Making Bitcoin truly anonymous - Part 1
Once upon a time Bitcoin became popular partly due to the idea of anonymous transactions. Nowadays however, the perception of Bitcoin’s anonymity has changed, shown by academic papers and a Blockchain surveillance industry (source). As a solution to the lack of privacy, a new market of anonymity-enhancing services has emerged, such as centralized Tumblers like Coinshuffle, Coinjoin, Mixcoin, Blindcoin or Coinswap, as well as privacy-centric coins such as Monero, Zcash and Pivx. Whereas the first mentioned face problems of trust, the privacy-centric coins yet have to be widely adopted as Bitcoin. While TumbleBit is an anonymity service for Bitcoin’s existing user base.
In this part 1 of this series, I will explain what Tumblers are and the differences between some of them and TumbleBit. In the end I will explain why you need to watch Stratis and their Breeze wallet in order to keep a close watch to the development of privacy in Bitcoin. In part 2 I will further discuss how TumbleBit exactly works and how it solves the problems posed in this article. Part 3 will include a comparison between TumbleBit and privacy-centric coins such as Monero, ZCash and Pivx. But for now, I’ll start with explaining what Tumblers are.
Tumblers?
A crypto tumbler is a service offered to mix ‘potentially identifiable’ or ‘tagged’ cryptocurrency funds with others, as to confuse anyone willing to follow the trail back to the fund’s original source – resulting in anonymity. Tumblers or Mixers were introduced to deal with the weaknesses in Bitcoin’s anonymity properties. In theory, a Tumbler basically throws a bunch of people’s funds together, shuffles them and then gives back the specific amount put in by each individual from the random fund pile. In this way, the new funds received cannot be traced back to an address, resulting in random, and therefore anonymous, funds. So problems solved aye?
The problem with traditional Tumblers.
Traditional Tumbler services promise to mix bitcoins from a set of payers to a set of payees in a manner which makes it difficult to trace back who transferred bitcoins to who. To deliver on this promise, the Tumbling process should however also be an anonymous process itself. After all, the central Tumbler service knows exactly which payer is paying which payee. A compromise of the service automatically leads to ‘a total loss of anonymity’ (source). These compromises are not unknown. In 2016, researchers found more than 100 Tor nodes snooping on their users. (source). Also, a quick look on Btcmixers.com shows a lot of the Tumblers to be scams:
Attempts to solve the problems
Other Tumbling services have tried to address these problems, but the trust issue remains. Besides, other problems are there which could be solved by a trustless intermediary. Some Tumblers trying to address these problems have been compared to TumbleBit in TumbleBit: An Untrusted Bitcoin-Compatible Anonymous Payment Hub:
Blindcoin and Mixcoin both use a ‘trusted third party (TTP)’ to mix the Bitcoin addresses. This third party is however able to steal users’ bitcoins, theft is detected but not prevented (source). CoinSwap is a fair-exchange mixer where an intermediary allows two parties to anonymously send bitcoins to each other. The fair-exchange prevents CoinSwap intermediary from stealing any funds, but the data can still be looked into. TumbleBit provides anonymity against even an ‘honest-but-curious intermediary’ (source). Coinparty is a decentralized solution which is only secure if 2/3 of the users are honest, which doesn’t seem like a feasible protocol.
CoinShuffle and CoinShuffle++ build on CoinJoin to provide a decentralized tumbler that should prevent the theft of bitcoin. Both mix funds in a single transaction. Because Bitcoin’s maximum transaction size is 100KB, the paper of TumbleBit mentions this limits CoinShuffle++ to 538 addresses per mix – which is a limitation because the more addresses the merrier the anonymity. Also, these systems are vulnerable to DoS attacks as users who join the mix and then abort, disrupt the protocol for all other users (source).
XIM builds on fair-exchange mixers preventing bitcoin theft, and uses fees to resist DoS and Sybil attacks. TumbleBit also uses fees to resist DoS and Sybil attacks. Next to resisting these attacks, an abort by a single XIM user does not disrupt the mix for others, which is the same for TumbleBit. XIM’s difference with TumbleBit is the fact that XIM makes use of a method for finding parties to participate in a mix. Because users must advertise themselves as mix partners causing communication to grow resulting in several hours to be added to the protocol. This means TumbleBit is much faster; a tumble requires only two blocks on the blockchain. The decentralization of these services also requires mix users to interact with each other via a peer-to-peer network in order to identify each other and mix payments. A coordination between users results in a ‘quadratical growth’, limiting scalability (source).
BSC is a former academic project by members of the team of TumbleBit. It shares the same fair-exchange properties and anonymity properties but, unlike TumbleBit, is not compatible with the Bitcoin protocol and does not provide an implementation. Also, while TumbleBit requires two blocks to be confirmed BSC requires three.
TumbleBit
In short, TumbleBit is a trustless Bitcoin mixer. TumbleBit provides payments that are private - they are unlinkable and The Tumbler is not able to steal your coins plus it cannot deanonymize you. Also it is fully compatible with the Bitcoin protocol, creating an anonymity service for Bitcoin’s existing user base. In part 2 I will go further into details to explain how TumbleBit exactly works, which involves a story of a girl named Alice willing to do an anonymous transaction to a man named Yunk.
So where can I find this TumbleBit?
You will still have to wait for a bit. Stratis’ Breeze wallet is implementing TumbleBit and the service is soon to be tested. Wait Stratis? Yes, NTumblebit is an open source project where members of the original TumbleBit research team worked together to create a usable production ready and well tested implementation of TumbleBit protocol. TumbleBit is fully compatible with today’s Bitcoin. NTumbleBit is a cross-platform framework, server and client written in C# by Nicolas Dorier (source). In essence implementing the benefits of TumbleBit but for C# and .NET applications. Because NTumbleBit also utilizes NBitcoin (the base framework used by NStratis), the Stratis team was able to easily access the benefits of NTumbleBit and integrate it into the Stratis Platform resulting in the implementation in the upcoming Breeze wallet (source).
At this very moment the Stratis Team is expecting to release the Breeze Full Node this Friday, July 14th for further testing purposes. This purely means testing the Blockchain registration on the STRAT main net. The TumbleBit service itself will be first implemented on the Bitcoin testnet and will be made available soon to those that want to test the functionality (source).
For more info on TumbleBit go to:
TumbleBit scientific paper
For more info on the Breeze wallet go to:
Blog Stratisplatform
StratisWiki
Stratis Slack
You are trying to tell best things
Thank you, i do try
When can we expect the other parts? I'm very interested in the privacy features of Tumblebit compared to other privacy oriented coins like Monero, pivx and xvg. This is the first detailed write-up I've come across, so thanks!
No problemo, I'm glad you liked it! I expect part 2 to be uploaded tomorrow, part 3 needs some more work :)
You could always just use a privacy focused coin such as Verge (XVG).
Part 3 will include a comparison between TumbleBit and privacy-centric coins!
If you like this article then click here to read more about the subject.
Another great article!