Wasabi + HW Wallet Privacy Setup
689 sats \ 17 comments \ @chungkingexpress 28 Nov 2022 bitcoin
I have only just learned that hardware wallets can work with other software like Electrum & Wasabi through the Hardware Wallet Interface (HWI) without private keys ever touching the computer. (For some reason I had assumed that 'Connecting your hardware wallet to Electrum' meant importing your private keys into Electrum).
As far as I can tell, this mean you can setup something like:
  1. Buy on KYC Exchange (only easy option in my country) > Send to a Wasabi Wallet address for coinjoin
  2. Perform the coinjoin on Wasabi, eventually sweep it to seperate HW Wallet from within Wasabi too.
  3. Keep track of balance using a watch-only mobile wallet
Privacy Benefits:
  • Avoids using HW Wallet Manufacturer software and nodes, avoids exposing XPUB.
  • Avoids KYC Exchange
  • Brings in a coinjoin before sweeping to HW
Does this sound like a solid setup? Keen for some feedback!
write
preview
related posts
4 sats \ 2 replies \ @scampy 28 Nov 2022
On this:
Avoids using HW Wallet Manufacturer software and nodes, avoids exposing XPUB.
Note that some HWWs like the Ledger series require that you use the manufacturer software when initialising the device. Unless you can do this step offline, it's theoretically possible for them to collect your xpub.
For Coinjoins, I like using Sparrow connected to my own Bitcoin node. Sparrow has a nifty feature where after a specified number of mixes, the coins are sent straight to your HWW.
reply
50 sats \ 0 replies \ @sime 28 Nov 2022
For reference you can technically load Trezor FW offline using the command line interface.
It's not the easiest thing to do, but possible.
reply
0 sats \ 0 replies \ @tomlaies 28 Nov 2022
That's a good point. I never thought about dependence on manufacturer software. On the other hand you probably have your 12/24 words backuped somewhere
reply
13 sats \ 9 replies \ @sommerfeld 28 Nov 2022
My advice is to stop using wasabi. They actively collaborate with chain analysis companies who managed to demix their coinjoins in the past.
Alternatives: whirlpools using samourai / sparrow.
You should also avoid kyc exchanges even if you coinjoin. They essentially still get the data of how much bitcoin you bought in total.
Protect yourself both from the earning and the spending side.
reply
1 sat \ 4 replies \ @chungkingexpress OP 28 Nov 2022
Can you share some more info about wasabi sharing data?
reply
13 sats \ 3 replies \ @sommerfeld 28 Nov 2022
From the horse's mouth: https://blog.wasabiwallet.io/zksnacks-blacklisting-update/
There are also a bunch of PDFs circulating around but I'm on my phone rn.
reply
0 sats \ 2 replies \ @chungkingexpress OP 28 Nov 2022
Very interesting. It perfect the enemy of good though? I have never heard these criticisms of Wasabi before. I did find the coinjoins a bit slow and am happy to try something else. Is there a good robust single wallet solution for coin-joining and managing a HW?
reply
0 sats \ 1 reply \ @sommerfeld 29 Nov 2022
Being potentially state captured is far from good, nevermind captured.
Is there a good robust single wallet solution for coin-joining and managing a HW?
Sparrow (desktop-only)
Imo you should not manage a hw on a phone anyway. You should only use the hw for spending which should be rare. For receiving and tracking your savings, use the hw xpub to create a watch-only wallet in any bitcoin wallet app (e.g. bluewallet).
reply
0 sats \ 0 replies \ @chungkingexpress OP 29 Nov 2022
Yes I would not imagine managing via phone, just HW watch only.
reply
0 sats \ 1 reply \ @chungkingexpress OP 29 Nov 2022
Are whirlpools and coinjoins different concepts / functions?
reply
0 sats \ 0 replies \ @sommerfeld 29 Nov 2022
Whirlpool is a mixing tech that coordinates trustless coinjoins.
It is currently implemented in sparrow and samurai wallets.
An alternative to Whirlpool is Joinmarket which is fully decentralized but as a result, it has lower liquidity and thus a lower anonymity set. It required a bit more experience and technical background to set it up.
reply
0 sats \ 1 reply \ @chungkingexpress OP 28 Nov 2022
Also, I think I can run my own node with wasabi, does that counter their analysis?
reply
0 sats \ 0 replies \ @sommerfeld 29 Nov 2022
The analysis is on-chain. Running your own node only gives you network-level privacy, not on-chain privacy.
reply
10 sats \ 0 replies \ @rapidlab309 28 Nov 2022
Using Wasabi with hardware wallets doesn't mean it won't use someone else's node. At this moment you use Wasabi's nodes. Buying from KYC and use Wasabi Coinjoin feature won't erase KYC. Wasabi is broken and bad actor on the Bitcoin community.
Use Sparrow for better privacy related features, use your own node and use hardware that honor your privacy like Passport by FOUNDATION.
reply
0 sats \ 2 replies \ @doubleplusgood23 28 Nov 2022
What’s the risk of using a coinjoin? Isn’t there a possible risk your KYC info will be flagged in the future for using a known coinjoin address?
reply
0 sats \ 1 reply \ @chungkingexpress OP 28 Nov 2022
Are coinjoin addresses known? Onchain won't it just look like a random transaction?
reply
15 sats \ 0 replies \ @tomlaies 28 Nov 2022
Transactions from lots of adresses to tots of adresses look a little different than transactions a->b
reply