The privacy Warnings have three levels of severity, and suggestions are actions you can take to keep your privacy intact. 

In this post, we’ll take a deep dive into what each of these warnings and suggestions mean, and how you can leverage them to maximize your privacy when using Wasabi.

Privacy Warnings Explained

Wasabi categorizes its warnings into three levels of severity: Critical, Warning, and Informational. Here are the 6 privacy warnings that Wasabi may give you when you send bitcoin. 

Transaction Interlinks Labels (Critical)

When you use Wasabi, you’ll be prompted to add labels to receiving and to destination addresses. 

When a coin reaches full privacy (anonymity score goal), the label is automatically removed because its traceability is broken. However, if you’re spending non-private or semi-private coins, you’ll be warned about their labels when you send them.  

This is what a warning might look like:

In addition, when you hover over it, a tooltip appears with more information.

 “Those entities know this is your transaction. Coinjoin more or use the label management tool to carefully select who would know that this transaction is yours.“

To resolve this, simply continue coinjoining to achieve full privacy for all your coins. 

Transaction Uses Non-Private Coins (Critical)

This critical warning is raised when your transaction spends coins that have not gone through Wasabi’s coinjoin, meaning they are easily traceable on the blockchain.

“Some entities can deanonymize this transaction because it spends coins with no privacy. Coinjoin more to have enough private coins for this transaction.” – Wasabi’s Tooltip

Transaction Uses Semi-Private Coins (Warning)

While better than non-private coins, this warning indicates that your transaction is spending coins that were part of a coinjoin but have not yet reached Wasabi’s anonymity score target.

“This transaction is not private enough because it spends not fully private coins. Coinjoin more to have enough private coins for this transaction.“

Consolidates Over 10 Coins (Warning)

It’s always better to avoid consolidating any coins, even fully-private ones, as it can only hurt their anonymity score. That said, if you only combine a few mixed coins, you may not reveal your pre-coinjoin transaction history, especially if you have done several re-mixes. 

Wasabi warns you about extreme cases such as consolidating (spending) more than 10 inputs in a single transaction, as this may allow observers to link your transaction history and negate the benefits of coinjoin mixing.

Transaction Uses Unconfirmed Funds (Info)

This warning appears when you attempt to spend coins that have not yet been confirmed on the blockchain, which carries many risks.

“This may cause your transaction to be rejected, or delay its confirmation, or cost more than needed to get it confirmed within the desired time. Wait for a confirmation to only use confirmed coins.“

Transaction Uses CoinJoining Funds (Info)

If your funds are currently part of a coinjoin, it’s better to be patient and to wait for it to complete before sending funds. 

“This may cause your transaction to be replaced by the coinjoin. Consider waiting for the current coinjoin to be finished before sending this transaction.” />

Transaction Creates Change (Info)

Creating change outputs in a transaction can potentially compromise your future privacy, although the impact isn’t immediate.

“Change can be used to link this transaction with the next transaction that will use it. Use the change avoidance suggestion to send a little more or less if this is OK for the receiver, or coinjoin the change later.”

This brings us to the next part, Wasabi’s Privacy Suggestions. 

Improve your Privacy with Wasabi’s Suggestions

In addition to warnings, Wasabi provides suggestions to help you make your transactions more private. Suggestions appear when there is room for improvement, such as when sending 10% less would avoid creating change. 

Everyone’s favorite part is that suggestions are clickable, they’re easy to implement. Let’s take a look.  

Better Privacy

If sending a little less would avoid using non-private coins, this suggestion will appear. 

Full Privacy

If sending a little less would avoid using non-private and semi-private coins, this suggestion will appear. 

Change Avoidance

Change avoidance works both ways, you can either send less or send more to avoid creating change.

Label Management

When you have interlinked labels, you’ll be able to choose the labels you want to link with this transaction. 

Conclusion

As you can see, Wasabi’s warnings and suggestions provide a wealth of information to help you create truly private bitcoin transactions. 

Pay close attention to the critical and important warnings, as they indicate potential privacy risks, and easily resolve privacy warnings by clicking on the suggestions. 

Download Wasabi Wallet.

The post Only in Wasabi: Privacy Warnings and Suggestions appeared first on Wasabi Wallet - Blog.

In this article, we’ll explain how Wasabi coinjoin fees work, how it differs from Wasabi Wallet 1 with Free Remixing, what Friends don’t pay means, the importance of accessibility in coinjoin transactions, what Plebs don’t pay means, why mining fees are never waived, and finally how to minimize mining fees in a high-fee environment.

Basic Explainer of Wasabi Coinjoin Fees

There are two types of fees in a coinjoin transaction: coordinator fees and network mining fees.

As with all bitcoin on-chain transactions, there’s a network mining fee proportional to the amount of space your inputs and outputs consume. This is also true for Wasabi coinjoin transactions; you pay for the space you use. For example, if you have two P2WPKH inputs and two P2WPKH outputs, your transaction size is 209 virtual bytes. If the fees are 50 sats / vbyte, you will pay 10450 sats in mining fees. 

In a coinjoin transaction, a coordinator (default is zkSNACKs) takes care of the complex communication between all the participants and receives a fee for the hefty task. This allows users to gain privacy. This fee is 0.3% of the total bitcoin you bring to a coinjoin round, so if you bring 3,000,000 sats (0.03 BTC), you will pay 9000 sats in coordinator fees.

Unlike Wasabi Wallet 1.0, where you paid coordinator fees on every transaction, since the 2.0 release you pay upfront on your first coinjoin transaction and then enjoy free remixing.

Pay Coordinator Fees Upfront: Free Remixing

It doesn’t matter if you participate in 1 or 100 coinjoin transactions with the same bitcoin, you will only pay coordinator fees for the first one. This allows you to enjoy additional privacy at a massively reduced cost.

How is this possible?

Whenever you join a coinjoin round, the coordinator can detect that your UTXOs (unspent transaction outputs) are from a previous Wasabi coinjoin, and therefore waives the coordinator fees for those coins. 

But what if the ownership of coins changes hands between two coinjoin transactions? Would the same apply? Yes, and this is what we call Friends don’t pay.

Friends Don’t Pay

The “Friends Don’t Pay” feature allows users to coinjoin as many times as they want for as long as they want at no additional cost other than the mining fee. 

This is great for liquidity as users are incentivized to coinjoin many times to improve their own privacy, making coinjoins better, faster and stronger for everyone! Anyone can coinjoin multiple times for 0% coordinator fees. 

Just send some previously coinjoined bitcoin to your friends and family members and watch them enjoy the benefits of acquiring privacy without having to pay coordinator fees. That must feel pretty awesome.

But wait, there’s another way to avoid paying the coordinator fees.

The Importance of Accessibility in Coinjoin Transactions

Before we get into the Plebs don’t pay feature, we want to reiterate our commitment to the accessibility of coinjoin transactions. We’re always working to improve on this front, whether it’s making the software more performant for low-bandwidth users as we did with the 2.0.4 release, or by adding the “Buy Anything Button” to allow you to purchase literally anything with your coinjoined bitcoin. 

The most important way to improve accessibility is to lower fees, and we’re doing that with Plebs Don’t pay.

Plebs Don’t Pay

If you participate in a coinjoin transaction with less than 1,000,000 sats (0.01 BTC), you will never pay any coordinator fees. Not a single sat. 

Wasabi is the only coinjoin protocol that waives coinjoin coordinator fees for users with small amounts of bitcoin,  often referred to as the bitcoin plebs in various bitcoin community channels. 

I know what you’re thinking, you’re almost convinced to coinjoin, but the high network mining fee environment makes you doubt. Yes, you will pay zero in coordinator fees but you will end up paying more in mining fees. 

Well, read on to learn why mining fees are crucial and shouldn’t be waived, and how to minimize your coinjoin transaction mining fees.

Why Mining Fees Should Never Be Waived

By enforcing mining fees for all coinjoin participants, we ensure an economic cost for everyone and collapse the opportunity for sybil attackers.

What is a Sybil attack? 

The U.S. National Institute of Standards and Technology defines it as: “A cybersecurity attack wherein an attacker creates multiple accounts and pretends to be many persons at once.”

Coinjoins work because many participants join together to form collaborative bitcoin transactions. The privacy gain is strictly correlated to the diversity of participants, and a Sybil attack in this context means that an attacker can fool others into believing that they are many different people, when in fact they’re only one.

This could theoretically be taken to the point where you think you’re with dozens of participants, when in fact you’re with only one attacker. This could easily compromise your privacy.

By never waiving network mining fees, we ensure that Sybil attacks have a cost that will deter potential malicious attackers.

Now for something practical…

How to Minimize Mining Fees

When you set up a wallet on Wasabi, you will be asked to choose a coinjoin strategy between Minimize Costs, Maximize Speed, and Maximize Privacy. The first two strategies aim for an anonymity level of 5, and the last one is a random number between 50 and 100. You can also customize the parameters.

The Minimize Costs strategy will ensure that you only participate in coinjoins that take place at times of the week when there’s less pressure on the network mining fee market, so you can minimize the fees you pay.

You can change coinjoin strategies at any time in your coinjoin settings.

Conclusion

The next time a friend wants to coinjoin but is hesitant because of the fees involved, be sure to point them to this blog article so they can understand the many ways they can pay zero coordinator fees and minimize their mining fees. 

No doubt he’ll be grateful to you!

Download Wasabi Wallet.

The post Friends and Plebs Don’t Pay Wasabi Coinjoin Fees appeared first on Wasabi Wallet - Blog.

A BIP39 passphrase is an additional layer of protection for your bitcoin wallet; it acts as the 13th word to your 12-word seed phrase, or the 25th word if you have a 24-word seed phrase. If you lose your passphrase, you will lose access to your wallet and won’t be able to recover your funds.

A bitcoin wallet password is a way to lock your wallet application, and in the case of Wasabi Wallet, it’s the same as a BIP39 passphrase. However, in other wallets, it will only lock you out of the wallet, but you will be able to recover with your seed phrase without the need for the password.

In this article, we will explain what BIP39 is, the benefits and tradeoffs of passphrases, how to properly back them up, and how they differ from regular passwords.

What is BIP39?

BIP39 is a bitcoin improvement proposal from 2013 that revolutionized the way bitcoin wallets work. Here’s the description straight from the BIP:

“This BIP describes the implementation of a mnemonic code or mnemonic sentence — a group of easy-to-remember words — for the generation of deterministic wallets.”

Today, BIP39 is the standard for how bitcoin wallets work. You create a wallet and you get a set of words, often 12 or 24, and if you back up that property, you can retrieve your wallet anywhere, anytime.

But what if someone other than you finds your seed phrase backup? They would have instant access to your money, and you wouldn’t be too happy about it.

What can be done to solve this problem?

What is a Passphrase?

To add an extra layer of protection to your wallet, you can add a passphrase to protect your seed phrase. This passphrase can be anything you want; any combination of alphanumeric and special characters of any length.

When you set up Wasabi Wallet, you’ll be asked to enter a passphrase. This is a BIP39 passphrase, and you should take the time to understand that you will need this passphrase every time you want to use your wallet, and if you lose it, you will lose access to your funds.

As long as you understand and accept the tradeoff of losing access to your funds if you lose your passphrase, you’re ready to use it. Just make sure you back it up properly.

How to Properly Backup a Passphrase?

First, remember why you’re using a passphrase in the first place: to protect your seed phrase. The first step to properly handling your passphrase backup is to keep it separate from your seed phrase backup.

Then, you should test your passphrase and your full wallet backup before sending a significant amount of money to your wallet. Also, make sure you’re comfortable with the recovery process. 

Some people may tell you that you shouldn’t write your passphrase down anywhere and that you should memorize it, but they’re dead wrong. You should never make your memory your single point of failure, unless you have no choice, like crossing a border in a war zone.

So is there a difference between passphrases and passwords?

The Difference Between a Passphrase and a Password

The answer is that it depends on the wallet. In the case of Wasabi Wallet, there’s no difference between a passphrase and a password, they are used interchangeably.

However, in many other wallets, such as Blue Wallet, a password is not part of your wallet, it’s just a way to protect access to your application. This means that if you restore your wallet from your seed phrase backup, you won’t be asked for your password to access your funds, and you will be able to set a new password.

Conclusion

In this article, we explained what BIP 39 is, what is a passphrase, how passphrases help protect your seed phrase, how to properly back them up and the difference between a passphrase and a password.

Bitcoin self-storage isn’t too difficult, but you do need to take the time to familiarize yourself with the basics and feel comfortable with the recovery process. We recommend that everyone take the time to properly test their wallet backup so that they are not nervous when the time comes to do it for real.

The post What is the Difference Between a Passphrase and a Password? appeared first on Wasabi Wallet - Blog.

xPub stands for Extended Public Key while xPrivs stands for Extended Private Key. Simply put, xPubs and xPrivs are the parent keys that can allow a wallet to mathematically produce billions of child keys that work as public keys and private keys within your wallet.

As a Bitcoin user, knowing about xPubs and xPrivs will help you to:

• Discover ways to unlock more out of your Bitcoin experience
• Understand how xPubs and xPrivs affect the security and privacy of your bitcoin
• Know why the best bitcoin wallets use this

xPubs and xPrivs have not always been around since the beginning of Bitcoin wallets, here is why they were introduced.

Bitcoin Before xPubs and xPrivs

The first bitcoin wallet, Bitcoin-Qt, had a key-management problem. It generated private keys at random which were all stored on the computer in a wallet.dat file.

While this worked, there was a flaw in that users could lose their bitcoin when they accidentally deleted the file or fell victim to malware. In the case that you encrypt this file and forget your wallet’s password, there is no way to recover your funds.

For your funds to be safe as a Bitcoin-Qt user, you had to make continual backups of the newer versions of the wallet.dat file every time you made a transaction. Still, there was no solution for losing your password.

To make this less cumbersome, Bitcoin Improvement Proposal 32 (BIP32) was devised to change how private keys are generated. In the proposal, instead of Bitcoin wallets needing to generate private keys at random for every transaction, a wallet can have one master key that can generate other keys from itself in a predefined way.

Having a determined way to generate private keys means that:

• You only need to backup one (master) private key
• You have the convenience of using the private keys across different wallet applications

Here’s how one parent private key can replace multiple private keys:

How xPubs and xPrivs Work

The key-pair concept is inseparable from Bitcoin, where private keys are meant to sign transactions and public keys, derived from private keys, are used to receive transactions.

When it comes to xPubs (Extended Public Keys) and xPrivs (Extended Private Key) they also  serve as public keys and private keys, only in a morphed manner. Their “extendedness” gives them the ability to derive more child private keys and public keys. And just as in normal private keys and public keys, the extended public key is generated from an extended private key.

What’s more, all derived child keys can also derive their own future generations of grandchild keys. But even with continued derivation, all derived keys always carry the unique signature (like DNA) of their parent keys throughout their generation. It’s this family-tree-like derivation process that serves as the origin of a new breed of Bitcoin wallets, hierarchical deterministic wallets.

In hierarchical deterministic wallets (also called HD-wallets), a specific tree-path/branch is selected from which future child keys will be held in. And by having the parent keys, which are the xPub and xPriv, you can traverse through all branches to check for child keys.

The convenience of having a master key to derive all possible keys generated opened a new world in Bitcoin where users no longer have to make the decision between better privacy or easy backups.

xPubs and xPrivs in Action

You Can Have Many Accounts in One Wallet

By having a parent key that can generate many child keys, a wallet can derive child private keys and child public keys that serve as parent keys for new wallets within one main wallet.

As a user, you can find this useful if you wish to have multiple accounts within one wallet. You can use this to separate your financial concerns. For example, you could have an account for personal expenses, business, or even savings without needing to set up multiple bitcoin wallets.

Securing your Keys is Easier

Generating private keys at random meant you had many keys to backup. This is not the case with wallets that implement xPubs and xPrivs.

With parent keys that can deterministically generate child keys for all your wallet transactions, you’ll only have to backup one master key. This master key can be used to derive all other keys you previously generated to transact. Thus, you only need one backup to restore everything.

You Can Share Funds in One Bitcoin wallet

Since an xPriv can sign for transactions from any address generated by it, sharing it can allow other trusted parties to make payments on your behalf. For example, an organization can use the Master xPriv to give child keys to both the procurement and employee payments departments without giving either department the ability to spend each others’ funds.

With this in mind, sharing your xPriv should be done with extreme caution since anyone who holds your private key gains control over all your funds.

More Privacy for your Transactions

An xPub can generate multiple child public keys that can be used to receive funds. This is a simple way to improve privacy for Bitcoin transactions as it prevents linking transaction data together by reusing an address to receive unrelated transactions.

A Multi-Wallet Experience is Possible

xPriv and xPubs are the advancement in Bitcoin that allows users to use more than one wallet software application without creating multiple backups.

Using your wallet’s seed, any wallet application can derive both the xPub and the xPriv and recover coins that you previously received with another wallet.

Despite this, there is always a challenge when wallets use different schemes to derive keys. As a user you can benefit from checking for Bitcoin wallet compatibility before switching vendors.

Payments are Secure With Untrusted Parties

Since private keys have full control of your wallets, storing them on an Internet connected device to accept payments may be sub-optimal. Particularly, if you store your private keys on an unsecure payment processor to generate addresses, any breach can lead to the loss of your funds.

Instead, with an xpub you can generate multiple payment addresses without having to expose your private keys to potential threats.

The post xPubs & xPrivs appeared first on Wasabi Wallet - Blog.

The best way to know how much KYC affects your privacy is to ask: What could happen to your KYC data behind closed doors?

A little digging can reveal that a lot more goes on with your data; some of which you would never willingly consent to. Among other things:

• Your KYC data is shared with other parties
• Your KYC data enables the monitoring of your behavior
• Your KYC data is sometimes leaked in data breaches

Why The Name KYC Is Misleading

Going by definition, the KYC process exists to identify you as a customer. But the name makes it easy to overlook what happens after the customer is known. How?

When it comes to the traditional KYC processes, the following three steps will be involved:

• Identification –  You offer personally identifiable information to the service provider, i.e. name, date of birth, address, or even tax id numbers issued by a government
• Verification – The information is checked for validity
• Monitoring and due diligence – Activity tied to the identity is tracked for any misconduct

Visibly, the name KYC barely hints at the existence of the third step where your activity utilizing the service is tracked alongside your verified identity. It’s the third step that consequently holds the most implications on your privacy in the following ways:

1.  KYC Makes Money The Perfect Surveillance Tool

Before money became all bits, having an identity was a necessary part of enabling banks to function. It was only in this way that money could be accounted for. Without an identity, chances are that money could often end up in the wrong hands. Furthermore, only having a verifiable identity would allow for responsible action in the case of liabilities or misconduct.

Although all money existed in the form of paper and balance books as large physical books, financial institutions could still know financial information about their customers. But unlike before, tracing users’ transactions was greatly limited for one key reason. It was an extremely labor-intensive task. The challenge posed meant that tracking users’ transactions only had to be viable when there were strong motivations to do so.

Fast forward to today and even the weakest motivation to trace and track user activity is backed by computers that can store huge amounts of data and retrieve it quickly. The result is that encroaching on users’ privacy is easier than ever before.

With a mouse click, one person can have an entire list of all your transactions throughout your lifetime, down to a single cent. Even further, your transactions can be tracked as you make them in real-time.

How Much Data Do You Give Away?

Using the data tied to your KYC, a lot more information can be gleaned from your transactions. For example, a coffee charge on your card lets someone know your addictions, or your donation to a cause reveals your political standing.

Furthermore, the use of KYC means that users end up being categorized based on their identities and activities in the real world. These categories are created based on your activities within the service you signed up for or from perceived opinions you may keep.

For example, frequent travel overseas can put you on a travel risk list, or close association with a government faction can make you labeled as a politically exposed person. It is for these reasons that KYC is the easiest way for someone to encroach upon your private life.

2. Your Data Is Shared And Sold

Your KYC information and data generated from it has immense value because it is an extension of your real life. Selling your data often happens because you likely signed away some rights in a complex terms of use that is not read 99% of the time.

When it comes to KYC, the personally identifiable information fetches a higher price, creating a stronger incentive to sell your data for profit.

The data is used in marketing campaigns, promotions, and even more recently, to train commercial AI models. This reinforces the paradigm that data is the new oil and users are the new oil wells.

Additionally, users’ information is shared with other parties to meet compliance mechanisms put in place. For example, data relating to your trading activities is shared with tax authorities, or data from your medical facility is shared with insurance.

The sum result is that the user’s KYC information ends up in more hands than what would be acceptable, compounding to a situation where users’ privacy is habitually out of their control.

3. Your KYC Data is a Hacker’s Dream

The personally identifiable information held in KYC is the most valuable information a hacker could get their hands on.

What aggravates this further is the fact that KYC information is handled by third parties. These third parties act as verifiers and also tend to keep the data for much longer than they are obligated to.

Understandingly, keeping a huge amount of sensitive data puts a target on their back by hackers. What’s more, providing KYC data to multiple services results in your data being exposed across multiple locations. Recent data breaches reveal that even the biggest companies get hacked.

When cyber attacks are successful, hackers get away with valuable user information. The private information collected is the biggest catalyst for identity theft and encourages other cyber threats such as phishing.

And while measures are often put in place to protect user data, often the best solution would have been if such personally revealing information was never collected in the first place.

The KYC Dilemma: Trust or Privacy

The idea behind KYC is that for you to be trusted, you need to reveal as much personally identifiable information as possible. This is the only way you can be accountable as a user.

From a regulatory point of view, tracking and invading the privacy of all is taken as the right way to prevent the misdoings of a few bad actors.

But how much privacy should be traded away for trust to exist?

The solution lies in applying more privacy-focused trust technologies or even yet, switching to trustless systems, like Bitcoin. Trust doesn’t always have to be dependent on vulnerability, especially when the vulnerability predisposes you to manipulation.

The post How KYC Affects Your Privacy appeared first on Wasabi Wallet - Blog.

Most Bitcoin users don’t run a node, which means they are relying on someone else’s. What this means is that someone else’s computer is trusted to propagate their outgoing transactions to miners, validate incoming transactions as legitimate, and store a copy of the blockchain. In this regard, running your own node is incredibly beneficial. You put into practice one of the most important principles of Bitcoin; one that has become a mantra in the Bitcoin community: Don’t trust; verify. Unless you run your own node, you’re relying on third parties to validate transactions, including your own. Running a node enables you – on your computer – to validate transactions on a completely equal level to everyone else on the Bitcoin network.

Transaction validation occurs in two separate instances. Validity is first checked when your node is listening for transactions relayed to its mempool that are not already in a block, and validation is done again after a block is mined to check transactions that your node’s mempool was not already not aware of. Before your node propagates transactions across the Bitcoin network, it checks that they are valid against a long set of criteria. The most important criterion for validity is that the sum of input values must be greater than the sum of outputs. In other words, your computer checks that all Bitcoin transactions are actually requesting to spend money that exists rather than counterfeiting new money. A host of other things are checked by your node when building a mempool including the transaction size, the fee, the locking and unlocking scripts, and much more. The second stage of node validation occurs after a new block has been found by a miner. Only valid blocks are propagated across the network, as each node independently ensures they are valid before forwarding them to their peers. This brings us to an important point: miners are not trusted parties. For example, nodes will reject a block if the Proof of Work is insufficient, or if the miner rewards themselves with a million new bitcoins. By running a full node, you quite literally trust no one. Instead of trusting, you verify.

In addition to benefiting you individually, running a node is a voluntary way to contribute to the entire Bitcoin project. Just by running the Bitcoin software on your computer, you are helping make Bitcoin more robust and decentralised. We said at the beginning that all Bitcoin needs to exist is two nodes – which is true. But when there are more nodes in different geographic locations, it becomes increasingly complex to coordinate a simultaneous physical attack on the Bitcoin network. It is this distribution that makes it possible for there to be rules without rulers. Decentralisation is not only the key philosophy of Bitcoin from an ideological standpoint, but necessary for its survival. Previous forms of electronic money failed because their dependence was concentrated in one physical location. Bitcoin, in contrast, has no single point of failure. Bitcoin can’t be externally stopped because there’s no headquarters to bomb, raid, or shut-down. The more people run nodes, the more this statement holds true.

Thousands of computers running the Bitcoin software produce the blockchain, which is an immutable record of every transaction in Bitcoin’s history. Bitcoin’s immutability is enforced physically since an infeasible amount of Proof of Work would be required to change transaction history. Bitcoin’s immutability is also enforced socially since everyone must agree on the same rules for transactions, not just the order of transactions. Any user who changes the rules in their favor does not derail or destroy the software for everyone else, the cheating node merely creates an invalid fork that no other nodes besides its creator recognize as legitimate. The Bitcoin blockchain is a record of historical truth that cannot be deleted. It is not stored centrally or changed easily. By running your own node, you make the Bitcoin blockchain that much more indestructible.

Thus, Bitcoin’s success has necessitated the collective impact of thousands of volunteers running nodes. This small action makes Bitcoin that much stronger and decentralised. But perhaps more importantly, it means that you are in complete control. You are verifying that everyone else is playing by the rules, that no one cheats in the monetary system you are a part of. You are doing your part creating an “electronic payment system based on cryptographic proof instead of trust, allowing any two willing parties to transact directly with each other without the need for a trusted third party”. Running a Bitcoin node is the wonderful intersection of individualism and altruism. You should give it a try.

The post The Benefits of Running a Full Bitcoin Node appeared first on Wasabi Wallet - Blog.

Inherent to the way Bitcoin works, however, is that when personally identifying information is attached to bitcoin transactions, it can be possible for external parties to track who is doing what with their bitcoin, which can have a negative impact on Bitcoin’s privacy-bolstering potential.

A coinjoin is a special kind of bitcoin transaction where two or more people’s transactions are combined, which breaks the link between transactions, improving each coinjoin participant’s privacy. When Bitcoin users have the ability to selectively reveal themselves to the world, everyone benefits.

Let’s take a closer look at how coinjoins work, how they can benefit you, and how Wasabi Wallet is making coinjoin transactions both more powerful and accessible to everyone.

Why use coinjoin?

One big benefit of coinjoin transactions is that they don’t necessitate any kind of modifications to Bitcoin’s protocol. They’re also trustless and can be easily implemented within privacy-minded bitcoin wallets like Wasabi Wallet.

Wasabi Wallet is open-source, trustless by design, and non-custodial, which means that it provides full transparency and sovereignty to users.

In a world where a lot of initiatives are hellbent on collecting as much information about you as possible, it’s imperative to seek out software that values your privacy and prioritizes its own transparency.

Coinjoin makes Bitcoin better

Coinjoin transactions remove the link between which outputs are being paid by which inputs. Since users’ bitcoins are mobilized in these transactions, users need the assurance that their bitcoins are secure through each step, which is facilitated through the trustless design of wallets like Wasabi.

Centralization is sometimes positioned as a necessary step in encouraging the kind of widespread adoption needed to facilitate Bitcoin’s ability to transform digital transactions globally. But this is a kind of paradox—modifying Bitcoin so that it more closely resembles existing financial infrastructure reduces its ability to disrupt existing financial infrastructure.

Rather, user-friendly Bitcoin tools that emerge from privacy-minded communities can pave the way for use of the Bitcoin network that makes it truly the currency for everyone, keeping users themselves in the driver’s seat, rather than centralizing forces.

Privacy issues inherent to Bitcoin

The importance of financial privacy is self-evident.  Nobody wants everyone to know exactly where they spend their money. Freedom is found in choosing how we reveal ourselves, not through knowing everything about everyone.

The privacy of Bitcoin can be compromised in a few ways. Some Bitcoin privacy issues are related to how users spend or receive their coins, such as using the same address to receive payments from multiple sources. Other privacy issues are caused by how your wallet connects to the Bitcoin network, which can be improved by using Tor to disguise your interactions and by using your own Bitcoin node to find the balance of your addresses, for example.

Other areas of Bitcoin privacy concern come as a result of direct efforts by regulatory bodies to surveil bitcoin users and can be improved upon by avoiding unscrupulous exchanges. Invasive “know your customer” policies are in place at centralized cryptocurrency exchanges that require the collection of an array of users’ personal information. Many Bitcoin-based projects are under pressure to collect as much of users’ data as they can.

Improving bitcoin’s Fungibility

Fungibility is an important feature of successful currencies. If some bitcoins are valued more than others because of the history of the transactions they’ve been involved in, then bitcoin can’t be exchanged evenly, which limits functionality. When there’s a dichotomy between there being “clean” and “dirty” bitcoins, users don’t benefit.

Coinjoins are an effective solution when it comes to bitcoin’s fungibility. One erroneous sentiment holding back the adoption of coinjoin transactions is the idea that simply performing coinjoin transactions could be an indicator of evasive behaviour, and that fresh coins should be approached with skepticism.

When coinjoin transactions become the norm, it’s good for everyone who uses Bitcoin. The more coinjoin transactions are completed, the closer a world wherein worry about what transactions your bitcoin was associated with in the past is not a factor.

Coinjoining is customizable

Performing coinjoin transactions using Wasabi Wallet couldn’t be easier. Coinjoin transactions take place automatically in the background of Wasabi Wallet. By default, Wasabi’s coinjoin transactions start being built automatically when the value of non-private coins is above or equal to the auto-start coinjoin threshold. However, the coinjoin process can be set to begin manually, too.

When you use Wasabi Wallet, you can customize what kind of coinjoin strategy should be adhered to. Coinjoin transactions with Wasabi are always affordable, speedy, and private, but Wasabi coinjoins can be specifically set to keep costs at a minimum, to maximize speed, or to make privacy the highest priority, depending on your goals.

Coinjoins are affordable, or even free

With Wasabi Wallet’s customizable coinjoin behavior, users can instruct their wallet to wait in the background whenever transaction fees are high and only participate during the cheapest parts of the week.

There is an optional fee collected by the coinjoin coordinator.  Newly received inputs larger than 0.01 BTC  pay a 0.3% coordinator fee. For amounts smaller than 0.01 BTC, the coordinator does not charge a fee at all. Remixing private coins is free of coordinator fees, as well as coinjoining coins that are just one hop away from a coinjoin transaction, such as your change from making a payment, or even a payment received from another Wasabi Wallet user.

Wasabi Wallet offers both power and simplicity

Bitcoin’s development originally emerged out of the work of privacy-minded online communities that had a vision for a decentralized currency that didn’t require interference from centralized banks or other intermediaries.

As Bitcoin awareness and use have become more integrated into mainstream society, there has been a slow creep towards centralization and regulation that runs counter to the ideals that Bitcoin was created in accordance with.

Wasabi Wallet offers users the ability to use Bitcoin the way it was originally envisioned—private, secure, and efficient. Importantly, Wasabi is easy to use, offering users the ability to take control of their own privacy without advanced knowledge of transactions or protocols. The best way to unearth the powerful simplicity of Wasabi Wallet is by taking it for a spin yourself.

The post What are the Benefits of Coinjoin? appeared first on Wasabi Wallet - Blog.

Although Bitcoin makes for a generous gift, you might be giving away more than you realize when making a transaction. Because Bitcoin is a public ledger, the addresses that sent you money become known by the addresses you sent the money to next.

In this blog post, we’ve outlined a few simple steps to send Bitcoin anonymously with Wasabi Wallet – a surefire way of upgrading your gift-giving skills and orange-pilling your family and friends.

Step 1

If you are using Bitcoin privately for the first time, download Wasabi and write down your wallet recovery words on a sheet of paper.

Step 2

Choose a password that you will not forget for your wallet. You will enter your password later in order to send your gifts, and there is no way to recover your password.  Next, choose your highest priority for coinjoins:  Savings, Speed or Privacy.

Step 3

Create a new address for receiving the Bitcoins you want to make private. Wasabi requires you to make a note to remind yourself who sent these coins to you in order to help you keep track of your privacy.

Step 4

After you have BTC in your wallet, the coinjoin box and privacy progress bar will appear. Coinjoins will not start automatically for amounts under 0.01 BTC in order to save mining fees, but you can click play to start coinjoining any amount over 0.00005000 BTC.

Step 5

The box at the bottom of the screen tracks the stages of the coinjoin signing process. All you have to do is sit back and wait while your coins are being bundled with other Wasabi users.

Step 6

After the coinjoin finishes, you will see your privacy progress has increased. Click the green bar to see the value and anonymity score of the inputs in your wallet.

Step 7

Now, you can send the gift of Bitcoin privately to your family member and the gift’s recipient can not be tracked by the exchange or customer you originally received your Bitcoin from!

The post How to Gift Bitcoin Privately appeared first on Wasabi Wallet - Blog.

In his work “A Cypherpunk’s Manifesto” Eric Hughes wrote, “Privacy is the power to selectively reveal oneself to the world.” The weight of this comment may not be immediately obvious but is increasingly relevant in our day-to-day lives.

The importance of online privacy is relevant to everyone—not just users who are looking to avoid the scrutiny of authorities for reasons related to questionable activities. Even users who are comfortable with having their every move online tracked should be aware that large data breaches regularly occur at major companies and governments. These events expose users’ personal data to hackers, which can be exploited in various ways.

Everyone on the Internet Should Understand Online Privacy. But do they even care?

As a journalist and online privacy advocate, Glenn Greenwald pointed out in a widely-circulated 2014 TED talk that the Internet was, at one time, thought of as a new frontier for democratization and liberation. According to Greenwald, the internet could now be considered a “zone for mass surveillance”.

Greenwald claims that some feel there’s no harm in mass online surveillance because it only threatens those who are engaging in illegal activities. This line of thinking includes the idea that only those who have something to hide should be concerned about their privacy. It frames the notion that some people wouldn’t want to share every aspect of their lives with the government as defensive behavior. In 2010, Facebook’s founder, Mark Zuckerberg, claimed that privacy should not even be expected online as it is no longer a social norm. This is a dangerous belief, which unfortunately seems widely accepted in mainstream narratives despite its negative effects on individual liberties. Why should one care about privacy? Is one truly free to speak without it?

According to one study published in 2022, more than half of internet users are concerned about their online privacy. Let’s take a look at some key concepts and terms relevant to online privacy and steps users can take to better control and protect their data.

Important Concepts Linked to Online Privacy

Common concerns that relate to online privacy may include the preservation of sensitive personal and financial data and users having a say in who they are advertised to.

Personal Data

Personal data is any information that can be used to identify you. It can include your name, address, social insurance number, birthday and can also extend to your entire financial, educational, employment and medical history. Information including online identifiers and browsing history can also be considered personal information. One qualifier that defines personal data is that it is clearly about one particular person.

Personal data is considered valuable by advertisers and regulatory bodies alike, and the collection and sharing of users’ personal data is an important aspect of how many companies and apps are configured. Personal data is collected by websites, social media platforms, employers and more. This data is stored on web servers across the world, often changing hands in ways that are unknown by the users themselves. The selling of data is often part of the fine print and terms of service when using apps and websites, and is defined under things like GDPR or CCPA.Such regulations are often thought of as privacy friendly, but really only state that you have to consent to the sale of your personal data.

Online Encryption

One step that users can take to make themselves less vulnerable online and to put their privacy more into their own hands, is by focusing on apps and software that offer encryption. Encryption refers to the scrambling of the data stored and shared online, aiming to allow only trusted entities to interact with personal data.
Encryption ensures that only those with the relevant access keys are able to view the related content. It allows users to have more, but not ultimate, security over the information they share. Using a secret passphrase known only to the sender and receiver to unlock information is an excellent way to improve your security.

End-to-end encryption refers to encryption wherein only a user and their intended recipient are communicating without the ability of even the communication service to view or collect users’ data. While some messaging services are said to offer end-to-end encryption, some online security advocates challenge these claims as the services may provide “backdoor” access to government bodies. Oftentimes, the justification for this is to collect data necessary for fighting crime.

Threats to Online Privacy

When it comes to ways of protecting personal data, there are steps that individuals can take to decrease the risk of security breaches and minimize the amount of information readily available to unwanted external parties. Tools from ethical, security-minded companies can help users store and share data with more control, making use of the latest web security technology.

While taking steps at the individual level can enhance users’ online privacy, there are policies at the institutional level that can make it difficult to avoid the collection and sharing of personal data. In these cases, simply learning about policies and programs that involve your personal data is a way of being more aware of circumstances when your data could be collected, and of knowing how it could be used.

Mass Surveillance

Signing up for any new online account or app often involves agreeing to a range of terms and conditions wherein users permit organizations to collect agreed-upon information in exchange for the use of the application. Whether it’s on computers or phones and whether or not users are aware of what information is being collected, government bodies and private organizations alike are able to create detailed profiles of people based on data they willingly provide to websites. Often, users don’t even read the terms and conditions when signing up for a new service.

Controlling the amount your private data is collected may be increasingly relevant as smart cities that adopt surveillance technologies become more prevalent. Mindful online conduct may include making a list of each of the accounts and online services you subscribe to and determining whether the information you knowingly provide to each of these entities is worth the benefits of each service.

Online Privacy Regulations

Data breaches affecting companies as large as Facebook have sparked conversations as to the degree of involvement government policies should have regarding the collection and use of personal data. While government regulation is often necessary to lay the foundation for public market participation, the excess of such is also a risk factor that commonly limits progress.

As whistleblower disclosures have shown, government bodies themselves may also collect and use data in ways that average internet users could not have anticipated or foreseen. In the United States, for instance, all phone and internet data has been monitored by Federal law enforcement since the ‘90s. This data is unfathomably vast, so agencies including the NSA and the FBI create systems that analyze this data for use by intelligence and local law enforcement agencies.

Software Vulnerabilities and Secure Protocols

There are a number of security risks associated with typical internet usage. Free, public Wi-Fi is becoming increasingly available—which is a boon for those who work on the go and those with limited data plans—but these free, public Wi-Fi networks can be easy targets for those seeking access to users’ personal data for nefarious purposes.

Adversaries can access unsecured devices on public networks, which can provide unfettered access to important personal information including credit card data, passwords and personal documents. When users’ privacy settings allow for file-sharing across a network, it’s an opportunity for hackers to implant malware on users’ devices, further compromising their online privacy.

There are steps diligent users can take to make themselves less vulnerable when using unsecured networks. A VPN (virtual private network) creates a private network on top of an existing public network, improving security. VPNs also often include encryption, making stolen data less useful to hackers.

HTTPS is a protocol that helps to protect data by preventing access from parties aside from the primary user and the server they’re accessing, using encryption and a series of communication exchanges referred to as a “handshake.” Other security-minded steps include turning off sharing on devices on public networks and keeping Wi-Ffi off, aside from when it’s being used as devices are known to transmit some data even to networks users aren’t connected to.

Online Privacy and Bitcoin

Bitcoin is seen by many as being a new frontier for digital privacy. Its potential for decentralization means that users have more ability to control their own data and to have more agency in controlling decisions that relate to their privacy.

However, Bitcoin transactions are, by design, not confidential. Transactions on the block chain are secure, but their details are publicly viewable. When bitcoin is obtained in a way that is linked in some way to a user’s identity, and when information about transactions is shared, its pseudonymity in future transactions is easily negated. For example, if a user makes an online purchase using bitcoin, but does so through a regulated exchange which requires the completion of KYC processes, then pseudonymity can easily be compromised.

There are inherent issues associated with many bitcoin exchanges and users may be left with a sense of uncertainty with regards to how their personal data is being used. Developers may be able to collect sensitive personal information and the exchanges themselves are vulnerable to hacks, as seen in the Mt. Gox debacle and many since.

Wasabi 2.0

Initiatives like Wasabi Wallet—which offer anonymous communication using the Tor network, coin mixing and non-custodial personal control over private keys—can go a long way towards putting users in control of their bitcoin and retaining their privacy online.

The anonymization strategy employed by Wasabi Wallet and other Bitcoin privacy solutions is called coinjoin. Coinjoins are a collaborative bitcoin transaction. Users send their bitcoins to themselves with other users at the same time to reclaim their privacy. When the transaction occurs, everyone’s bitcoins are mixed with one another to make it much harder, if not impossible, to trace their transaction history.

As technology continues to grow into nearly every aspect of our lives, privacy as a resource is growing more scarce. We recommend the use of privacy tools, like Wasabi Wallet, to maintain your right to privacy. Consider taking control of your personal information to defend yourself from the intended (and unintended) repercussions of our increasingly digitised society.

The post Why Privacy appeared first on Wasabi Wallet - Blog.

In his work “A Cypherpunk’s Manifesto” Eric Hughes wrote, “Privacy is the power to selectively reveal oneself to the world.” The weight of this comment may not be immediately obvious but is increasingly relevant in our day-to-day lives.

The importance of online privacy is relevant to everyone—not just users who are looking to avoid the scrutiny of authorities for reasons related to questionable activities. Even users who are comfortable with having their every move online tracked should be aware that large data breaches regularly occur at major companies and governments. These events expose users’ personal data to hackers, which can be exploited in various ways.

Everyone on the Internet Should Understand Online Privacy. But do they even care?

As a journalist and online privacy advocate, Glenn Greenwald pointed out in a widely-circulated 2014 TED talk that the Internet was, at one time, thought of as a new frontier for democratization and liberation. According to Greenwald, the internet could now be considered a “zone for mass surveillance”.

Greenwald claims that some feel there’s no harm in mass online surveillance because it only threatens those who are engaging in illegal activities. This line of thinking includes the idea that only those who have something to hide should be concerned about their privacy. It frames the notion that some people wouldn’t want to share every aspect of their lives with the government as defensive behavior. In 2010, Facebook’s founder, Mark Zuckerberg, claimed that privacy should not even be expected online as it is no longer a social norm. This is a dangerous belief, which unfortunately seems widely accepted in mainstream narratives despite its negative effects on individual liberties. Why should one care about privacy? Is one truly free to speak without it?

According to one study published in 2022, more than half of internet users are concerned about their online privacy. Let’s take a look at some key concepts and terms relevant to online privacy and steps users can take to better control and protect their data.

Important Concepts Linked to Online Privacy

Common concerns that relate to online privacy may include the preservation of sensitive personal and financial data and users having a say in who they are advertised to.

Personal Data

Personal data is any information that can be used to identify you. It can include your name, address, social insurance number, birthday and can also extend to your entire financial, educational, employment and medical history. Information including online identifiers and browsing history can also be considered personal information. One qualifier that defines personal data is that it is clearly about one particular person.

Personal data is considered valuable by advertisers and regulatory bodies alike, and the collection and sharing of users’ personal data is an important aspect of how many companies and apps are configured. Personal data is collected by websites, social media platforms, employers and more. This data is stored on web servers across the world, often changing hands in ways that are unknown by the users themselves. The selling of data is often part of the fine print and terms of service when using apps and websites, and is defined under things like GDPR or CCPA.Such regulations are often thought of as privacy friendly, but really only state that you have to consent to the sale of your personal data.

Online Encryption

One step that users can take to make themselves less vulnerable online and to put their privacy more into their own hands, is by focusing on apps and software that offer encryption. Encryption refers to the scrambling of the data stored and shared online, aiming to allow only trusted entities to interact with personal data.
Encryption ensures that only those with the relevant access keys are able to view the related content. It allows users to have more, but not ultimate, security over the information they share. Using a secret passphrase known only to the sender and receiver to unlock information is an excellent way to improve your security.

End-to-end encryption refers to encryption wherein only a user and their intended recipient are communicating without the ability of even the communication service to view or collect users’ data. While some messaging services are said to offer end-to-end encryption, some online security advocates challenge these claims as the services may provide “backdoor” access to government bodies. Oftentimes, the justification for this is to collect data necessary for fighting crime.

Threats to Online Privacy

When it comes to ways of protecting personal data, there are steps that individuals can take to decrease the risk of security breaches and minimize the amount of information readily available to unwanted external parties. Tools from ethical, security-minded companies can help users store and share data with more control, making use of the latest web security technology.

While taking steps at the individual level can enhance users’ online privacy, there are policies at the institutional level that can make it difficult to avoid the collection and sharing of personal data. In these cases, simply learning about policies and programs that involve your personal data is a way of being more aware of circumstances when your data could be collected, and of knowing how it could be used.

Mass Surveillance

Signing up for any new online account or app often involves agreeing to a range of terms and conditions wherein users permit organizations to collect agreed-upon information in exchange for the use of the application. Whether it’s on computers or phones and whether or not users are aware of what information is being collected, government bodies and private organizations alike are able to create detailed profiles of people based on data they willingly provide to websites. Often, users don’t even read the terms and conditions when signing up for a new service.

Controlling the amount your private data is collected may be increasingly relevant as smart cities that adopt surveillance technologies become more prevalent. Mindful online conduct may include making a list of each of the accounts and online services you subscribe to and determining whether the information you knowingly provide to each of these entities is worth the benefits of each service.

Online Privacy Regulations

Data breaches affecting companies as large as Facebook have sparked conversations as to the degree of involvement government policies should have regarding the collection and use of personal data. While government regulation is often necessary to lay the foundation for public market participation, the excess of such is also a risk factor that commonly limits progress.

As whistleblower disclosures have shown, government bodies themselves may also collect and use data in ways that average internet users could not have anticipated or foreseen. In the United States, for instance, all phone and internet data has been monitored by Federal law enforcement since the ‘90s. This data is unfathomably vast, so agencies including the NSA and the FBI create systems that analyze this data for use by intelligence and local law enforcement agencies.

Software Vulnerabilities and Secure Protocols

There are a number of security risks associated with typical internet usage. Free, public Wi-Fi is becoming increasingly available—which is a boon for those who work on the go and those with limited data plans—but these free, public Wi-Fi networks can be easy targets for those seeking access to users’ personal data for nefarious purposes.

Adversaries can access unsecured devices on public networks, which can provide unfettered access to important personal information including credit card data, passwords and personal documents. When users’ privacy settings allow for file-sharing across a network, it’s an opportunity for hackers to implant malware on users’ devices, further compromising their online privacy.

There are steps diligent users can take to make themselves less vulnerable when using unsecured networks. A VPN (virtual private network) creates a private network on top of an existing public network, improving security. VPNs also often include encryption, making stolen data less useful to hackers.

HTTPS is a protocol that helps to protect data by preventing access from parties aside from the primary user and the server they’re accessing, using encryption and a series of communication exchanges referred to as a “handshake.” Other security-minded steps include turning off sharing on devices on public networks and keeping Wi-Ffi off, aside from when it’s being used as devices are known to transmit some data even to networks users aren’t connected to.

Online Privacy and Bitcoin

Bitcoin is seen by many as being a new frontier for digital privacy. Its potential for decentralization means that users have more ability to control their own data and to have more agency in controlling decisions that relate to their privacy.

However, Bitcoin transactions are, by design, not confidential. Transactions on the block chain are secure, but their details are publicly viewable. When bitcoin is obtained in a way that is linked in some way to a user’s identity, and when information about transactions is shared, its pseudonymity in future transactions is easily negated. For example, if a user makes an online purchase using bitcoin, but does so through a regulated exchange which requires the completion of KYC processes, then pseudonymity can easily be compromised.

There are inherent issues associated with many bitcoin exchanges and users may be left with a sense of uncertainty with regards to how their personal data is being used. Developers may be able to collect sensitive personal information and the exchanges themselves are vulnerable to hacks, as seen in the Mt. Gox debacle and many since.

Wasabi 2.0

Initiatives like Wasabi Wallet—which offer anonymous communication using the Tor network, coin mixing and non-custodial personal control over private keys—can go a long way towards putting users in control of their bitcoin and retaining their privacy online.

The anonymization strategy employed by Wasabi Wallet and other Bitcoin privacy solutions is called coinjoin. Coinjoins are a collaborative bitcoin transaction. Users send their bitcoins to themselves with other users at the same time to reclaim their privacy. When the transaction occurs, everyone’s bitcoins are mixed with one another to make it much harder, if not impossible, to trace their transaction history.

As technology continues to grow into nearly every aspect of our lives, privacy as a resource is growing more scarce. We recommend the use of privacy tools, like Wasabi Wallet, to maintain your right to privacy. Consider taking control of your personal information to defend yourself from the intended (and unintended) repercussions of our increasingly digitised society.

The post Understanding Online Privacy appeared first on Wasabi Wallet - Blog.