Here's the idiot version for anyone who isn't too clear: when you ask for the balance at your address on a block explorer online, they can correlate your IP address with the bitcoin address, so it's really bad for your privacy.
Instead, you could download the entire blockchain (which of course is what you do, when you run a node). That keeps your privacy since whoever you got the blockchain from, doesn't know exactly which addresses are yours, from that.
The obvious downside of that is, while private, it scales horribly.
Here, advanced cryptography is used to find some of the best of both worlds: the privacy is perfect, and the scalability is not perfect (it's going to be a bit slower/more bandwidth than an ordinary query), but way better than just downloading the whole database (this field of applied cryptography is called "Private Information Retrieval").
Question to the authors ( @blintz ?), concretely how much bandwidth is used in the simplest query, let's say a single address query (or tx query), compared with a non PIR based explorer?
This is a great summary! We really should write something like that in a whitepaper. Thanks for this.
Great question - this takes about 14 KB upload and 128 KB download per query. This is much more than for a normal address query, but on an absolute basis, it’s really small (less than just loading a page with a photo, for example). There is also a one-time upload for the first query of about 8 MB. As far as bandwidth, it would be usable even on a slow 3G connection. The main cost is really on the server side, since we have to maintain a fairly large server to answer queries. This is why we’re interested in building a service people would be willing to pay for, so we can cover these server costs.
reply
Good explanation.
The problem with any non-self hosted website like this though is it ultimately still relies on trusting that the maintainer or anyone breaking in without the maintainer knowing, is logging.
reply
You're absolutely right! For now, the best way to defend against this is to just save the webpage (lol), and use that local page as your client. We will also be releasing some kind of Electron app or Chrome extension (open to suggestions) to mitigate this kind of attack. That way, we can do code signing, have people audit the code, etc. A mobile app will also be a good way to ensure that you are running a secure client.
reply
Not to be overly negative, I agree, but it raises a question. If a user has to download and run specific code to make queries more safely, why not have that code be the more general Tor Browser? It has more eyes on it still, which is useful since running any extra code in your browser or otherwise adds many other risks.
The user can then visit any explorer, disregarding whether it logs or not, though care should be taken not to make multiple queries using the same identity to avoid linkage. It's a neat thing and all, but what's the actual value over visiting this or another explorer via an anonymizing tool?
reply
That’s a totally reasonable question. The biggest reason is that Tor is just not making any kind of cryptographic guarantee of your privacy; it’s just kind of ‘statistically mixing’ your behavior with others.
The privacy guarantee we provide is categorically stronger. It’s a cryptographic guarantee, like the one that underlies ECDSA signatures or SNARKS. Tor is more analogous to going to a library and using their WiFi to make queries, whereas Spiral truly cannot learn your queries. You could of course always use both, if you’d like.
As you point out, in both cases, you need to run code on your machine. We hope that, over time, we get lots of eyeballs on our client code, and in fact, it would be cool to get it integrated into Brave, Tor, or as an extension for Chrome or Firefox.
reply