Bitcoin’s Privacy Problem—And What Cypherpunks Are Doing to Solve It

Bitcoin transactions are easily traced. Here’s what’s going on behind the scenes to change that.

By Mat Di Salvo

6 min read

As the U.S. government ramps up its crypto regulatory efforts, it is targeting privacy-protecting projects like never before. The crypto community is worried—especially the cypherpunks—and users are currently grappling with the implications of the Tornado Cash ban and how it may be enforced in practice.

But behind the scenes, Bitcoin developers have for years now been working to preserve privacy when transacting with crypto.

"The targeting of an open-source protocol (as opposed to a person) is clearly an escalation in the attempt to make cryptocurrencies 'fit' into what the U.S. considers its financial control framework," Craig Raw, developer of the Bitcoin Sparrow Wallet, told Decrypt. "This is where the importance of holding funds without KYC links becomes apparent, and the fight for financial privacy escalates again," he said.

Bitcoin was long thought to be private, but that’s not correct. In the early days, many Bitcoin users didn’t know any better and would transact with the cryptocurrency online without thinking of the consequences—including on illicit darknet marketplaces.

These days, authorities can quite easily match Bitcoin transactions to real people, because off-ramps like cryptocurrency exchanges collect personally identifiable information about their customers. In fact, law enforcement agencies have even said they prefer it when criminals use the asset because it is so easily traceable. Bitcoin may be pseudonymous—no one’s identity is recorded on the blockchain—but every single transaction is.

“We already put so much of our lives online, and this trend will undoubtedly continue,” Bitcoin Design contributor Christoph Ono told Decrypt. “After decades of the internet, it is also clear that the urge to collect/analyze/hack/sell data is too strong for many private companies, governments, and other groups.” 

He added that “data is used against us” and that the added layer of financial data on public infrastructure could make things “a lot worse.” 

This is why developers are currently building tools that will make transactions on the Bitcoin blockchain nearly untraceable. Here’s what they’re working on. 

Wallets

One way to make Bitcoin more private is via using certain wallets. Specifically wallets which use CoinJoin—a technology that groups Bitcoin transactions together to obscure their origins. There are several projects right now using mixing protocols to promise more privacy and near-anonymous transactions. CoinJoin is one of them. 

The feds have their eye on mixing protocols: this week the Treasury Department banned Tornado Cash, a coin mixing app that allows users to send Ethereum anonymously in an unprecedented move.

American citizens are now not allowed to use the tool or interact with addresses that use it. Crypto developers and users are currently grappling with the implications of this ban and how it may be enforced in practice. But for now, development on similar tools used for Bitcoin transactions continues. "Time will tell where the outcome of this fight lies, but ultimately there is no middle ground in it," said Sparrow Wallet's Raw. "Either we have tools where anyone can obtain privacy, or we have no privacy at all.”

Wasabi Wallet is one project that makes use of the Tor network to encrypt communications. Tor is software that allows users to anonymize their internet traffic by sending it through a network of servers operated by volunteers. Wasabi, a desktop wallet, connects users to random Bitcoin peer-to-peer nodes, obscuring transactions so that it’s very difficult to know where money is going. In June, it released its latest wallet, Wasabi 2.0. 

Its team told Decrypt that its latest release was the best option for privacy because it will make “privacy by default for everyone” with a fast and cheap UX. “What differentiates it [from other wallets] is the user experience,” Adam Fiscor, co-founder of zkSNACKs, the software firm behind Wasabi Wallet, said. He added that privacy should be “frictionless and effortless” and that Wasabi does this; even a non-Bitcoiner would be able to get their head round using it.  

Why would someone want to use Wasabi? “Good user experiences with privacy products are necessary as we are heading towards a world where everything is online,” said Fiscor.  

Rafe, a long-time contributor to Wasabi, told Decrypt that Wasabi uses a new CoinJoin mechanism which obscures more transactions than previously, meaning more people can take advantage of the app’s privacy function. 

Craig Raw said that his Sparrow Wallet could make Bitcoin nearly as private as Monero, which is the biggest privacy coin, with a market cap of $2.8 billion, and currently the go-to option for privacy. 

Monero uses ring signatures—cryptographic digital signatures that can’t be identified—it is very difficult to trace transactions. 

Bitcoin’s transactions can be traced as everything is stored on a public blockchain. But Raw says Sparrow can achieve a similar level of privacy, if a user wants. “It is possible, with care, to achieve a level of privacy similar to Monero,” he told Decrypt. “Practically, the answer lies in asking ‘how large is my anonymity set’ with every transaction you make. 

“By using the tools in Sparrow it's possible to make this sufficiently large that the probabilities when following ownership of funds are low enough to make this effectively impossible.”

The Lightning Network 

A perhaps less known way of staying private while using Bitcoin is via the Lightning Network. A “second-layer solution,” it was created to solve Bitcoin’s scalability issue—or, in other words, allow more transactions to be processed. It does this by skirting the main Bitcoin blockchain. 

But it also has privacy benefits because every transaction isn't stored in the main blockchain permanently. Instead, various transactions are grouped together, then recorded later on as one big transaction. This is not only useful for microtransactions (like buying a coffee in El Salvador) but keeping payments anonymous. 

Evan Kaloudis, the developer behind Zeus, a non-custodial Lightning wallet, told Decrypt that while using Lightning, it’s “virtually impossible” to find out who paid what. 

“Today Lightning has great privacy for senders,” he said. “Your employer shouldn't be able to see where you spend your paycheck. The convenience store you make a small purchase at shouldn’t be able to see how much money you have or where else you make purchases.”

But there are still issues with privacy on Bitcoin’s network, Rafe added, and it’s in our best interest to fix them. Why? Because government surveillance could increase with digital money, like central bank digital currencies (CBDCs)—centralized, digital versions of fiat money (i.e. the US dollar). CBDCs could, in theory, be used by big entities to monitor what we do

Governments around the world are in differing stages of building or researching such assets, with a number of Caribbean countries having already released one. But perhaps the biggest worry for the crypto community—or anyone concerned about privacy—is a CBDC that is used by an authoritarian regime, like China’s, to surveil people’s everyday lives. 

“The scary thing is, governments are tightening the surveillance of traditional finance too with CO2-points on credit cards, removal of cash, CBDCs and social credit scores,” said Rafe. “I don't believe they will allow monetary competition or a different system with different rules and freedoms.”

“If we want an alternative, we better build it quickly,” he said.

Get crypto news straight to your inbox--

sign up for the Decrypt Daily below. (It’s free).

Recommended News