Privacy Archives - Wasabi Wallet - Blog https://blog.wasabiwallet.io/tag/privacy/ Wasabi Wallet Blog: Insights on Bitcoin Privacy & Tech Thu, 19 Sep 2024 21:26:47 +0000 en-US hourly 1 https://wordpress.org/?v=6.6.2 https://blog.wasabiwallet.io/wp-content/uploads/2022/05/cropped-ww_blog_icon-32x32.png Privacy Archives - Wasabi Wallet - Blog https://blog.wasabiwallet.io/tag/privacy/ 32 32 Why are we killing the Coordination Fee? https://blog.wasabiwallet.io/killing-coordination-fee/ Thu, 19 Sep 2024 21:25:04 +0000 https://blog.wasabiwallet.io/?p=3627 The cost of being an open source privacy preserving software and why we are killing the coordination fee

The post Why are we killing the Coordination Fee? appeared first on Wasabi Wallet - Blog.

]]>
This article is the first in a series to be published on Nostr and our blog that aims to explain our decisions and trajectory by clearly presenting technical aspects of our implementation of a Bitcoin privacy preserving wallet and the WabiSabi Coinjoin Protocol.

Being trustless and privacy preserving

As Sjors Provoost notes in the introduction to Bitcoin: A Work in Progress, “keeping open-source software free of money-stealing bugs” is an exceedingly difficult task, especially when such software handles funds. Potential exploits in code are visible to all, as are patches awaiting deployment.

For Wasabi, the challenge extends further, as clients participating in coinjoin must follow a coordinator’s lead—a third party whose code cannot be verified. We rarely break compatibility or force updates, meaning users on vulnerable versions will always exist if an exploit is discovered.

Wasabi has consistently been designed to empower clients against potential bad actors:

  • Reproducible builds
  • Minimal information transmitted to third parties (backend, coordinator, fee providers, etc.)
  • “Smart client, Dumb backend” architecture

The complexity involved in building a trustless system is both underappreciated and staggering. Trustlessness invariably comes at the cost of user experience, and these suboptimal workflows must be carefully refined to remain competitive against privacy-degrading or trust-based alternatives.

A prime example of this trade-off is block filters. While alternative wallets allow users to see their balance instantly by connecting to an Electrum server or similar backend solution, how do you retain users when your software first requires them to download 2.6 GB of filters, then download each relevant (or false-positive) block using the Bitcoin peer-to-peer network? To lighten this problem, significant resources have been invested in refining our synchronization process to optimize and ensure the privacy gain is worthwhile for most users.

Clients still need to receive some information from the coordinator: round start times, phase durations, mining fee rates, etc. This information is used to compute the round ID, which clients then use to build and verify everything happening in the round. Two clients receiving different parameters therefore cannot participate in the same round, ensuring a malicious actor cannot mine information by selectively sending different round parameters.

Why the coordination fee concept is not a fit here

The coordination fee rate is a field provided by the coordinator and included in the round parameters. However, this field is unique, as it involves a non-standard agreement: the client must pay this fee only once (concept of free remixes). This is central to how the wallet functions: the client automatically participates in rounds until reaching a certain privacy threshold. If the rounds don’t provide privacy, the client will continue to coinjoin indefinitely. Therefore a coordinator not offering free-remixes could create fast rounds not providing privacy and drain its users. We identified this problem, but the time it took to deploy a mitigation led to the only occurrence in our project’s history that some users funds have been exploited

Free remixes are not the only “workaround” implemented in our client to improve the coordination fee system. Another crucial case for proper user experience is the “1-hop doesn’t pay” rule. This means that if a payment is made using a coinjoin output and this payment produces change, the change doesn’t incur another coordination fee. This rule is essential because clients don’t control the size of their outputs. For instance, a user might receive only outputs of 1 BTC but need to make a payment of 0.1 BTC. The resulting change would not be private and would need to be remixed. Without the “1-hop doesn’t pay” concept, this would result in paying the coordination fee again. Like free remixes, this rule is not enforced by the WabiSabi protocol. To be protected against coordinators that might not offer this “fee grace,” clients would need to carefully select inputs for payments to minimize change value, sometimes at the cost of privacy.

In summary, the coordination fee relates to the implementation layer, and free remixes are not enforced by the WabiSabi CoinJoin Protocol. The protocol paper mentions it only as part of Wasabi’s implementation. The client must trust the coordinator to allow its inputs into rounds indefinitely after the initial payment. A coordinator could decide against offering free remixes, in which case the client must trust it to produce rounds that provide substantial privacy, at least worth the cost.

In other words, the coordination fee concept involves an element of trust. It creates an incentive for the coordinator to act maliciously and forces the client to be highly discerning in recognizing when the coordinator might be attempting to extract more money than it should.

Resources could have been invested during the zkSNACKs era to build a guaranteed risk-free implementation of the coordination fee rate and free remixes concept. However, because the only coordinator used at the time belonged to the same entity funding client development, this type of development was not prioritized, as we knew this coordinator would not breach trust.

This is no longer the case, and the project’s trajectory has changed significantly: resources are now extremely limited, and we prefer not to allocate precious developer hours to ensuring confidence in the coordination fee rate concept. Instead, we choose to allocate these resources to increasing software resilience, improving maintainability, and delivering impactful updates

The post Why are we killing the Coordination Fee? appeared first on Wasabi Wallet - Blog.

]]>
Wasabi Wallet 2.0.8 Release Post https://blog.wasabiwallet.io/wasabi-wallet-2-0-8-release-post/ Sat, 01 Jun 2024 11:51:27 +0000 https://blog.wasabiwallet.io/?p=3603 Release version 2.0.8 introduces several enhancements and improvements. It includes GUI support for custom coinjoin coordinator selection, connection via Tor bridges, support for TailsOS and WhonixOS, and the “exclude coins from coinjoins” feature.

The post Wasabi Wallet 2.0.8 Release Post appeared first on Wasabi Wallet - Blog.

]]>
The Wasabi Wallet 2.0.8 release introduces several enhancements and improvements. It includes GUI support for custom coinjoin coordinator selection, connection via Tor bridges, support for TailsOS and WhonixOS, and the “exclude coins from coinjoins” feature.

Custom Coordinator Selection

With the sunset of the default coinjoin coordinator managed by zkSNACKs, Wasabi Wallet users must now connect to different coordinators to continue using the coinjoin feature. This selection is now more visible directly from the wallet user interface and in the coinjoin settings. 

Tor Bridges Support

Tor bridges have been added to improve connectivity and privacy for users in restrictive environments where standard Tor usage might be blocked. Tor bridges act as alternative entry points to the Tor network, helping users circumvent censorship, ensuring that Wasabi Wallet remains accessible and reliable at all times.

Whonix & Tails OS Support

Full support for Whonix and Tails OS, two operating systems renowned for their focus on privacy and security, is now available. Whonix is designed to run inside a VM and uses Tor for all network connections, while Tails is a live operating system that routes all traffic through Tor. Toggle your Tor setting to Enabled (connect-only mode) in order to use these tools.

Exclude Coins from Coinjoins

Users can now exclude specific coins from participating in coinjoins. This provides greater control over which coins are selected to participate in coinjoin transactions, allowing users to manage their UTXOs with better flexibility.

GitHub Repository Transfer

The GitHub repository for the Wasabi Wallet has been successfully transferred to a new location. This transfer allows Wasabi Wallet to be maintained as a fully standalone project, independent from any organization and open to multiple different contributors and supporters. The new repository will continue to be the central place for all development activities, issues tracking, and community contributions.

Notable UI and Functional Updates

  • UI Adjustments: Multiple user interface improvements, including margin adjustments for labels to prevent shifting, removal of unused XML namespaces, and enhanced styles for various components.
  • macOS Specific Fixes: Improved handling of window states to prevent crashes and ensure smoother operation on macOS. 
  • Backend Enhancements: Added more statistics to the backend, and updates to various dependencies to improve performance and security.

Additional Improvements

  • Statistics and Logging: Added response times to logging, enhanced Statista performance, and included more detailed error handling for output registration. 
  • Code and Dependency Updates: Cleaned up code, removed unused components, and updated tooling versions to streamline development and maintenance. 
  • Error Handling: Improved handling of reorganization errors and handshake warnings, ensuring robust and resilient operation.

Download the Wasabi Wallet 2.0.8 release at wasabiwallet.io.

The post Wasabi Wallet 2.0.8 Release Post appeared first on Wasabi Wallet - Blog.

]]>
UI Enhancements in v2.0.7 https://blog.wasabiwallet.io/ui-enhancements-in-v2-0-7/ Fri, 19 Apr 2024 13:02:55 +0000 https://blog.wasabiwallet.io/?p=3484 The new release of Wasabi bundles cutting edge privacy technology with a smoother user experience.

The post UI Enhancements in v2.0.7 appeared first on Wasabi Wallet - Blog.

]]>
Wasabi Wallet v2.0.7 has a completely updated interface that enhances the classic, easy-to-use design of the software. Most noticeably, the navy blue background was replaced with a proper dark mode trimmed by green actionable buttons. Here’s a peek at what changed.


Before (2.0.6):


After (2.0.7):



Easy on the eyes

“Excel sheet” style grids for the transaction history, unused receive addresses, and UTXO menu were simplified into lists with embedded icons. Sharp edges were smoothed out with rounded corners, and text edits were made for extra clarity. But the “UI Refreshment” isn’t just a coat of paint: The pull request implementing it also closed 9 open design issues simultaneously, making Bitcoin privacy smoother than ever.


New buttons

The coinjoin settings can now be accessed from the “. . .” menu in the coinjoin music box, which replaces the blue light that indicated whether the Automatically Start Coinjoin setting was turned on or off. This easy-to-find option makes it convenient to adjust this frequently accessed toolbox.




Speeding up an unconfirmed payment using RBF or CPFP previously required right clicking the entry in your transaction history to find the option. Now, there are visible buttons for getting your pending transactions unstuck or cancelled.




UX improvements

The label for the recipient of an outgoing transaction is now entered on the same screen as the address and amount instead of spawning an extra popup, reducing the process by an additional click.

The Received/Sent/Balance columns in the history were condensed into a single stream of information showing + or – next to transaction amounts. Incoming funds now display a green color for the amount to easily allow viewers to figure out the direction funds are moving.


Don’t be a creature of habit

Many users have feelings of nostalgic regret when the appearance of their favorite app changes, but the UI Refreshment in Wasabi Wallet v2.0.7 is non-invasive to existing workflows. Try the sleek new style of Bitcoin privacy and download today.

The post UI Enhancements in v2.0.7 appeared first on Wasabi Wallet - Blog.

]]>
Only in Wasabi: Privacy Warnings and Suggestions https://blog.wasabiwallet.io/only-wasabi-privacy-warnings/ Wed, 20 Mar 2024 14:29:16 +0000 https://blog.wasabiwallet.io/?p=3303 Version 2.0.4 introduced a comprehensive set of privacy warnings and suggestions that appear when you send funds. Warnings have three levels of severity, suggestions are actions you can take to keep your privacy intact. 

The post Only in Wasabi: Privacy Warnings and Suggestions appeared first on Wasabi Wallet - Blog.

]]>
As you may already know, Wasabi protects your privacy with massive coinjoins that have hundreds of inputs and outputs, all coordinated in a zero-knowledge fashion with all communication going through Tor. But that’s not the only way Wasabi protects your privacy. Version 2.0.4 has introduced a comprehensive set of privacy warnings and suggestions that appear when you send funds.

The privacy Warnings have three levels of severity, and suggestions are actions you can take to keep your privacy intact. 

In this post, we’ll take a deep dive into what each of these warnings and suggestions mean, and how you can leverage them to maximize your privacy when using Wasabi.

Privacy Warnings Explained

Wasabi categorizes its warnings into three levels of severity: Critical, Warning, and Informational. Here are the 6 privacy warnings that Wasabi may give you when you send bitcoin. 

Transaction Interlinks Labels (Critical)

When you use Wasabi, you’ll be prompted to add labels to receiving and to destination addresses. 

When a coin reaches full privacy (anonymity score goal), the label is automatically removed because its traceability is broken. However, if you’re spending non-private or semi-private coins, you’ll be warned about their labels when you send them.  

This is what a warning might look like:

In addition, when you hover over it, a tooltip appears with more information.

 “Those entities know this is your transaction. Coinjoin more or use the label management tool to carefully select who would know that this transaction is yours.

To resolve this, simply continue coinjoining to achieve full privacy for all your coins. 

Transaction Uses Non-Private Coins (Critical)

This critical warning is raised when your transaction spends coins that have not gone through Wasabi’s coinjoin, meaning they are easily traceable on the blockchain.

“Some entities can deanonymize this transaction because it spends coins with no privacy. Coinjoin more to have enough private coins for this transaction.” – Wasabi’s Tooltip

Transaction Uses Semi-Private Coins (Warning)

While better than non-private coins, this warning indicates that your transaction is spending coins that were part of a coinjoin but have not yet reached Wasabi’s anonymity score target.

“This transaction is not private enough because it spends not fully private coins. Coinjoin more to have enough private coins for this transaction.

Consolidates Over 10 Coins (Warning)

It’s always better to avoid consolidating any coins, even fully-private ones, as it can only hurt their anonymity score. That said, if you only combine a few mixed coins, you may not reveal your pre-coinjoin transaction history, especially if you have done several re-mixes. 

Wasabi warns you about extreme cases such as consolidating (spending) more than 10 inputs in a single transaction, as this may allow observers to link your transaction history and negate the benefits of coinjoin mixing.

Transaction Uses Unconfirmed Funds (Info)

This warning appears when you attempt to spend coins that have not yet been confirmed on the blockchain, which carries many risks.

This may cause your transaction to be rejected, or delay its confirmation, or cost more than needed to get it confirmed within the desired time. Wait for a confirmation to only use confirmed coins.

Transaction Uses CoinJoining Funds (Info)

If your funds are currently part of a coinjoin, it’s better to be patient and to wait for it to complete before sending funds. 

This may cause your transaction to be replaced by the coinjoin. Consider waiting for the current coinjoin to be finished before sending this transaction.” />

Transaction Creates Change (Info)

Creating change outputs in a transaction can potentially compromise your future privacy, although the impact isn’t immediate.

Change can be used to link this transaction with the next transaction that will use it. Use the change avoidance suggestion to send a little more or less if this is OK for the receiver, or coinjoin the change later.”

This brings us to the next part, Wasabi’s Privacy Suggestions. 

Improve your Privacy with Wasabi’s Suggestions

In addition to warnings, Wasabi provides suggestions to help you make your transactions more private. Suggestions appear when there is room for improvement, such as when sending 10% less would avoid creating change. 

Everyone’s favorite part is that suggestions are clickable, they’re easy to implement. Let’s take a look.  

Better Privacy

If sending a little less would avoid using non-private coins, this suggestion will appear. 

Full Privacy

If sending a little less would avoid using non-private and semi-private coins, this suggestion will appear. 

Change Avoidance

Change avoidance works both ways, you can either send less or send more to avoid creating change.

Label Management

When you have interlinked labels, you’ll be able to choose the labels you want to link with this transaction. 

Conclusion

As you can see, Wasabi’s warnings and suggestions provide a wealth of information to help you create truly private bitcoin transactions

Pay close attention to the critical and important warnings, as they indicate potential privacy risks, and easily resolve privacy warnings by clicking on the suggestions. 

Download Wasabi Wallet.

The post Only in Wasabi: Privacy Warnings and Suggestions appeared first on Wasabi Wallet - Blog.

]]>
Smart Randomness: Skipping Coinjoin Rounds Based On Fee Rate https://blog.wasabiwallet.io/smart-randomness-skipping-coinjoin-rounds-based-on-fee-rate/ Mon, 18 Mar 2024 13:56:33 +0000 https://blog.wasabiwallet.io/?p=3293 A new source of randomness was introduced in Wasabi v2.0.6 to improve the privacy of the coinjoin feature.

The post Smart Randomness: Skipping Coinjoin Rounds Based On Fee Rate appeared first on Wasabi Wallet - Blog.

]]>

A new source of randomness was introduced in Wasabi v2.0.6 to improve the privacy of the coinjoin feature. In earlier versions, clients would always attempt to register for the next coinjoin as soon as the previous one finished. Now, clients randomly pause and wait in between coinjoin rounds, which increases confusion for anyone attempting to track funds based on the timing of their movements.

The way this randomness was implemented does not behave like a fair dice, instead, it gives users artificial luck. Random skips occur more frequently while fees are high, and skipping is less likely when fees are low.

How long your wallet waits when skipping rounds is influenced by the coinjoin strategy you choose. There is a different chance to participate in a coinjoin round depending on whether you select “minimize costs”, “maximize speed”, or “maximize privacy”.

The Participation Calculation

The median fee rate of the previous day, week, and month determines the chance of skipping a coinjoin round. This chart shows what percentage of rounds your client will join under each possible combination of fee conditions for each coinjoin strategy profile.


Since the minimize costs strategy uses “weeks” as the coinjoin time preference, there is zero chance of participating whenever fees are higher than the median of the previous day or week. Whenever fees are at the absolute cheapest levels, clients will never choose to gamble away that opportunity and will join 100% of coinjoin rounds.

An additional privacy benefit from random skips is that it staggers the crowd of remixers. Since some users stall in between coinjoins, it increases the likelihood of coinjoining with more unique users as opposed to coinjoining with the same participants of the previous round again.

The subtle privacy fortifications implemented in the Wasabi v2.0.6 release minimize the UX trade-offs with cost or speed that are associated with coinjoins. If you haven’t tried the newest version, don’t skip the upgrade, let the upgrade do the skipping for you!

The post Smart Randomness: Skipping Coinjoin Rounds Based On Fee Rate appeared first on Wasabi Wallet - Blog.

]]>
Deeper Privacy with Safety Coinjoins https://blog.wasabiwallet.io/exploring-secure-coinjoin-protocols/ Mon, 04 Mar 2024 08:59:54 +0000 https://blog.wasabiwallet.io/?p=3235 “Safety coinjoins” are triggered by default to ensure a minimum amount of remixing for users who choose to minimize costs or maximize speed. This feature anticipates how coins might be spent in the future to prevent guesses from being made based on a specific user behaviour.

The post Deeper Privacy with Safety Coinjoins appeared first on Wasabi Wallet - Blog.

]]>
Coinjoin transactions create Bitcoin outputs that can’t be traced back to specific inputs, but it’s difficult to measure the exact amount of privacy gained by each coinjoin output. Most people think of privacy as an abstract property: Your information is either anonymous or public. However, your wallet software considers privacy as a numeric value instead: Your UTXOs have an anonymity score that is increased by coinjoining.

How much privacy should you gain before spending your coins?

Since each coinjoin transaction pays a fee to miners, users have to consider whether the marginal privacy gained from remixing in multiple coinjoins is worth the additional cost. Wasabi’s mission is to provide privacy by default, but users have a limited budget, so a careful balance is necessary.


Coinjoin trilemma concept art – A cost tradeoff is associated with maximizing privacy or speed.

Wasabi users are offered three coinjoin strategies when setting up their wallet: Minimize Costs, Maximize Speed, and Maximize Privacy. The cost and speed strategies will typically complete coinjoining after a single transaction while the privacy strategy will remix multiple times. The exact amount of remixing required before stopping may vary because the outcome of each coinjoin transaction is unique.

Safety for the Hasty

In v2.0.6, Wasabi now considers the abstract quality of privacy for your coinjoin outputs in addition to checking their anonymity score. “Safety coinjoins” are triggered by default to ensure a minimum amount of remixing for users who choose to minimize costs or maximize speed. This feature anticipates how coins might be spent in the future to prevent guesses from being made based on a specific user behaviour. The guessing scenario that safety coinjoins protect against is when a user makes a single deposit, a single coinjoin, and a full withdrawal. Wallets that already have private funds for remixing are already protected, so safety coinjoins only occur when users fund a new wallet.

WabiSabi coinjoins can break the links between your addresses in three different ways:

– Inputs are not linked to other inputs
– Inputs are not linked to outputs
– Outputs are not linked to other outputs

Outputs not being linked to each other can be temporary depending on how those outputs are spent. When outputs from coinjoin transactions are spent together as inputs in a future payment, a definitive link is created between them. However, when coinjoin outputs are spent together as inputs in a future coinjoin, no definitive link is created since coinjoin inputs cannot be linked to other inputs. In order to take advantage of this property, the first deposit made to an empty wallet can only achieve a maximum of 75% privacy progress from its first coinjoin, no matter how high your anonymity score is. Safety coinjoins remix the first set of semi-private outputs that were created from the initial coinjoin round to achieve 100% privacy.

Users sweeping their wallets benefit from the extra safety buffer between the transaction that funds their wallet and the transaction that empties it, preserving the initial privacy gained from splitting into multiple outputs. An observer of a safety coinjoin who is attempting to identify the source of incoming funds based on outgoing amounts is forced to expand their search to include previous coinjoin transactions. Any conclusion drawn by equating similar amounts to each other is broken since private coins exit from a different transaction than the non-private coins entered.

If you haven’t taken the chance to upgrade your privacy yet, download the new 2.0.6 version of Wasabi Wallet and see the safety coinjoin feature in action for your first deposit. 

The post Deeper Privacy with Safety Coinjoins appeared first on Wasabi Wallet - Blog.

]]>
Time is Money: DoS (Denial of Service) Fortification and Coinjoin Time Preference https://blog.wasabiwallet.io/dos-fortification-and-coinjoin-time-preference/ Tue, 06 Feb 2024 14:58:32 +0000 https://blog.wasabiwallet.io/?p=3211 As a result of months of hard work by the Wasabi and Tor developers, updated statistics from October 2023 show that the overall success rate has more than doubled since the previous year, with over 50% of new rounds and over 80% of blame rounds succeeding.

The post Time is Money: DoS (Denial of Service) Fortification and Coinjoin Time Preference appeared first on Wasabi Wallet - Blog.

]]>

Defeating Anonymous Attackers

Coinjoins are privacy-preserving transactions that contain funds from many users. This operation requires unanimous teamwork: Unless every user signs the transaction, Bitcoin nodes will reject it as invalid, and no privacy progress will be made. This poses a challenge to honest users since there is no cost to an attacker who continuously causes coinjoins to fail, resulting in a denial of service (DoS).

This is where the role of the centralized coinjoin coordinator comes into play. The coordinator acts as a bouncer to exclude known troublemakers, ensuring that honest users are not left waiting indefinitely. ZkSNACKs, which runs the default coordinator for Wasabi Wallet, uses various methods to identify and defeat DoS attacks to improve coinjoin success rates.

First, the economics of Denial of Service attacks are considered. The minimum value allowed to participate in a Wasabi coinjoin is 5000 sats (0.00005000 BTC). When disrupting a coinjoin round, the attack is equally effective whether the missing signature belongs to a low-value input or a high-value input. Due to this threat of an attacker splitting his coins into small pieces, low-value coins are subject to longer bans than high-value coins.

Second, Denial of Service penalty evasion is considered. If a particular address is banned for causing a coinjoin to fail, the attacker can move the coins from the banned address to a fresh address and attempt to register again. To combat this circumvention, bans from previously offending addresses are inherited by the coins they send. This prevents attackers from reusing the same funds for multiple disruptions.

Third, the nature of the offence is considered. There are 3 ways to cause trouble with a coinjoin transaction:

  • Register inputs and fail to sign the final transaction
  • Double spend a registered input before signing
  • Double spend a registered input after signing

Failure to sign may not be intentionally malicious since it can occasionally occur due to limitations of the Tor network’s stability, or because a careless user closes his laptop after the input registration phase. Double spending is prevented by clients and is a clearer indicator of deliberate disruptive activity. The type of offence and the history of previous offences affect how long a coin is banned.

Stability Improvements

When Wasabi 2.0 was first released, Tor was under a network-wide attack that severely degraded its connection reliability. As a result, the coordinator cannot be too strict with bans to prevent Denial of Service since honest users may inadvertently disconnect without signing.

In November 2022, benchmark statistics were measured showing coinjoins would succeed only 10% of the time on the first attempt, and slightly less than 50% on subsequent attempts (known as “blame rounds”). With the v2.0.2.1 release in December, these metrics improved to 15% success on the first attempt.

As a result of months of hard work by the Wasabi and Tor developers, updated statistics from October 2023 show that the overall success rate has more than doubled since the previous year, with over 50% of new rounds and over 80% of blame rounds succeeding. This consistency makes privacy convenient for patience minimalists who quickly tire of the soothing glow of the countdown timer.



Entering the Fee Market

The fee rate of the coinjoin transaction is another variable to account for while waiting for full privacy. The coordinator chooses the mining fee for the coinjoin round before users join, however, fee estimation is not a simple task. On average, a new Bitcoin block is mined every 10 minutes, but there is no way to predict exactly when one will be found or how many new transactions will outbid you until then. 

There are special considerations when choosing the fee rate for coinjoin transactions. Participants often pay several times more in mining fees for a coinjoin transaction compared to a regular payment since they can register multiple inputs and outputs. This increases the marginal advantage for sniping the lowest possible fee rate. In addition, coinjoins are not considered urgent because users are often sending coins to themselves and not to others, so whether or not the transaction is confirmed quickly is not as important because there is no risk that incoming funds will be double spent and lost.

Allowing coinjoin transactions to wait in the mempool also has an unintended privacy benefit. Since unconfirmed coins cannot be registered for new rounds, users who remix their outputs must wait an additional time for their first coinjoin to be mined. By increasing the time period in between consecutive rounds, users are less likely to participate with the same users from their previous round.

Despite these advantages for choosing a low fee, there are also unique reasons for coinjoin transactions that would justify choosing a high fee as a precaution. Users who send a regular payment that gets stuck can easily use Replace By Fee (RBF) to increase its confirmation priority. However, since coinjoins require the cooperation of many users, the first fee is final. There is no way to replicate a higher fee replacement if even a single participant goes offline.

Another reason to prefer a higher fee for coinjoins is because they are disproportionately affected by transaction size limitations in Bitcoin Core’s mempool and block construction logic. Once a chain of transactions spending unconfirmed coins grows too large, nodes will ignore new transactions attempting to build on top of it.

Unfortunately, mining pools have not yet optimized to collect fees from coinjoin transactions. Miners only calculate the single highest-paying descendant transaction package, which may cause them to overlook the confirmation of an extra profitable coinjoin with many spent child outputs.


Patience Preferences

Since it’s impossible to choose a fee that satisfies both the impatient and the thrifty at the same time, Wasabi has a feature called “Coinjoin time preference” to ensure that you don’t get hit with higher than expected mining fees.






If a coinjoin round requires a higher fee than the median of the previous day, week, or month, your client can be configured to skip that round and wait until fees drop or stabilize. This customization gives both spenders and savers flexibility without compromising their preferences or splitting the liquidity pool.

Setting a long coinjoin time preference makes it easy to handle the small coins that accumulate in your wallet as you send and receive transactions. Whenever the best deal on fees becomes available, your wallet will privately consolidate your UTXOs so you can readily spend them when fees increase again.

In conclusion, the combined speed provided by Denial of Service fortification and smart savings from the coinjoin time preference feature has significantly improved Wasabi’s user experience. These advancements and tools have made privacy not only more convenient but also more cost-effective. Coinjoins have never been spicier, try Wasabi Wallet today and join the crowd.

The post Time is Money: DoS (Denial of Service) Fortification and Coinjoin Time Preference appeared first on Wasabi Wallet - Blog.

]]>
Friends and Plebs Don’t Pay Wasabi Coinjoin Fees https://blog.wasabiwallet.io/friends-and-plebs-dont-pay-w/ Mon, 08 Jan 2024 14:56:31 +0000 https://blog.wasabiwallet.io/?p=3190 In this article, we'll explain how Wasabi coinjoin fees work, how it differs from Wasabi Wallet 1 with Free Remixing, what Friends don't pay means, the importance of accessibility in coinjoin transactions, what Plebs don't pay means, why mining fees are never waived, and finally how to minimize mining fees in a high-fee environment.

The post Friends and Plebs Don’t Pay Wasabi Coinjoin Fees appeared first on Wasabi Wallet - Blog.

]]>
Have you met friends or fellow bitcoin users who wanted to participate in a coinjoin transaction but didn’t because of the fees? Read how our many fee exemption features can apply to them so they never have to pay Wasabi coinjoin coordinator fees.

In this article, we’ll explain how Wasabi coinjoin fees work, how it differs from Wasabi Wallet 1 with Free Remixing, what Friends don’t pay means, the importance of accessibility in coinjoin transactions, what Plebs don’t pay means, why mining fees are never waived, and finally how to minimize mining fees in a high-fee environment.

Basic Explainer of Wasabi Coinjoin Fees

There are two types of fees in a coinjoin transaction: coordinator fees and network mining fees.

As with all bitcoin on-chain transactions, there’s a network mining fee proportional to the amount of space your inputs and outputs consume. This is also true for Wasabi coinjoin transactions; you pay for the space you use. For example, if you have two P2WPKH inputs and two P2WPKH outputs, your transaction size is 209 virtual bytes. If the fees are 50 sats / vbyte, you will pay 10450 sats in mining fees. 

In a coinjoin transaction, a coordinator (default is zkSNACKs) takes care of the complex communication between all the participants and receives a fee for the hefty task. This allows users to gain privacy. This fee is 0.3% of the total bitcoin you bring to a coinjoin round, so if you bring 3,000,000 sats (0.03 BTC), you will pay 9000 sats in coordinator fees.

Unlike Wasabi Wallet 1.0, where you paid coordinator fees on every transaction, since the 2.0 release you pay upfront on your first coinjoin transaction and then enjoy free remixing.

Pay Coordinator Fees Upfront: Free Remixing

It doesn’t matter if you participate in 1 or 100 coinjoin transactions with the same bitcoin, you will only pay coordinator fees for the first one. This allows you to enjoy additional privacy at a massively reduced cost.

How is this possible?

Whenever you join a coinjoin round, the coordinator can detect that your UTXOs (unspent transaction outputs) are from a previous Wasabi coinjoin, and therefore waives the coordinator fees for those coins. 

But what if the ownership of coins changes hands between two coinjoin transactions? Would the same apply? Yes, and this is what we call Friends don’t pay.

Friends Don’t Pay

The “Friends Don’t Pay” feature allows users to coinjoin as many times as they want for as long as they want at no additional cost other than the mining fee. 

This is great for liquidity as users are incentivized to coinjoin many times to improve their own privacy, making coinjoins better, faster and stronger for everyone! Anyone can coinjoin multiple times for 0% coordinator fees. 

Just send some previously coinjoined bitcoin to your friends and family members and watch them enjoy the benefits of acquiring privacy without having to pay coordinator fees. That must feel pretty awesome.

But wait, there’s another way to avoid paying the coordinator fees.

The Importance of Accessibility in Coinjoin Transactions

Before we get into the Plebs don’t pay feature, we want to reiterate our commitment to the accessibility of coinjoin transactions. We’re always working to improve on this front, whether it’s making the software more performant for low-bandwidth users as we did with the 2.0.4 release, or by adding the “Buy Anything Button” to allow you to purchase literally anything with your coinjoined bitcoin. 

The most important way to improve accessibility is to lower fees, and we’re doing that with Plebs Don’t pay.

Plebs Don’t Pay

If you participate in a coinjoin transaction with less than 1,000,000 sats (0.01 BTC), you will never pay any coordinator fees. Not a single sat. 

Wasabi is the only coinjoin protocol that waives coinjoin coordinator fees for users with small amounts of bitcoin,  often referred to as the bitcoin plebs in various bitcoin community channels. 

I know what you’re thinking, you’re almost convinced to coinjoin, but the high network mining fee environment makes you doubt. Yes, you will pay zero in coordinator fees but you will end up paying more in mining fees. 

Well, read on to learn why mining fees are crucial and shouldn’t be waived, and how to minimize your coinjoin transaction mining fees.

Why Mining Fees Should Never Be Waived

By enforcing mining fees for all coinjoin participants, we ensure an economic cost for everyone and collapse the opportunity for sybil attackers.

What is a Sybil attack? 

The U.S. National Institute of Standards and Technology defines it as: “A cybersecurity attack wherein an attacker creates multiple accounts and pretends to be many persons at once.”

Coinjoins work because many participants join together to form collaborative bitcoin transactions. The privacy gain is strictly correlated to the diversity of participants, and a Sybil attack in this context means that an attacker can fool others into believing that they are many different people, when in fact they’re only one.

This could theoretically be taken to the point where you think you’re with dozens of participants, when in fact you’re with only one attacker. This could easily compromise your privacy.

By never waiving network mining fees, we ensure that Sybil attacks have a cost that will deter potential malicious attackers.

Now for something practical…

How to Minimize Mining Fees

When you set up a wallet on Wasabi, you will be asked to choose a coinjoin strategy between Minimize Costs, Maximize Speed, and Maximize Privacy. The first two strategies aim for an anonymity level of 5, and the last one is a random number between 50 and 100. You can also customize the parameters.

The Minimize Costs strategy will ensure that you only participate in coinjoins that take place at times of the week when there’s less pressure on the network mining fee market, so you can minimize the fees you pay.

You can change coinjoin strategies at any time in your coinjoin settings.

Conclusion

The next time a friend wants to coinjoin but is hesitant because of the fees involved, be sure to point them to this blog article so they can understand the many ways they can pay zero coordinator fees and minimize their mining fees. 

No doubt he’ll be grateful to you!

Download Wasabi Wallet.

The post Friends and Plebs Don’t Pay Wasabi Coinjoin Fees appeared first on Wasabi Wallet - Blog.

]]>
Coinjoins.org Presents 3 New Coinjoin Wallet Reviews https://blog.wasabiwallet.io/coinjoins-org-presents-3-new-coinjoin-wallet-reviews/ Wed, 22 Nov 2023 12:31:47 +0000 https://blog.wasabiwallet.io/?p=3130 Coinjoins.org was announced earlier this year by Thibaud and Gustavo as a new public resource to discover and review bitcoin wallets with coinjoin features. Today, 3 new wallet reviews were released to help consumers discover the best bitcoin wallets for privacy. 

The post Coinjoins.org Presents 3 New Coinjoin Wallet Reviews appeared first on Wasabi Wallet - Blog.

]]>
Trezor Suite, Jam and the BTCPay Server coinjoin plugin are the latest wallets available to be reviewed. 

Coinjoins.org was announced earlier this year by Thibaud and Gustavo as a new public resource to discover and review bitcoin wallets with coinjoin features. Today, 3 new wallet reviews were released to help consumers discover the best bitcoin wallets for privacy. 

Trezor Suite and WabiSabi 

Trezor Suite is an easy-to-use bitcoin wallet desktop application with hardware wallet integration (Trezor T, One and Safe) and a built-in coinjoin feature using WabiSabi, the same coinjoin protocol used in Wasabi Wallet. 

One benefit is that Trezor Suite is the only wallet that allows you to coinjoin directly from a hardware wallet account, significantly increasing the security of your bitcoin. There is no need to use a hot wallet.

One limitation is that the process of coinjoining is somewhat manual. Users need to create a separate coinjoin wallet account, block filters have to be downloaded, and once the funds are deposited, a user need to manually click start to join a round.

The coinjoin integration was co-announced by Trezor and Wasabi Wallet back in April of this year. 

Find the full Trezor Suite review on Coinjoins.org

Jam and JoinMarket 

Jam is a web interface for JoinMarket focusing on user-friendliness and ease-of-use. It aims to provide sensible defaults and be easy to use for beginners while still having the features advanced users expect.

One benefit is that Jam significantly improves the user experience by abstracting away the complexity of Joinmarket. Joinmarket is the most censorship-resistant coinjoin on the market due to the competitive nature of a peer-to-peer free market with many takers and makers. There is no single coordinator in Joinmarket, but each round has a central coordinator (the taker).

One limitation is that Jam is not easy to install if you don’t have a full node system such as Umbrel, Citadel, Start9, Raspiblitz, MyNode and Raspibolt. Running Jam still requires technical skills. If a user doesn’t buy the pre-built node systems, it also requires technical skills to DIY (do it yourself).

Find the full Jam review on Coinjoins.org

BTCPay Coinjoin Plugin

BTCPay Server is a self-hosted, open-source bitcoin payment processor that includes a bitcoin wallet with a WabiSabi coinjoin plugin. 

One benefit of using BTCPay Server is that it is the most censorship-resistant WabiSabi bitcoin wallet because you can browse coordinators on Nostr (uncensored social media platform) and also run your own coordinator and publish it for discoverability.

One limitation is that it’s harder to run your own BTCPay server instance than it is to install a desktop or mobile wallet application. To use the WabiSabi coinjoin plugin, you need to install it after deploying BTCPay. It’s mandatory to use coinjoin on your own instance because you need to use a hot wallet.

Find the full BTCPay Server Coinjoin Plugin review on Coinjoins.org

Contribute 

Coinjoins.org is a free and open source project developed and maintained by Thibaud and Gustavo. If you would like to share suggestions, please open an issue on the GitHub repository, or even fork the project to show improvements. 

The post Coinjoins.org Presents 3 New Coinjoin Wallet Reviews appeared first on Wasabi Wallet - Blog.

]]>
Explaining Wasabi Wallet’s Tor Implementation https://blog.wasabiwallet.io/explaining-wasabi-wallets-tor-implementation/ Tue, 24 Oct 2023 08:12:14 +0000 https://blog.wasabiwallet.io/?p=3098 This article will define what Tor is, how Wasabi Wallet implements Tor exactly, what are the operations that require an immediate circuit update, why the coordinator doesn't use an onion service anymore, and how Conflux could be a future solution to improve reliability.

The post Explaining Wasabi Wallet’s Tor Implementation appeared first on Wasabi Wallet - Blog.

]]>

Connecting to the internet through Tor is a core component of a bitcoin privacy wallet. Along with block filters, it’s the answer to bitcoin network privacy.

As expected, Wasabi Wallet comes with Tor bundled in and enabled by default (you can opt out, but it’s not recommended), but how exactly does Wasabi Wallet implement Tor?

Wasabi Wallet makes all of its requests through Tor, but it alternates the connection (circuit) modes so that for super-private things like coordinating a coinjoin, its circuit is updated after each operation. This allows the user to have privacy from both the coordinator, the Bitcoin network and the Tor network.

This article will define what Tor is, how Wasabi Wallet implements Tor exactly, what are the operations that require an immediate circuit update, why the coordinator doesn’t use an onion service anymore, and how Conflux could be a future solution to improve reliability.

First, it’s important to understand that using the Internet without Tor (or alternative protocols) reveals your IP address to the server you’re connecting to. The goal is to protect a user’s IP address from their Internet peers and the public.

How Does Tor (The Onion Network) Work?

Tor is a free and open source software that enables anonymous communication for online activities by encrypting and routing Internet traffic through a network of servers, making it difficult to trace the origin or destination of data.

In other words, Tor is a peer-to-peer network that anyone can join to hide their IP address from the destination server. Here’s a simple illustration of how Tor works:

Tor is used in Wasabi Wallet for all communication purposes by default, i.e. to connect to the bitcoin network to download blocks and broadcast transactions, and to the coinjoin coordinator to receive block filters and the state of the coinjoin rounds when loading the wallet, and most importantly, for all the communication steps of the coinjoin transaction such as input selection, output selection, transaction signing. (Read about how a coinjoin transaction works in detail). 

Now let’s take a closer look at Wasabi Wallet’s Tor implementation. 

How Exactly Does Wasabi Wallet Implement Tor?

First off, we want to make sure that all communication happens through Tor. Each time we communicate we create an HttpClient (software used to send and receive responses from a server) and we set it up with Tor.

In addition, Wasabi enables Tor’s control port to manage and switch connection (circuit) modes. There are three circuit modes:

  • For DefaultCircuit, on every session, we set up a default circuit that we will use when we don’t use other modes, usually for operations that are not too sensitive. 
  • For SingleCircuitPerLifetime, we create a new circuit just for this HttpClient, which we will reuse throughout the lifetime of the component that created the HttpClient.
  • NewCircuitPerRequest is the most private mode. We use it when we want each request to have its own unique circuit, such as during the coinjoin coordination process.

 It’s important to note that Tor circuits are slow and hard to create, which is why we try to avoid creating new ones when it’s not necessary. Here’s an example to understand better circuit mode management.

When a component needs to communicate on the Internet, it requests a new HttpClient configured with the mode it needs. When we use the RoundStateUpdater (to get the state of the coinjoin round), privacy is not critical. This is because every Wasabi client polls this endpoint, whether it’s actively participating in a coinjoin or not. 

Since this query does not reveal client uniqueness, we create the HttpClient for the component with the SingleCircuitPerLifetime mode.

Now what are the operations that require the highest level of privacy with the circuit mode NewCircuitPerRequest?

What are the Operations that Require Tor Circuit Updates (NewCircuitPerRequest) in Wasabi Wallet?

As mentioned above, Tor is used for all communication when enabled, and a Wasabi Wallet client only communicates with Bitcoin Network peers and the coinjoin coordinator server. Let’s look at the operations that require circuit updates, starting with the coinjoin coordinator process.

For the coinjoin communication, it works separately in two parts:

  • Inputs Registration + Inputs Confirmation phases: In this case, it makes sense to use one circuit for all requests related to one input, so we use the SingleCircuitPerLifetime mode, and we create a new HttpClient per input.
  • Everything else: For the rest of the critical phase, we shouldn’t link any requests with each other. So we can use a single HttpClient, but we have to use the NewCircuitPerRequest mode.

For Bitcoin network communication, we use NBitcoin and its own Tor implementation so it works very differently. To protect privacy additionally on the block download step, we disconnect from a network peer every time we download a block. 

We’ve explained in detail how the Wasabi Wallet client Tor implementation works, now let’s answer a common question regarding the abandoned use of an onion service for the coordinator server.

Why The Wasabi Coordinator Doesn’t Use an Onion Service Anymore

An onion service is a server configured to only receive incoming connections through Tor, providing privacy and censorship resistance to servers by bypassing DNS.

It used to be the case that the coordinator would run an onion service and clients would connect to it. However, this is no longer the case due to reliability issues inherent in onion services. In addition, the coordinator server doesn’t need privacy from the public so there’s not too much incentive. 

For Wasabi’s coinjoin coordination process to work properly, the standard deviation of the request time must be small. Each request has to happen in a few seconds, and this time frame can’t vary much from request to request. Reliability is a major issue for Tor.

However, a solution seems to have arised…

Conflux as a Potential Reliability Solution for Tor

Conflux is a new Tor project that aims to solve Tor’s inherent reliability problems. If you need bandwidth reliability: you use Conflux, and it duplicates your request and sends each one through different circuits. Since reliability failure is a low-probability event, it’s extremely unlikely to happen with two different requests (e.g., 0.1 * 0.1 = 0.01),

Since Wasabi’s use of Tor varies depending on the action, sometimes we would use Conflux and sometimes we wouldn’t. Unfortunately, this isn’t possible with our current implementation. An alternative implementation called Arti would allow us to solve the Conflux management problem.

Conclusion

In this article, we’ve explored how Tor works, how it’s implemented in Wasabi Wallet through the alternative circuit modes depending on the action, which operations require the most private mode, why the coordinator no longer uses an onion service, and how Conflux is a solution to the reliability issues inherent in Tor. 

This article, among other technical content, demonstrates that Wasabi Wallet is the superior bitcoin wallet for network privacy. To learn more about all the benefits of Wasabi Wallet, check out the Coinjoins.org review

The post Explaining Wasabi Wallet’s Tor Implementation appeared first on Wasabi Wallet - Blog.

]]>