public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
* [bitcoin-dev] Goldfish: Spoofing wallet fingerprints to improve privacy
@ 2023-10-16  5:00 alicexbt
  0 siblings, 0 replies; only message in thread
From: alicexbt @ 2023-10-16  5:00 UTC (permalink / raw)
  To: Bitcoin Protocol Discussion

Hi Bitcoin Developers,


### Problem

Wallet fingerprinting: Identifying the bitcoin wallet used to create the transaction

### Previous research

A) 0xB10C wrote a [blog post][0] in 2020 about wallet fingerprinting.

   Most transactions followed the fee rate recommendations provided by Blockchain.com and had same characteristics, including 
   using P2PKH outputs, having either one or two outputs created, a transaction version 1, and BIP-69 compliance.

   Suggested solutions: 
   
   1. Randomness in fee rates
   2. Broadening fingerprint
      - Support receiving to and spending from different address types
      - Time-lock some of the created transactions to the current block height
      - Set a random transaction version when constructing the transaction
   3. Spoofing

B) achow101 created a [tool][1] in 2022 to identify wallet from a bitcoin transaction

   This tool focused on 2 fingerprints (bitcoin core and electrum) although lot of other bitcoin wallets are used.
   It is good proof of concept which can be improved further by adding more fingerprints in it.

C) I wrote a [blog post][2] about wallet fingerprinting based on nLocktime, nVersion used by different wallets.

D) ishaanam wrote a [blog post][3] recently based on her research about wallet fingerprinting which covers lot of things.

   1. Fingerprints categorized into 4 types: Independent, Probabilistic, Dependent, and Temporal
   2. Observations based on 8 bitcoin wallets:
      - Bitcoin Core (v. 25.0)
      - Electrum (v. 4.4.5)
      - Blue Wallet (v. 6.4.6 iOS)
      - Exodus (v. 23.7.2 iOS)
      - Trust Wallet (v. 9. 0 iOS)
      - Coinbase Wallet (v. 28.53 iOS)
      - Trezor Suite (v. 23.7.2)
      - Ledger Live (v. 2.64.2)
   3. Fingerprints [table][4]
   4. [Wallet Fingerprint Detector][5]

      Conclusion: 

      > There is no clear cut solution to the issues discussed here. While some fingerprints would be trivial to eliminate,
      > it will be difficult to eliminate fingerprinting entirely. Just because something is a fingerprint does not 
      > automatically mean that it should not be done by a wallet. For instance, all transactions of a wallet having a 
      > certain input order or change index should definitely be modified, but things like anti-fee-sniping and the spending
      > of taproot UTXOs are still worthwhile.

### Solution 

A [tool][6] for spoofing wallet fingerprint. It is a proof of concept which can be improved further if everyone finds it useful.
It supports nLocktime, nVersion and BIP 69 ordering for 2 bitcoin wallets (electrum and blue). Users can enter PSBT and spoof its
wallet fingerprint based on the option selected in dropdown list.


### Rationale

 - As protocol developers continue to introduce changes that impact user privacy, such as the upcoming version 3 transactions,
   identifying wallets based on transaction becomes easier.
 - All wallets will never have same fingerprint.
 - For users who prioritize privacy, spoofing presents a viable solution.
 - While similar techniques have been applied in the context of browser fingerprinting, they can also be adapted for bitcoin
   transactions.

 Comparison with browser fingerprinting:

 A browser fingerprint typically comprises various things such as the user agent, IP address, canvas fingerprint, WebGL information,
 installed fonts, timezone, screen resolution, cookie data, system info etc. In contrast, a wallet fingerprint for bitcoin transactions
 includes RBF signaling, transaction version, BIP 69 ordering, fee rate, change position and type etc.

 If a tool can effectively spoof a browser fingerprint, same concept could be applied to bitcoin transactions as well. [Tor browser][7] 
 protects against fingerprinting by making fingerprints of all users same irrespective of their device or OS. It's important
 to note that existing tools attempting to identify wallets from transactions include lot of false positives, and the introduction of 
 spoofing could further increase their prevalence. This increased uncertainty in identifying wallet can make chain analysis difficult, 
 ultimately enhancing privacy. Some privacy-focused wallets may even consider implementing this feature in wallets.

### Acknowledgement
 
 0xB10C, achow101, ishaanam, pythcoiner and statusquont

[0]: https://b10c.me/observations/03-blockchaincom-recommendations/
[1]: https://github.com/achow101/wallet-fingerprinting
[2]: https://consentonchain.github.io/blog/posts/fingerprinting/
[3]: https://ishaana.com/blog/wallet_fingerprinting/
[4]: https://ishaana.com/blog/wallet_fingerprinting/fingerprints_final.png
[5]: https://github.com/ishaanam/wallet-fingerprinting
[6]: https://gitlab.com/1440000bytes/goldfish
[7]: https://blog.torproject.org/browser-fingerprinting-introduction-and-challenges-ahead/


/dev/fd0
floppy disk guy

Sent with Proton Mail secure email.


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2023-10-16  5:00 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-10-16  5:00 [bitcoin-dev] Goldfish: Spoofing wallet fingerprints to improve privacy alicexbt

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox