I have only just learned that hardware wallets can work with other software like Electrum & Wasabi through the Hardware Wallet Interface (HWI) without private keys ever touching the computer. (For some reason I had assumed that 'Connecting your hardware wallet to Electrum' meant importing your private keys into Electrum).
As far as I can tell, this mean you can setup something like:
- Buy on KYC Exchange (only easy option in my country) > Send to a Wasabi Wallet address for coinjoin
- Perform the coinjoin on Wasabi, eventually sweep it to seperate HW Wallet from within Wasabi too.
- Keep track of balance using a watch-only mobile wallet
Privacy Benefits:
- Avoids using HW Wallet Manufacturer software and nodes, avoids exposing XPUB.
- Avoids KYC Exchange
- Brings in a coinjoin before sweeping to HW
Does this sound like a solid setup? Keen for some feedback!
My advice is to stop using wasabi. They actively collaborate with chain analysis companies who managed to demix their coinjoins in the past.
Alternatives: whirlpools using samourai / sparrow.
You should also avoid kyc exchanges even if you coinjoin. They essentially still get the data of how much bitcoin you bought in total.
Protect yourself both from the earning and the spending side.
Can you share some more info about wasabi sharing data?
From the horse's mouth: https://blog.wasabiwallet.io/zksnacks-blacklisting-update/
There are also a bunch of PDFs circulating around but I'm on my phone rn.
Very interesting. It perfect the enemy of good though? I have never heard these criticisms of Wasabi before. I did find the coinjoins a bit slow and am happy to try something else. Is there a good robust single wallet solution for coin-joining and managing a HW?
Being potentially state captured is far from good, nevermind captured.
Sparrow (desktop-only)
Imo you should not manage a hw on a phone anyway. You should only use the hw for spending which should be rare. For receiving and tracking your savings, use the hw xpub to create a watch-only wallet in any bitcoin wallet app (e.g. bluewallet).
Yes I would not imagine managing via phone, just HW watch only.
Are whirlpools and coinjoins different concepts / functions?
Whirlpool is a mixing tech that coordinates trustless coinjoins.
It is currently implemented in sparrow and samurai wallets.
An alternative to Whirlpool is Joinmarket which is fully decentralized but as a result, it has lower liquidity and thus a lower anonymity set. It required a bit more experience and technical background to set it up.
Also, I think I can run my own node with wasabi, does that counter their analysis?
The analysis is on-chain. Running your own node only gives you network-level privacy, not on-chain privacy.
On this:
Note that some HWWs like the Ledger series require that you use the manufacturer software when initialising the device. Unless you can do this step offline, it's theoretically possible for them to collect your xpub.
For Coinjoins, I like using Sparrow connected to my own Bitcoin node. Sparrow has a nifty feature where after a specified number of mixes, the coins are sent straight to your HWW.
For reference you can technically load Trezor FW offline using the command line interface.
It's not the easiest thing to do, but possible.
That's a good point. I never thought about dependence on manufacturer software. On the other hand you probably have your 12/24 words backuped somewhere
Using Wasabi with hardware wallets doesn't mean it won't use someone else's node. At this moment you use Wasabi's nodes. Buying from KYC and use Wasabi Coinjoin feature won't erase KYC. Wasabi is broken and bad actor on the Bitcoin community.
Use Sparrow for better privacy related features, use your own node and use hardware that honor your privacy like Passport by FOUNDATION.
What’s the risk of using a coinjoin? Isn’t there a possible risk your KYC info will be flagged in the future for using a known coinjoin address?
Are coinjoin addresses known? Onchain won't it just look like a random transaction?
Transactions from lots of adresses to tots of adresses look a little different than transactions a->b