Re: [Tails-dev] Set coin selection to "privacy" by default i…

Üzenet törlése

Válasz az üzenetre
Szerző: Michael English
Dátum:  
Címzett: tails-dev
Tárgy: Re: [Tails-dev] Set coin selection to "privacy" by default in Electrum
S7r,
> Hello intrigeri, Michael,
>
> intrigeri wrote:
>> Hi Michael,
>>
>> Michael English:
>>> It also helps to reduce blockchain UTXO (unspent transaction
>>> outputs) bloat,
>> This makes me curious. How does this help with that property, exactly?
>> My intuition tells me that by restricting the set of coins that can be
>> spent to one single address, on the contrary, the software has fewer
>> possibilities to optimize towards 1. reusing existing unspent outputs;
>> and thus 2. avoiding to create more.
>>
>> Also: where was this text quoted from?
>>
> The text was copied from Electrum man page. The privacy coin chooser
> will not offer 100% anonymity, because that's technically not possible
> in a system using a public blockchain, but it will obfuscate information
> about sender's total BTC holdings so it's a plus.

Yes, I was relating this to routing the SPV validation through Tor which
also obscures the addresses that a particular person owns. Without Tor,
the bloom filters that SPV wallets like Electrum use are not very
private at all.
> UTXO's are basically the coins you can spend. The spendable coins are in
> UTXO's, not in addresses. Addresses are just a smart crypto way to let
> the world know in advance who has the right to spend a given UTXO.

Good explanation.
> Existing unspent outputs cannot be reused, they are burned and re-crated
> entirely every time. So you cannot spend part of a UTXO, you spend it
> all (practice does not recommend re-using addresses - it's true nothing
> keeps you from receiving the change in the same initial address that you
> spent from, but you'll have a different UTXO).

Yes, when a transaction is created, all of the inputs must be spent in
their entirety. Whatever coins do not need to be sent to another person
are sent back to a "change address" which is a new address under the
control of the spender. If there are still coins left after the
destination address(es) and the change address(es), then it is
interpreted as a transaction fee for the miners to collect.
>>> Routing transaction relay through Tor is only part of the solution. The blockchain is
>>> a public ledger that can be analyzed anytime after the initial transaction broadcast.
>>> Private coin selection impedes correlation of transaction inputs and outputs that
>>> could link back to an identity.
>> Sure. I hope our doc clearly states that it's very hard to use Bitcoin
>> in a privacy-preserving way, for some various value of "privacy".
>>
> Agreed, but the setting indicated by Michael could be shipped as a
> default imho. It makes sense in a context like Tails/Tor threat model.
>

Yes, that is exactly my rational. Private coin selection is perfectly
suited to the context of Tails. I like to think of it as similar to
browser fingerprints in the Tor Browser. Onion routing and private coin
selection reduces the "bitcoin fingerprint" left by Tails users.

Cheers,
Michael English