This made good sense to me: 

> Most of the people who would benefit from privacy-heuristic feedback are the people least equipped to run it safely. They don’t run a node, so the path of least resistance is to paste an xpub into someone else’s website.

It sounds like he's using bloom filters with some extra fancy cryptography stuff to make it so that the server cannot tell which outputs you are querying for. 

This thing jogged something in my memory and I thought I may have posted about it before, but apparently not. But it is part of a product he is designing called [BTC Medusa](https://www.btcmedusa.com/index.html):

> this is the cryptographic core of a product, a fork of Sparrow Wallet with a paid token model where tokens are sold in packs and payment is what gates blind-sign issuance is what I have built.

And perhaps like whirlpool/wasabi, it may point to a revenue stream for open source wallets (although, I'm not convinced that it is very big):

> Also, I’ve laid out in my [whitepaper](https://www.btcmedusa.com/downloads/BTC_Medusa_Whitepaper.pdf) explicit mechanisms to implement revenue sharing with open-source wallets that implement this protocol since revenue is the most difficult part for open source wallets to maintain.

Here is an example of how their are pricing it at the moment (in his delving post he mentions tokens, and this seems to be a price to download the plugin, so maybe there is also an additional charge for use): 

![](https://m.stacker.news/145785)

Scoresby

d680ecaa8e

Privacy-heuristic tools have gotten a lot of attention lately. 

 lets you paste an xpub or an address and get a read on how much your wallet’s history leaks. More recently supertestnet opened a WIP wallet-fingerprinting panel for btc-rpc-explorer that gives a heuristic “which wallet likely created this transaction” verdict from on-chain signals alone. (nVersion, nLockTime / anti-fee-sniping, RBF signaling, input script types, low-R grinding, BIP-69 ordering, change-type matching, and so on.) People are clearly interested in finding out what their transactions reveal, which is good for the ecosystem.

What stood out to me was how many of them pasted their xpub into a public website to get that read, instead of running the analysis privately against their own node. An xpub handed to a third party is the entire wallet.

This is a writeup of a system that addresses that. It lets anyone, including people who don’t run their own node, run these privacy heuristics over their own wallet without revealing to any server which transactions, or which wallet, they are asking about. The heuristic verdicts are precomputed per transaction and published as encrypted per-block filters. A wallet can only decrypt the verdict for an outpoint it is actually interested in, and the server never learns which outpoints those are.

bitcoin

> *by* [**vazertuche**](https://delvingbitcoin.org/u/vazertuche)
>
> Privacy-heuristic tools have gotten a lot of attention lately. [am-i.exposed](https://am-i.exposed/) lets you paste an xpub or an address and get a read on how much your wallet’s history leaks. More recently supertestnet opened a WIP wallet-fingerprinting panel for btc-rpc-explorer that gives a heuristic “which wallet likely created this transaction” verdict from on-chain signals alone. (nVersion, nLockTime / anti-fee-sniping, RBF signaling, input script types, low-R grinding, BIP-69 ordering, change-type matching, and so on.) People are clearly interested in finding out what their transactions reveal, which is good for the ecosystem.
>
> What stood out to me was how many of them pasted their xpub into a public website to get that read, instead of running the analysis privately against their own node. An xpub handed to a third party is the entire wallet.
>
> This is a writeup of a system that addresses that. It lets anyone, including people who don’t run their own node, run these privacy heuristics over their own wallet without revealing to any server which transactions, or which wallet, they are asking about. The heuristic verdicts are precomputed per transaction and published as encrypted per-block filters. A wallet can only decrypt the verdict for an outpoint it is actually interested in, and the server never learns which outpoints those are.
>
> [**...read more at delvingbitcoin.org**](https://delvingbitcoin.org/t/privately-running-wallet-privacy-heuristics-on-your-own-utxos-without-needing-to-run-your-own-node/2625)