Does RBF reduce my privacy?

[BitcoinivaX]

I broadcast a transaction to make some payments and after a while I decided it was not worth it.  I double-spent it using RBF to my wallet address.
Does double spending using RBF reduce the privacy of wallet? can goverments/IRS/trackers know the addresses in my wallet because I broadcast that transaction, or is it considered safe as if I did not click on the broadcast button?

[1715313439]

1715313439

[1715313439]

1715313439

[mocacinno]

in this scenario, you broadcasted 2 transactions. Both could be logged, and one of them will end up in the blockchain (given it was a valid transaction with sufficient fees). So, no, it's not like nothing happened.

If the governement (or some hacker) is able to link your identity to some of the addresses generated by your wallet, there's a chance they'll learn more about which addresses are controlled by your wallet after this action.

You know bitcoin isn't completely anonymous to begin with, right? If you want to use bitcoin as anonymous as possible, it requires a lot of effort from you...

[o_e_l_e_o]

If they are only looking at transactions which have been confirmed in the blockchain, then they will not see your first transaction since it was replaced. If they are looking at all broadcast transactions, including those unconfirmed in the mempool, then they will see both your transactions. I suspect that most big companies which are trying to deanonymize transactions are running their own node(s), and so will be aware of both your transactions.

Notably, when you use RBF, you need to be aware that your wallet may include additional inputs in to the replacement transaction in order to cover the increased fees. You need to be vigilant regarding this if you do not want different inputs in your wallet being linked together.

[ranochigo]

I broadcast a transaction to make some payments and after a while I decided it was not worth it.  I double-spent it using RBF to my wallet address.
Does double spending using RBF reduce the privacy of wallet? can goverments/IRS/trackers know the addresses in my wallet because I broadcast that transaction, or is it considered safe as if I did not click on the broadcast button?

It's actually quite dependent on your wallet as well actually. If you're using wallets like Bitcoin Core or Wasabi then probably not. Bitcoin Core doesn't query someone else for your transactions and Wasabi does not leak identifiable details as well.

In the case above, unless someone had a deliberate MITM between your connection to the other nodes, they wouldn't see the transaction being broadcasted from your node or at least with fairly little certainty that it was broadcasted from your IP.

Tl;dr: RBF to your own address leaks the same level of privacy as with your other transactions since you're only sending the funds back to yourself. The greater concern would be to use SPV wallets without proper privacy measures.

[mocacinno]

--snip--
It's actually quite dependent on your wallet as well actually. If you're using wallets like Bitcoin Core or Wasabi then probably not. Bitcoin Core doesn't query someone else for your transactions and Wasabi does not leak identifiable details as well.
--snip--

There are two ways of looking at it, i suppose...

If you look at whether or not somebody will be able to link your ip to your wallet, you're right: wasabi only works inside the tor network, and core uses dandelion (and you're able to run it on the tor network aswell). There is no difference between an rbf tx, or a tx replacing said rbf tx and a "normal" transaction without the rbf flag when it comes to this kind of privacy.

If you look at whether the op's privacy is as safe as if he did never created the tx (because he replaced the rbf tx with a tx funding his own wallet instead of the wallet of the person he's paying), the answer is still: "no". Two transactions were created (only one of them could end up in a block tough). People with nodes had the opportunity to parse both transactions and put them into a database for further analysis. Also, if the transaction used unspent outputs funding multiple addresses, it is now "common" knowledge that both addresses belong to the same wallet... There'll also be an undeniable link between the addresses whose unspent outputs got used as an input for the rbf transactions and the address that got funded.
Last but not least, the public keys for the addresses whose unspent outputs were used as an input for either of the two transactions are now known to the network...

So, i guess OP's answer is somewhere in the middle: it's not like the transactions didn't happen. Some information got broadcasted. Attentive people will be able to draw some conclusions and will be able to log some PUBLIC keys... But if you used a decent wallet: who cares? I guess you must have a very specific usecase in mind? I guess there are some usecases where this discussion would be important, but i cannot imagine such a usecase right now.

[ranochigo]

If you look at whether or not somebody will be able to link your ip to your wallet, you're right: wasabi only works inside the tor network, and core uses dandelion (and you're able to run it on the tor network aswell). There is no difference between an rbf tx, or a tx replacing said rbf tx and a "normal" transaction without the rbf flag when it comes to this kind of privacy.

I'm not aware that Core uses Dandelion or that it was ever formally adopted. Bitcoin Core shouldn't be sending the addresses or any identifiable information to any other node anyways. Wasabi's primary privacy doesn't stem from it's enforcement of Tor but rather how it behaves as an SPV client.

If you look at whether the op's privacy is as safe as if he did never created the tx (because he replaced the rbf tx with a tx funding his own wallet instead of the wallet of the person he's paying), the answer is still: "no". Two transactions were created (only one of them could end up in a block tough). People with nodes had the opportunity to parse both transactions and put them into a database for further analysis. Also, if the transaction used unspent outputs funding multiple addresses, it is now "common" knowledge that both addresses belong to the same wallet... There'll also be an undeniable link between the addresses whose unspent outputs got used as an input for the rbf transactions and the address that got funded.
Last but not least, the public keys for the addresses whose unspent outputs were used as an input for either of the two transactions are now known to the network...

Actually, here's one thing I don't get. Why do you need to add another output if you want to just send the transaction to yourself? It would simply lead to a larger transaction size and a much larger fee. If you want to "Cancel" your transaction, simply send the UTXOs used in that transaction to yourself and there isn't any need to add another UTXO. People would probably add UTXOs if they're trying to ensure that the output is of a specific size. Any MITM will result in the an adversary knowing that the transaction was broadcasted from that specific IP.

[mocacinno]

--snip--

I'm not aware that Core uses Dandelion or that it was ever formally adopted. Bitcoin Core shouldn't be sending the addresses or any identifiable information to any other node anyways. Wasabi's primary privacy doesn't stem from it's enforcement of Tor but rather how it behaves as an SPV client.

To tell you the truth, i'm not 100% sure if dandelion was implemented... I know i've read the bip in the past, but since i use wasabi and chipmixer as my main "anonymity-providers", i didn't really follow up on this bip.... I should look into it tough, since it's quite an interesting topic . TL; DR; I assumed it was implemented, but i'm not sure...

It's true that wasabi is pretty well written and tought out... I'd still argue there biggest privacy feature is their enforcement of the Tor protocol, but that's my personal opinion, not a fact.

--snip--

Actually, here's one thing I don't get. Why do you need to add another output if you want to just send the transaction to yourself? It would simply lead to a larger transaction size and a much larger fee. If you want to "Cancel" your transaction, simply send the UTXOs used in that transaction to yourself and there isn't any need to add another UTXO. People would probably add UTXOs if they're trying to ensure that the output is of a specific size. Any MITM will result in the an adversary knowing that the transaction was broadcasted from that specific IP.

You don't need to add another output... But the OP's question implied he wanted to ask if sending funds to somebody else using a tx with the rbf flag set, changing your mind and replacing said tx was the same as (and i quote the op here) " if I did not click on the broadcast button".
This is simply not the case... The OP created 2 transactions. Somebody CAN analyse said transactions, even if (from the OP's point of view) nothing much happened.

The main reason for adding an other unspent output is because the replacement transaction has to "pay for it's own bandwith", it has to have a higher fee... So it's possible you don't have enough change leftover to pay this higher fee, thus it's possible you have to add another unspent output to the replacement transaction.

[20kevin20]

Since the first tx was broadcasted, then it's safe to assume there is someone who remembered it and might use that information through an analyzing tool.

Since you've mentioned payments, I would assume that the party knows at least one identifiable information ahout you such as IP, home address, full name etc. In that case, the best thing you can do is assume the worst scenario and play it out. Was it a payment processor you sent your BTC to? Payment processors likely store even temporary data since little information could speed up things. As soon as your payment has been deemed invalid, they probably stored this information about it. In this case, all that is required for the first transaction to be linked back to you is the payment processor handing out this kind of data to governments (or selling it to third parties such as chain analyzing tools).

Block explorers probably stored your now-replaced transaction and I doubt they remove replaced txs from their storage. Especially more advanced block explorers that come with features such as privacy meters or basic chain analysis. There's a saying: once it's on the Internet, it's forever! So the best thing you can probably do is assume there is someone knowing about your initial tx and obfuscate your tracks from now on. If you have multiple inputs in your tx, then you should take care of all of them.

What I'd personally do if I had this fear is, I'd mix/coinjoin my inputs and move them to another new seed. If there is any party knowing who the person behind that initial tx was, I can now do nothing else besides trying my best to hide future paths.

To the replies above: Dandelion can be used through Bitcoin Core as a way of improving privacy of tx broadcasting. But even if we remove the possibility that a government/tracker could trace this broadcast back to your IP, don't the inputs still get linked together? And besides this, even with Dandelion, doesn't the initial tx broadcast from node to node quick enough for a block explorer to parse this information?

Edit: @mocacinno it seems like Dandelion should've been part of Bitcoin Core v0.18.0, but it never made it.

[ranochigo]

The fact you're using RBF alone can be used to guess what kind of wallet do you use.

You'll be eliminating only the wallets that are not implementing RBF which are probably the ones you shouldn't use. It doesn't provide any clues beyond the fact that you're using a wallet that support RBF or that you're signalling RBF manually and using the wallet to sign it only.

[suzanne5223]

I broadcast a transaction to make some payments and after a while I decided it was not worth it.  I double-spent it using RBF to my wallet address.
Does double spending using RBF reduce the privacy of wallet? can goverments/IRS/trackers know the addresses in my wallet because I broadcast that transaction, or is it considered safe as if I did not click on the broadcast button?

First of all, if privacy is a top priority to you, you'll need to make use of wasabi and some Bitcoin tumbler but the destination of the transaction must not be an exchange wallet (cause must centralized exchange dont support it)
Having said that, there is difference between double-spending and RBF but RBF dont reduce your wallet privacy cause RBF is a process of bumping up transaction fee by creating new transaction which is identical to the old one.
Double spending is sending the same transaction (UTXO) twice.

[hosseinimr93]

.......but RBF dont reduce your wallet privacy cause RBF is a process of bumping up transaction fee by creating new transaction which is identical to the old one.

The replacing transaction doesn't have to be identical to the original one. It only needs to have at least one same input and higher fee.

Let's say the original transaction is as follows.

Address A -------> Address C
Address B

If the transaction has been flagged as RBF, it can be replaced by following transaction.

Address A  ------> Address E   (higher fee)
Address D

[ChipMixer]

Does double spending using RBF reduce the privacy of wallet?

Yes. How much? It depends.

Case A - fee increase changes change value

Input A (10 mBTC) -> Output B (2 mBTC), Change C (7.99 mBTC) (fee: 0.01 mBTC)
replaced by
Input A (10 mBTC) -> Output B (2 mBTC), Change C (7.95 mBTC) (fee: 0.05 mBTC)

Loss of privacy
Mempool analysis show that Input A and Change C are linked.

Case B - fee increase adds another input

Input A (10 mBTC) -> Output B (9 mBTC), Change C (0.5 mBTC) (fee: 0.5 mBTC)
replaced by
Input A (10 mBTC), Input D (1 mBTC) -> Output B (9 mBTC), Change C (0.4 mBTC) (fee: 1.6 mBTC)

Loss of privacy
Mempool analysis show that Inputs A and C and Change C are linked.


Case C - fee increase adds another input and your wallet lack small inputs

Input A (10 mBTC) -> Output B (9 mBTC), Change C (0.5 mBTC) (fee: 0.5 mBTC)
replaced by
Input A (10 mBTC), Input D (1001 mBTC) -> Output B (9 mBTC), Change C (1000.4 mBTC) (fee: 1.6 mBTC)

Loss of privacy
Mempool analysis show that Inputs A and C and Change C are linked. Your previously small transaction now show you own much more.

[NotATether]

can goverments/IRS/trackers know the addresses in my wallet because I broadcast that transaction, or is it considered safe as if I did not click on the broadcast button?

If you only  broadcast an RBF transaction once without increasing the fee later then it's just as private as any other transaction. In particular, your address cannot be sniffed out unless you have a chain of other transactions from that wallet with N inputs and 1 change and the trail leads to some ID'd service. This itself may also reveal:

- your wallet software
- that (in most cases) some unknown guy owns a bunch of addresses

But as soon as you change the fee, then the level of privacy exposure risk increases in proportion to how long you waited before you replaced the fee. If you changed it after say 30 seconds then the old transaction barely had enough time to propagate to 1st/2nd level outgoing peers (say 10 first level peers, and 10*10=100 second level peers) before they receive the new transaction and drop the old one, while waiting a few days guarantees that most nodes have the chance to see both transactions. However this alone cannot identify the input/change addresses belong to "you" and not some unknown person.

[PrimeNumber7]

Does double spending using RBF reduce the privacy of wallet?

Yes. How much? It depends.

Case A - fee increase changes change value

Input A (10 mBTC) -> Output B (2 mBTC), Change C (7.99 mBTC) (fee: 0.01 mBTC)
replaced by
Input A (10 mBTC) -> Output B (2 mBTC), Change C (7.95 mBTC) (fee: 0.05 mBTC)

Loss of privacy
Mempool analysis show that Input A and Change C are linked.

Case B - fee increase adds another input

Input A (10 mBTC) -> Output B (9 mBTC), Change C (0.5 mBTC) (fee: 0.5 mBTC)
replaced by
Input A (10 mBTC), Input D (1 mBTC) -> Output B (9 mBTC), Change C (0.4 mBTC) (fee: 1.6 mBTC)

Loss of privacy
Mempool analysis show that Inputs A and C and Change C are linked.


Case C - fee increase adds another input and your wallet lack small inputs

Input A (10 mBTC) -> Output B (9 mBTC), Change C (0.5 mBTC) (fee: 0.5 mBTC)
replaced by
Input A (10 mBTC), Input D (1001 mBTC) -> Output B (9 mBTC), Change C (1000.4 mBTC) (fee: 1.6 mBTC)

Loss of privacy
Mempool analysis show that Inputs A and C and Change C are linked. Your previously small transaction now show you own much more.

Another scenario resulting in a loss of privacy is if your RBF transaction includes a different input.

For example, the original transaction may have Input A, Input B, Output Z, and Change X, but the RBF transaction might have Input A, Input C, Output Z and Change X. In this scenario, inputs A, B and C are now potentially linked together.