From: Prayank <prayank@tutanota.de>
To: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
Subject: [bitcoin-dev] Wallet fingerprinting and other privacy issues in Bitcoin Core
Date: Wed, 26 May 2021 16:47:43 +0200 (CEST) [thread overview]
Message-ID: <Mad8JLB--3-2@tutanota.de> (raw)
[-- Attachment #1: Type: text/plain, Size: 2197 bytes --]
Hello World,
There are other privacy issues in Core (node and wallet) but recently I came across one which can be used to identify if someone is using Bitcoin Core with just the bitcoin address and couple of transactions. I think people have already given up and don't expect privacy in Core wallet especially developers. However, below information may help some users who are not aware of this specific issue and developers who are using Bitcoin Core wallet in their project.
Issue is explained here: https://github.com/bitcoin/bitcoin/issues/22018
Even if there exists another wallet with similar behavior, it can affect privacy in some cases. Example: Alice is spying on Bob and collecting as much information as possible. She looks at social media accounts for Bob and thinks he might be using one of the wallets mentioned in PoC. She can confirm if Bob is using Bitcoin Core wallet by sending 2 small amounts to one of the address in different transactions. One transaction should have really low fee rate that it doesn't get confirmed.
I found this issue while reviewing PR: https://github.com/bitcoin/bitcoin/pull/18418
It was also discussed in a 'Core Review PR club' meeting recently: https://bitcoincore.reviews/18418
Also there are 2 things that helps identify wallet using address: 1. Can't spend unconfirmed UTXO 2. OUTPUT_GROUP_MAX_ENTRIES
OUTPUT_GROUP_MAX_ENTRIES was 10 earlier and 100 after PR #18418 got merged. This will help in confirming if someone is using latest Bitcoin Core once it is available in next release. Example: Alice is using Bitcoin Core v0.21.0 and Bob is using Bitcoin Core v0.22.0 Carol is the attacker and other two are victims. Carol sends small amounts to same address in 11 transactions to both and confirms Bob is using latest Bitcoin Core wallet while Alice is using an older version.
I will try to fix both 1 and 2 which can take few days and maybe never get merged. IMO 1 can be fixed by locking all UTXOs associated with a scriptpubkey until all are confirmed. UTXO locks are stored in memory only so will have to change that first. 2 can be fixed by using an approach similar to Electrum (All or None)
--
Prayank
[-- Attachment #2: Type: text/html, Size: 2788 bytes --]
reply other threads:[~2021-05-26 14:47 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Mad8JLB--3-2@tutanota.de \
--to=prayank@tutanota.de \
--cc=bitcoin-dev@lists.linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox