Hi Bitcoin Developers,
I did some research about nLocktime and nVersion used by some open source Bitcoin wallets. I have written a [blog post][0] co-authored with 'nothingmuch' and this is the first post for the privacy focused blog 'consent':
Most wallets use nVersion 2. nLocktime for Bitcoin Core, Knots, Electrum, Sparrow and Specter is nearest block height. However, nLocktime for Bitcoin Core/Knots is zero by default if the transaction is created manually using RPC commands like createpsbt
or createrawtransaction
. Peter Todd had implemented nLocktime based on anti-fee sniping in [#2340][1] and [#24128][2] implements BIP 326 sequence based anti-fee-snipe for taproot inputs.
'0xb10c' has written about wallet [fingerprinting with fee rate][3]. However, nLocktime and nVersion are also important. There may be other factors that might help if a fingerprint matches more than one wallet. Andrew Chow has build a [tool][4] to check if a transaction was created using Bitcoin Core or Electrum.
### Why is wallet fingerprinting important?
Consider the following scenario: Alice is spying on Bob and Carol. She suspects one of them is participating in an activity based on a transaction, but she cannot confirm it. She recognizes that one of the wallets that claims to improve privacy was used for these transactions and examines the nVersion and nLocktime. This makes it simpler to identify Bob, who used Wasabi wallet for the transaction with version 1 and nLocktime 0.
### How to fix it?
If more wallets have the same nVersion and nLocktime, it will be difficult to identify the wallets used for a transaction. nLocktime could be any nearest block height however version needs to be 2 as most of the wallets use it and it is used for transactions that follow new consensus rules.
Please let me know if something incorrect is mentioned or anything important missing about wallet fingerprinting with nLocktime and nVersion.
### Acknowledgements
- achow101
- 0xb10c
- nothingmuch
- RedGrittyBrick
/dev/fd0