Image: Casascius/CC
Some believe that bitcoin’s anonymous properties are a bug, not a feature. This past January, New York financial regulator Benjamin Lawsky called for a crackdown on software that anonymizes transactions in the online digital currency, saying it will merely help criminals evade law enforcement. And one of the currency’s biggest supporters, venture capitalist Marc Andreessen, believes bitcoin will truly thrive only after it shrugs off anonymity protections.
But some parts of the bitcoin community have other plans in mind.
Even as regulators work to tie new identity restrictions to bitcoin businesses, a collection of projects is moving in the opposite direction, trying to preserve or even upgrade bitcoin’s properties as an ultra-private, untraceable payment system as anonymous as handing off a briefcase of unmarked bills. Last week saw the launch of Dark Wallet, a piece of bitcoin software that represents perhaps the most radical move yet to evade tracking of who spends and receives bitcoin. When it comes to describing the project’s intentions, Dark Wallet’s 26-year-old organizer Cody Wilson doesn’t mince words. “It’s just money laundering software,” he says.
But despite the controversy that surrounds the idea of untraceable digital cash, efforts to make bitcoin anonymous serve a real need. Bitcoin transactions are public by default, visible to anyone who searches the blockchain, the distributed public ledger of all bitcoin payments that keeps it safe from forgery and fraud. Deny bitcoiners the ability to hide their identity, and they’re left with a serious privacy problem. “The problem is not just about how to buy drugs online,” says Ian Miers, a graduate researcher at Johns Hopkins focused on cryptocurrency privacy. “As bitcoin becomes more mainstream, it becomes an issue of how to fix consumer privacy.” The problem may be even bigger for companies. Legitimate businesses, for instance, may want to hide their transactions so that competitors can’t track their sales growth.
Here are a few of the projects seeking a more private way to bitcoin:
Dark Wallet
Cody Wilson’s project with Amir Taaki and the anarchist group unSystem launched last Thursday with two particular methods for protecting its users’ identities. One is what it calls “CoinJoin.” Every time a user makes a payment with Dark Wallet, the program is set by default to combine the transaction with that of another Dark Wallet user attempting to make a payment around the same time. The communications to set up that multiparty transaction are encrypted, so that detecting who paid whom becomes far more difficult. Eventually, Dark Wallet plans to expand CoinJoin to combine payments of three or more users, creating an even more tangled web of money flows.
On top of protections for senders, Dark Wallet adds another one for receivers that it calls “stealth addresses.” When a user publishes a stealth address instead of a normal bitcoin address as his or her public P.O. box for receiving funds, any money sent by another Dark Wallet user to that address goes through an extra obfuscating process. Instead of appearing in the blockchain as being sent to that stealth address, Dark Wallet encrypts the address in such a way that only the recipient can recognize it and sends the money to that encrypted address. The receiver’s Dark Wallet app scans the blockchain for payments encrypted to his or her stealth address and decrypts them to claim the funds. Crucially, no evidence remains in the blockchain that ties the sender and recipient.
Shared Coin
Dark Wallet isn’t the only wallet that offers to mix up its users’ coins to foil surveillance. So does one of the most popular bitcoin wallets already in use: Blockchain.info. An initiative from the company called Shared Coin implements CoinJoin to protect transactions as large as 50 bitcoins. But users have to choose to turn Shared Coin on. Unlike with Dark Wallet, it’s not enabled by default. And Blockchain gives users a warning that, although it doesn’t log their transactions, it’s subject to laws that might compel it to track their transactions in some situations. “The server does not need to keep any logs and transactions are only kept in memory for a short time,” reads a disclaimer on Blockchain’s site. “However, if the server was compromised or under subpoena it could be forced to keep logs.”
Darkcoin
The most technically solid method for protecting the anonymity of bitcoin transactions may be to create a new bitcoin altogether, starting with privacy as a first principle. That’s the approach taken by Darkcoin, an alternative cryptocurrency launched in January. Darkcoin has already put 4.1 million digital coins into circulation, which have already gained a value around $1.40 each, one of the fastest ever appreciations of cryptocurrency among the flock of “altcoins” that have chased bitcoin’s success.
Like Dark Wallet and Shared Coin, Darkcoin implements CoinJoin, though it calls the feature DarkSend. It take a different approach to that transaction combination trick, though, using a distributed collection of servers around its network that negotiate CoinJoin’s multiparty payments. Anyone can pay a thousand Darkcoins to set up one of those DarkSend servers and, as compensation, will be entered into a random lottery that periodically pays out 10 percent of all new Darkcoins as they’re mined and put into circulation That incentive function hasn’t been set up yet, but already, 42 Darkcoin users are hosting DarkSend servers, according to Evan Duffield, the 32-year-old programmer in Phoenix, Arizona who servers as Darkcoin’s main developer. And as with Dark Wallet, every Darkcoin payment will be anonymized unless users choose to disable its CoinJoin protection. “The whole blockchain will be a fog,” says Duffield.
Zerocoin
Mixing up transactions makes tracing cryptocurrency payments difficult. One team of cryptography researchers at Johns Hopkins wants to make it mathematically impossible. Later this year, they plan to release Zerocoin, another alternative to bitcoin that uses a technique to anonymize its coins that’s much stronger than Dark Wallet’s or DarkCoin’s, and that’s impossible with bitcoin as it currently functions. Zerocoin uses what cryptographers call “zero knowledge proofs,” a seemingly magical but decades-old trick that can prove a mathematical statement is true without revealing the contents of what’s being computed.
That feat allows Zerocoin transactions to be recorded in its blockchain and checked for fraud and forgery without revealing any other information about which coins are being spent or who is spending them. “The only information that ever makes it into the blockchain is the fact that the transaction occurred,” Matthew Green told the audience at the Real World Crypto conference in New York earlier this year. “That’s actually very beautiful.”
Zerocoin was originally conceived as an add-on to bitcoin, but it didn’t find enough supporters among the bitcoin developer community to convince them to adopt its code. But that earlier version of its code is also being integrated into Anoncoin, an independent cryptocurrency project.
Anoncoin, Zerocoin, and Darkcoin are all unlikely to ever achieve the same acceptance for goods and services as bitcoin has. But it’s worth nothing that if exchanges allow the trade of bitcoins for these more private currencies without requiring identification, they could serve as giant laundry services, anonymizing any funds that are traded into and then out of their networks.
Tor Integration
The blockchain isn’t the only way to identify bitcoin users. So is old-fashioned tracing of their IP address. John Hopkins’ Miers uses the analogy of an old-fashioned briefcase full of cash: Even if the bills inside are unmarked, the bagman still needs to wear a ski mask and a hoodie to stay anonymous.
That’s where the anonymity software Tor comes in, triple-encrypting users’ internet traffic and bouncing it through servers around the world to obscure its origin. Some bitcoin wallets already integrate Tor, such as Blockchain.info. Dark Wallet plans to add Tor to future versions of its software.
Soon, that Tor integration will be the norm for bitcoin programs. Mike Hearn, a core bitcoin developer and head of the Bitcoin Foundation’s law and policy committee, says he built a prototype of a Tor-integrated version of bitcoinj, the software that powers popular bitcoin wallets like Hive, Multibit, and Android Wallet. That change is now being built into the public version of bitcoinj by another well-known bitcoin developer known as devrandom.
While Hearn says that adding Tor to bitcoinj will represent a significant upgrade to bitcoin’s privacy, he admit it’s not clear whether Tor or any other known protective measure can foil the sophisticated traffic analysis tools of agencies like the NSA, were they to turn their powerful surveillance mechanisms toward tracing bitcoin transactions. “There are no silver bullets in this space,” he says. “But this will make it much harder.”
Provided from: wired.