Wallet fingerprinting

[defa1]

I'm looking for information about how wallets can be fingerprinted based on locktime, RBF, etc... but there isn't a wealth of information available.
Can somebody point me to some articles/docs/wiki ?
Thanks!

[Quickseller]

Anything your wallet software does that is not default behavior for other wallet software can potentially create a "fingerprint" of your wallet, and of you. This goes for anything from input selection, to the number of change addresses, to fee rate (including if the feerate paid is rounded a particular way), to anything you mentioned.

It is very unlikely that someone can connect two addresses baed on fingerprint alone, but a fingerprint may confirm that two addresses belong to the same entity if there is other information creating a weak link between addresses that does not necessarily prove they belong to the same entity. If privacy is a concern for you, it is best to not change a lot of settings in your wallet software.

[pooya87]

a fingerprint may confirm that two addresses belong to the same entity

To be clear, when it comes to blockchain analysis you can never "confirm" anything. Even if two inputs in a single transaction came from 2 different addresses you still can't "confirm" those 2 addresses belong to the same entity.
Blockchain analysis is a chance based guesswork. Each factor contributes to that chance, in example above the "chance" of those 2 addresses belonging to one entity is high but it is still not confirmed. That example is the ultimate link, the weaker factors such as fingerprint will contribute a much smaller percent to the total chance.

[Quickseller]

a fingerprint may confirm that two addresses belong to the same entity

To be clear, when it comes to blockchain analysis you can never "confirm" anything. Even if two inputs in a single transaction came from 2 different addresses you still can't "confirm" those 2 addresses belong to the same entity.

I guess this depends on your definition of "confirm", and what level of certainty you want in order to say that something is "confirmed". Even if you have someone saying they own both private keys, and you have signed messages saying the same, there is a chance this is not true. MtGox at one point allowed people to upload their private keys to "sweep" their address, and would frequently combine transactions from these private keys with other MtGox transactions.

When it comes to blockchain analysis, most of the time the ultimate customer/consumer of the blockchain analysis is using the analysis to make some decision, often to decide if they want to continue doing business with a certain entity (although sometimes the decision is if someone will be charged with a crime). The certainty required when deciding if a business wants to continue doing business with a particular entity is often going to be well below 100%, beyond any doubt.

[pooya87]

Even if you have someone saying they own both private keys, and you have signed messages saying the same, there is a chance this is not true.

That's correct A signed message like this won't prove ownership, it proves that the person has a way of getting a signature. For example a custodial wallet like Coinbase could let the user sign a message from the address in their account but they do not own that address, Coinbase does.

MtGox at one point allowed people to upload their private keys to "sweep" their address, and would frequently combine transactions from these private keys with other MtGox transactions.

If MtGox had access to those private keys, they owned those keys otherwise if the key remained on user's machine and only signature were produced that is the proof of the example I used above meaning combined addresses don't necessarily create a link.

There really isn't any level we could use to say it is "confirmed" then. When it comes to blockchain analysis everything is loosely defined and the companies sell even the weakest link as a solid proof to their customers to make money!

[Quickseller]

Even if you have someone saying they own both private keys, and you have signed messages saying the same, there is a chance this is not true.

That's correct A signed message like this won't prove ownership, it proves that the person has a way of getting a signature. For example a custodial wallet like Coinbase could let the user sign a message from the address in their account but they do not own that address, Coinbase does.

I could also send you a PM suggesting that we should both sign messages saying that one of our addresses belong to the person as the other's addresses. If we both signed messages like this, it would not make it a true statement, as your addresses do not belong to me, and my addresses do not belong to you.

There really isn't any level we could use to say it is "confirmed" then. When it comes to blockchain analysis everything is loosely defined and the companies sell even the weakest link as a solid proof to their customers to make money!

Like I said, it is not possible to know with 100% certainty. It is even possible for two people to generate the same private key, for example if they both used flawed RNG, or if they both created a poorly constructed brainwallet (there is even a very small chance two people generated the same private key using strong RNG, although this is very unlikely).

As I noted above, most consumers of blockchain analysis do not need to be 100% certain in order to take action based on said analysis. They are not subjecting themselves to massive losses if the blockchain analysis makes an incorrect conclusion.

[nc50lc]

-snip-

I see that you're using Electrum based from your other posts,
And there's one niche case where you could expose that you're using Electrum, and opened a lightning channel.

It's too specific but you might need the info:
Only possible if you're using the setting "Create recoverable channels" then opened a channel (setting only available for newly created/restored wallets).
Someone who's monitoring you could tell that it's from Electrum and it's an "Open Channel Transaction", based from the OP_RETURN data Electrum included in the "funding transaction".
That's if he already know that the spent input is yours.

Release Notes | 4.1.0 - Recoverable channels (option): /spesmilo/electrum/blob/master/RELEASE-NOTES#L82-L101

For other use-cases, same as the posts above.

[o_e_l_e_o]

You might find this to be a useful resource: https://blockchair.com/api/docs#link_M6

This is a list of all the heuristics that blockchair.com use to generate a number for their privacy-o-meter. While there are a number of their heuristics I don't think are as useful as they do, it gives you a good idea of things that someone might look for to link transactions as belonging to the same wallet.

For example, nLockTime is usually either 0 or the most recent block height. An unusual value repeated across 2 transactions would be an indicator they came from the same wallet or same person. In terms of something like RBF, rather than just if it is enabled or disabled it would be more useful to look specifically at the nSequence, since again, an unusual value could be an indicator of two or more transactions coming from the same wallet.