Privacy Techniques
Bitcoin transactions are pseudonymous, not anonymous. Various techniques can improve privacy by breaking the linkability between transactions and making blockchain analysis more difficult.
Privacy Challenges
Blockchain Analysis
All transactions are public:
Public Information:
- Transaction amounts
- Input/output addresses
- Transaction graph
- Timing patterns
Common-Input-Ownership Heuristic
Analysts assume all inputs to a transaction belong to the same entity:
Transaction:
Input 1: Address A
Input 2: Address B
Input 3: Address C
Assumption: A, B, and C are all controlled by same person
Privacy Techniques
1. CoinJoin
CoinJoin combines multiple transactions into one:
Standard Transaction:
Alice → Bob: 1 BTC
CoinJoin Transaction:
Alice + Charlie + Dave → Bob + Eve + Frank: Mixed amounts
Benefits:
- Breaks common-input-ownership heuristic
- Hides individual transaction amounts
- Makes analysis difficult
Implementations:
- Wasabi Wallet: WabiSabi protocol
- JoinMarket: Maker-taker model
- Samourai Wallet: Whirlpool
2. Payjoin (P2EP)
Payjoin involves both sender and receiver:
Standard Transaction:
Alice (inputs) → Bob (output)
Payjoin Transaction:
Alice (inputs) + Bob (inputs) → Alice (change) + Bob (output)
Benefits:
- Breaks common-input-ownership
- Looks like normal transaction
- No coordination overhead
3. Address Reuse Avoidance
Never reuse addresses:
Bad:
- Receive multiple payments to same address
- Links all payments together
- Reveals transaction history
Good:
- Generate new address for each payment
- HD wallets do this automatically
- Better privacy
4. Coin Selection
Privacy-aware coin selection:
Strategies:
- Avoid linking transactions
- Use smaller UTXOs when possible
- Don't consolidate unnecessarily
- Consider timing patterns
Code Examples
CoinJoin Implementation
Advanced Privacy
Silent Payments (BIP 352)
Silent Payments enable reusable addresses without address reuse:
Traditional:
- Recipient shares address
- Address reused → Privacy loss
Silent Payments:
- Recipient shares static identifier
- Sender derives unique address per payment
- No address reuse
- Better privacy
Taproot Privacy
Taproot provides better privacy:
Multisig Transaction:
- Key path: Looks like single-sig
- Script path: Only reveals used condition
- Other conditions hidden in MAST
Best Practices
For Users
- Use HD wallets: Automatic address generation
- Avoid address reuse: Generate new addresses
- Consider CoinJoin: For high privacy needs
- Use Taproot: Better privacy by default
- Be careful with change: Change outputs link transactions
For Developers
- Implement address rotation: Never reuse addresses
- Support privacy features: CoinJoin, Payjoin
- Privacy-aware coin selection: Don't link transactions
- Educate users: Explain privacy implications
Limitations
What Privacy Techniques Can't Do
- IP address: Network layer still reveals IP
- Timing analysis: Patterns can reveal links
- Amount analysis: Large amounts are distinctive
- Perfect anonymity: Not achievable on public blockchain
Trade-offs
- Privacy vs. Convenience: More privacy = more complexity
- Privacy vs. Cost: CoinJoin has fees
- Privacy vs. Speed: Some techniques add delays
Related Topics
- Address Types - Understanding addresses
- Coin Selection - Privacy-aware selection
- Taproot - Better privacy
- Lightning Network - Off-chain privacy
Resources
- BIP 352: Silent Payments
- Wasabi Wallet - CoinJoin implementation
- JoinMarket - CoinJoin marketplace