What's the role of transaction size in onchain privacy? \ stacker news ~bitcoin

pull down to refresh

What's the role of transaction size in onchain privacy?

1763 sats \ 8 comments \ @kilianbuhn 8 Feb bitcoin_beginners

Due to a recent discussion on Wasabi #878211 and coinjoins I'm interested in what role the size on a transaction plays on privacy

My understanding of onchain privacy is that identifying a common identity by linking UTXOs to one another. If a transaction size is a round number in sats or Dollars, it's probably the payment and the other one the change. Also mostly small UTXOs are mostly the transaction amd the bigger one probably the change. After that tracing lines up to an exchange (or a transaction with known ip address of origin) and the pseudonym is deanonymized 💀

Is that true? Does deanonymizing still work if all transactions are odd numbers? Am I still anonymous in a coinjoin if I lower the minimum amount from 0.01 BTC (which is a lot imo). Shouldn't this mean having never used an exchange with a wallet makes onchain Bitcoin way more private than its reputation? 🤔

view all related items

142 sats \ 2 replies \ @kruw 8 Feb

If a transaction size is a round number in sats or Dollars, it's probably the payment and the other one the change.

Yes, this is one heuristic for distinguishing the payment output from the change output. Other fingerprints include comparing each output's script type/version/locktime/feerate to the origin inputs once both outputs are eventually spent.

Also mostly small UTXOs are mostly the transaction and the bigger one probably the change.

I think you have this backwards - If many inputs are consolidated in a transaction and two outputs are created, the bigger output is probably the payment.

Am I still anonymous in a coinjoin if I lower the minimum amount from 0.01 BTC (which is a lot imo).

This default minimum of 1 million sats hasn't been changed since the price of BTC was $15k 😅 Since the mempool is empty, you can bypass this warning and coinjoin smaller amounts without wasting too much in fees.

Shouldn't this mean having never used an exchange with a wallet makes onchain Bitcoin way more private than its reputation?

You should always try to avoid KYC of any form for any transaction. However, Bitcoin's reputation for poor on chain privacy is generally accurate: Unless you take specific measures to control how your UTXOs are spent, you will casually link all of your transactions together over time.

Lightning fixes this for high volume. Coinjoin fixes this for high value.

21 sats \ 1 reply \ @kilianbuhn OP 8 Feb

Shouldn't this mean having never used an exchange with a wallet makes onchain Bitcoin way more private than its reputation?

You should always try to avoid KYC of any form for any transaction. However, Bitcoin's reputation for poor on chain privacy is generally accurate. Unless you take specific measures to control how your UTXOs are spent, you will casually link all of your transactions together over time.

But why tho? Never used an exchange with this wallet. Always VPN. Widely used wallet so not that uncommon type/version/locktime/feerate. Most transactions have odd sizes. Now what? Where is the attack surface on that wallet?

100 sats \ 0 replies \ @kruw 8 Feb

But why tho? Never used an exchange with this wallet. Always VPN. Widely used wallet so not that uncommon type/version/locktime/feerate. Most transactions have odd sizes. Now what? Where is the attack surface on that wallet?

Assuming you are also using your full node or client side block filters to protect your privacy during synchronization, then the remaining attack surface would be the common input ownership heuristic.

Widely used wallet so not that uncommon type/version/locktime/feerate. Most transactions have odd sizes.

Just because you are using random fingerprints doesn't guarantee you are fully protected. If the recipient fingerprints themselves, your change output is identified through process of elimination.

21 sats \ 1 reply \ @nullcount 8 Feb

FYI "Transaction size" usually refers to the number of bytes used to express the transaction.

I think you are talking about "transaction amounts".

0 sats \ 0 replies \ @kilianbuhn OP 9 Feb

yes, transaction amount. thank you

21 sats \ 2 replies \ @DarthCoin 8 Feb

Tip: through a LN channel (with a decent size) you can pass through an infinite amount of sats. So without closing that channel you can practically "coinjoin" as many sats you like, using the above scheme of 3 levels stash: hold (vault/cold wallet), cache (coins management), spending (LN). And it doesn't really matter how big or small your UTXOs are and from where did you acquire them.

Anyways, keep in mind this chart of UTXO size

0 sats \ 1 reply \ @kilianbuhn OP 8 Feb

I appreciate the effort. Am probably too poor for this setup 🙈

333 sats \ 0 replies \ @DarthCoin 8 Feb

For poor noobs, I wrote this guide: https://darth-coin.github.io/beginner/getting-started-stack-sats-en.html and then a more complete guide here: https://darth-coin.github.io/beginner/be-your-own-bank-en.html

Practically you accumulate in (non-KYC) custodial or semi-custodial accounts small amounts of sats until you are comfortable with a decent UTXO. Then you swap it out into a cold wallet. Many would say that don't use custodial bla bla bla... I would say, use them wisely, as your decoys..

You are less "exposed" using a decoy non-KYC custodial account than buying from a CEX KYC and withdraw straight to a cold wallet. The key to privacy is DECOY.

Once you accumulate enough, you can start with your own LN nodes and other schemes. Don't complicate it too much, keep it simple. If you never go back to fiat, there's NOTHING to worry.