in the transaction as well?

any address on the left side is considered sender(s) and anything on the right is considered receiver(s). technically you can have as many sender and receiver in any transaction as you want with any amount you want between 0 and less than sum of the inputs. but practically there are standard limits that apply for instance very small amounts such as 1 satoshi is considered spam and will be rejected by nodes.

[HCP]

So regarding the hack on twitter, what exactly happened in this transaction?




1 is the address of the sender, right?
2 is the address of the receiver, right?

So what are those other addresses?

Looks like whomever sent that transaction was attempting to make a point... Possibly to the hackers.

Did you read the "addresses"?

The message appears to be:
"Just read all transaction outputs as text, you take risk when use Bitcoin for your Twitter game. Bitcoin is traceable. Why not Monero?"

The sender sent money to those other addresses as well?

Technically yes... But it was ~0.00000666 for each one... And 0.00001337 (aka "leet") to the hackers address

If so why are those addresses showing in the transaction as well?

As already stated, you can have multiple inputs or outputs.

[Folio]

Thanks, I have read most of that website but I still have some doubts about how to read that web page.

So the one on the left is the original output or "container of bitcoin" that the sender is using to send money away.
The ones on the right are the receiving addresses that receive parts of the original output. Each receiving address is a new input.

What I don't get is: why are they listed together? This way if John sends me 5 and John sends another 3 to Elisabeth, I will be able to see that John sent 3 to Elisabeth?? Isn't this a bad thing?
I mean unless this is a feature that like in emails sends the same message to many addresses (cc in emails) it seems like very bad privacy.

I certainly don't want the pet store to know that I spent money at the car store before if I am using the same output for these 2 payments, that's my business not his.

[HCP]

What I don't get is: why are they listed together? This way if John sends me 5 and John sends another 3 to Elisabeth, I will be able to see that John sent 3 to Elisabeth?? Isn't this a bad thing?
I mean unless this is a feature that like in emails sends the same message to many addresses (cc in emails) it seems like very bad privacy.

I certainly don't want the pet store to know that I spent money at the car store before if I am using the same output for these 2 payments, that's my business not his.

And this is why "address re-use" is a "Bad Idea"™ if you value your and other peoples privacy.

If you only ever use an address once, and give anyone who asks for one a completely new and previously unused address, then this kind of tracking becomes more difficult, as it is harder to ascertain what address belongs to whom.

[o_e_l_e_o]

Everything has a weak spot and for any transaction that is a change addresses.

This can be obfuscated. You can design a transaction so it is impossible to tell which outputs are recipients and which outputs are change. You can spend an entire output and leave no change. You can split your change in to multiple outputs. You can mix or coinjoin your change to consolidate it back to a single output.

Address reuse should still be discouraged. With the existence of HD wallets, there really isn't any reason to reuse addesses when you can generate new ones with a couple of clicks.

[pooya87]

All that is a  severe challenge for user because over time, you forget where,why and whom you sent and from whom you got, and you rely entirely on a client which is not so selective in this regard. One has  to be a meticulous person to follow all those rules. If you do a few transactions a week, it’s possible. But with tens transaktions per day it is hardly achievable for common man.

most clients usually let you set a description for each transaction you receive which could be a reminder of who the recipient or sender of a transaction was and in majority of cases users don't really need such reminders and in special cases the user can use a custom client (like what exchanges or merchants do) to have additional functionality.

[o_e_l_e_o]

All that is a  severe challenge for user

Sure. Maintaining your privacy is no easy task, and this is by no means unique to bitcoin. It's time consuming and sometimes difficult or awkward to use Linux, use Tor, avoid Google, encrypt your communications, encrypt your data, avoid centralized exchanges, run your own full node, control your change outputs, etc. But it is also entirely possible to do all these things. Separate wallets, separate addresses, and labelling your transactions and your outputs, all let you keep track of change outputs to prevent linking them to other transactions or each other.

[o_e_l_e_o]

One wallet i.e. Lerdger nano + Electrum + bunch of deviation paths  like this m/.../.../x' where x is changeable and depends on the "source-of -income"/customer/exchange.

It's a good approach, and using different accounts on the same wallet has a number of benefits. It vastly reduces the possibility of accidentally linking different addresses or change outputs together, since they are kept separate in different wallets. Since the accounts are all derived from the same seed phrase, it also means you only have to back up and secure a single seed phrase rather than multiple seed phrases. As long as you never transfer funds directly between accounts without mixing, coinjoining, or otherwise obfuscating them first, then it would be very difficult to link the accounts together just from blockchain analysis.

I also use a similar set up but with different passphrases instead of different derivation paths on my Ledger wallet. A single seed phrase which is backed up securely, and multiple different passphrases which I load temporarily to the wallet (rather than associating with a secondary PIN) when I need to access them. The upside of this is that if my seed is compromised, only the top level wallet can be accessed. The downside is it takes an extra few minutes to load each wallet as you have to input the specific passphrase each time.

[Folio]

Why did I get this bad privacy rating? I used a new address, so how is it bad privacy and how could I improve it?

[o_e_l_e_o]

The Blockchair Privacy Indicator only tells you how easy it is link inputs and outputs as belonging to the same person. It doesn't tell you anything about who that person is or how easily or otherwise they could be identified. Without seeing the exact transaction I can't be overly specific, but we can look at the two indicators which have been displayed - "Round value" and "Output value x100".

One of the outputs of the transaction must have a "Round value" - something like 0.5 BTC, 1 BTC, 0.35 BTC. It is highly unlikely that a change value would be perfectly rounded, and so it can be assumed that the round value output is the recipient, and the other outputs are the change.

One of the outputs of the transaction is more than x100 bigger than the other. It is more likely that this output will be the change.

Essentially what Blockchair is telling you is that it is possible to tell which outputs from the transaction are the change and which outputs are to the recipient. Since your address is brand new, as you say, if it is otherwise unlinked to your identity or other addresses then that is far as the analysis can go.

If you wanted to improve the privacy on this transaction to make it less obvious which outputs were change and which weren't, then you could add some extra satoshi to the payment to avoid it being a round number (so instead of paying 0.1 BTC, pay 0.10048394 BTC, for example), and you could also split the change in to multiple outputs of similar sizes.

For more info about Blockchair's Privacy score, see this page: https://blockchair.com/api/docs#link_M6