Connecting to the internet through Tor is a core component of a bitcoin privacy wallet. Along with block filters, it’s the answer to bitcoin network privacy.

As expected, Wasabi Wallet comes with Tor bundled in and enabled by default (you can opt out, but it’s not recommended), but how exactly does Wasabi Wallet implement Tor?

Wasabi Wallet makes all of its requests through Tor, but it alternates the connection (circuit) modes so that for super-private things like coordinating a coinjoin, its circuit is updated after each operation. This allows the user to have privacy from both the coordinator, the Bitcoin network and the Tor network.

This article will define what Tor is, how Wasabi Wallet implements Tor exactly, what are the operations that require an immediate circuit update, why the coordinator doesn’t use an onion service anymore, and how Conflux could be a future solution to improve reliability.

First, it’s important to understand that using the Internet without Tor (or alternative protocols) reveals your IP address to the server you’re connecting to. The goal is to protect a user’s IP address from their Internet peers and the public.

How Does Tor (The Onion Network) Work?

Tor is a free and open source software that enables anonymous communication for online activities by encrypting and routing Internet traffic through a network of servers, making it difficult to trace the origin or destination of data.

In other words, Tor is a peer-to-peer network that anyone can join to hide their IP address from the destination server. Here’s a simple illustration of how Tor works:

Tor is used in Wasabi Wallet for all communication purposes by default, i.e. to connect to the bitcoin network to download blocks and broadcast transactions, and to the coinjoin coordinator to receive block filters and the state of the coinjoin rounds when loading the wallet, and most importantly, for all the communication steps of the coinjoin transaction such as input selection, output selection, transaction signing. (Read about how a coinjoin transaction works in detail). 

Now let’s take a closer look at Wasabi Wallet’s Tor implementation. 

How Exactly Does Wasabi Wallet Implement Tor?

First off, we want to make sure that all communication happens through Tor. Each time we communicate we create an HttpClient (software used to send and receive responses from a server) and we set it up with Tor.

In addition, Wasabi enables Tor’s control port to manage and switch connection (circuit) modes. There are three circuit modes:

• For DefaultCircuit, on every session, we set up a default circuit that we will use when we don’t use other modes, usually for operations that are not too sensitive. 
• For SingleCircuitPerLifetime, we create a new circuit just for this HttpClient, which we will reuse throughout the lifetime of the component that created the HttpClient.
• NewCircuitPerRequest is the most private mode. We use it when we want each request to have its own unique circuit, such as during the coinjoin coordination process.

 It’s important to note that Tor circuits are slow and hard to create, which is why we try to avoid creating new ones when it’s not necessary. Here’s an example to understand better circuit mode management.

When a component needs to communicate on the Internet, it requests a new HttpClient configured with the mode it needs. When we use the RoundStateUpdater (to get the state of the coinjoin round), privacy is not critical. This is because every Wasabi client polls this endpoint, whether it’s actively participating in a coinjoin or not. 

Since this query does not reveal client uniqueness, we create the HttpClient for the component with the SingleCircuitPerLifetime mode.

Now what are the operations that require the highest level of privacy with the circuit mode NewCircuitPerRequest?

What are the Operations that Require Tor Circuit Updates (NewCircuitPerRequest) in Wasabi Wallet?

As mentioned above, Tor is used for all communication when enabled, and a Wasabi Wallet client only communicates with Bitcoin Network peers and the coinjoin coordinator server. Let’s look at the operations that require circuit updates, starting with the coinjoin coordinator process.

For the coinjoin communication, it works separately in two parts:

• Inputs Registration + Inputs Confirmation phases: In this case, it makes sense to use one circuit for all requests related to one input, so we use the SingleCircuitPerLifetime mode, and we create a new HttpClient per input.
• Everything else: For the rest of the critical phase, we shouldn’t link any requests with each other. So we can use a single HttpClient, but we have to use the NewCircuitPerRequest mode.

For Bitcoin network communication, we use NBitcoin and its own Tor implementation so it works very differently. To protect privacy additionally on the block download step, we disconnect from a network peer every time we download a block. 

We’ve explained in detail how the Wasabi Wallet client Tor implementation works, now let’s answer a common question regarding the abandoned use of an onion service for the coordinator server.

Why The Wasabi Coordinator Doesn’t Use an Onion Service Anymore

An onion service is a server configured to only receive incoming connections through Tor, providing privacy and censorship resistance to servers by bypassing DNS.

It used to be the case that the coordinator would run an onion service and clients would connect to it. However, this is no longer the case due to reliability issues inherent in onion services. In addition, the coordinator server doesn’t need privacy from the public so there’s not too much incentive. 

For Wasabi’s coinjoin coordination process to work properly, the standard deviation of the request time must be small. Each request has to happen in a few seconds, and this time frame can’t vary much from request to request. Reliability is a major issue for Tor.

However, a solution seems to have arised…

Conflux as a Potential Reliability Solution for Tor

Conflux is a new Tor project that aims to solve Tor’s inherent reliability problems. If you need bandwidth reliability: you use Conflux, and it duplicates your request and sends each one through different circuits. Since reliability failure is a low-probability event, it’s extremely unlikely to happen with two different requests (e.g., 0.1 * 0.1 = 0.01),

Since Wasabi’s use of Tor varies depending on the action, sometimes we would use Conflux and sometimes we wouldn’t. Unfortunately, this isn’t possible with our current implementation. An alternative implementation called Arti would allow us to solve the Conflux management problem.

Conclusion

In this article, we’ve explored how Tor works, how it’s implemented in Wasabi Wallet through the alternative circuit modes depending on the action, which operations require the most private mode, why the coordinator no longer uses an onion service, and how Conflux is a solution to the reliability issues inherent in Tor. 

This article, among other technical content, demonstrates that Wasabi Wallet is the superior bitcoin wallet for network privacy. To learn more about all the benefits of Wasabi Wallet, check out the Coinjoins.org review. 

The post Explaining Wasabi Wallet’s Tor Implementation appeared first on Wasabi Wallet - Blog.

This article guides you through securing your identity in the digital world by providing a list of technologies you can use to protect yourself. This list goes from the device you use, how you access the internet, how you authenticate to websites and applications (email and phone number), how you communicate with peers, and finally, how you make payments online.

The technology recommendations are for beginner and intermediate users who want to protect themselves. For those that wish to learn more and for advanced users, there are links to every technology mentioned.

A Secure Device and Operating System

As of September 2022, it is estimated that Android is the most popular operating system in the world, with 43% of the market share. Windows follows it at 29%, Apple iOS at 16%, MacOS at 6%, and desktop Linux at 1.1%. Even though Android is open-source, most versions come by default with Google spyware. For Apple (both iOS and MacOS) and Windows, it’s even worse since you have little control of the device and can’t escape the hold Big Tech has on it. For example, even if you turn off sharing analytics with Apple on your iPhone Settings, that communication remains in the background.

If you want a secure device and operating system, the best technology you can use is an open-source Desktop Linux that is not commercially attached to a company. That immediately discards Ubuntu (Canonical LTD), which is prepackaged with telemetry software that you have to opt out of and has been called spyware by the free software pioneer Richard Stallman. Redhat (Inc) is even worse because you need to create an account and buy a commercial license to use it. There are many options for community-driven Linux distributions, such as Mint, Debian, Fedora, Qubes, TailsOS, etc.

Linux Mint is often recommended for its simplicity and popularity, allowing non-technical users to install it on their desktop or laptop in only a few hours. Here are the instructions on how to do so from the official community website. It’s Debian based, so it has the same software compatibility as Ubuntu.

Although privacy and identity on mobile devices are harder to figure out, it’s still possible to do so. There are modified Android versions that remove every spyware packaged by Google, and one that has received wide approval from the open-source community is GrapheneOS. There is a limited number of devices you can install this operating system onto, but you can find a list of them here. Finally, here are some instructions on how to complete that process.

You now have a desktop or mobile device with an identity-protecting operating system.

Protecting your Identity when accessing the Web

As soon as you communicate with a web server through a browser interface or the command line, your IP address will serve as your identity for communication. You might think there’s little risk associated with that because there’s no immediate identity link. Still, the reality is that the server can estimate a very accurate geographical location, which traces back to you.

Using a VPN to Route your Traffic

Although there’s some controversy about VPN usage, given you use a centralized server to route your traffic, it probably is better to use one than not. Many providers claim to implement a no-logging policy, but it’s hard or impossible to verify if it’s true. A false sense of security won’t blind you if you’re aware of the limitation that the VPN server is aware of your IP address and can be hacked or involved in a leak.

Privacyguides.org is a website maintained by privacy advocate Jonah Aragon that reviews VPNs based on stringent criteria such as open-source clients, independent audits, and accepted private forms of payment. Their only three recommendations are Proton VPN, IVPN, and Mullvad VPN, none of which have been hacked. They have versions for any operating system and you can purchase any of them with bitcoin (more on identity-protecting payments in a different section).

For those worried about performance, Mullvad supports Wireguard, a modern and faster VPN protocol. Here’s an article from Jameson Lopp on how to set up Wireguard for a better web experience.

A Decentralized but Slower Alternative: Tor Network

There are many reasons you would want to use Tor instead of a VPN. First, you simply don’t want to rely on a centralized service because of the risks of leakage or hacking. Also, you don’t want to pay for a more performant and easier-to-use service. Finally, and this is only the case for onion services, you care about the privacy of the website server and not only your own.

Tor (The Onion Router) is a peer-to-peer network comprised of clients like you and voluntary relay servers that route your traffic. Every time you connect to a web server, you hop through many relays before reaching your destination. Each relay knows only the IP address of the previous and the following peer, so making many hops protects your identity from the endpoint and middle relays. Although the entry guard knows your IP address, this information isn’t useful by itself since it doesn’t know your web destination.

Here’s an illustration that demonstrates how the Tor network works.

Tor is available as a client-side application with the Tor Browser and as a server for more complex and technical use cases. You can install Tor Browser here, and for more advanced users curious to know how to run a relay server, the instructions are here.

Using Private Email Addresses and Phone Numbers for Authentication

Now that you can access the internet in an identity-protecting way, you may want to use web services. You already know that most of these services will ask you for an email address or a phone number to sign up, so you will want to equip yourself with services that can provide unlimited accounts without compromising your privacy or security.

Secure and Private Email Addresses

ProtonMail is recommended because of its reputation, encryption security, simplicity, and free plan. Even though they provide a centralized service, they don’t have access to your emails; only you do. The application code is open-source and independently audited by third-party security experts. You can sign up here.

You can also use their complementary service SimpleLogin which provides an additional ten email aliases for free to keep your primary email private from most services. Every email sent to any of these aliases ends up in the same inbox, similar to how you use different addresses to receive bitcoin in the same wallet. For single-use applications without sensible data, you can use a service like TempMail to receive emails on a temporary email address.

VoIP Phone Numbers and International eSim Cards

Phone numbers are trickier since they’re not web-native. Still, getting one without compromising your identity security anywhere in the world is possible. First of all, there are many VoIP (Voice over IP) services available that you can purchase with bitcoin and even some that are free.

I haven’t verified any of those services, so you must research the one you choose to ensure you feel comfortable with the associated risks. Here’s a website where you can find many of those options.

The main limitation of using a VoIP service is that many applications will simply detect that it’s not an actual phone number and will block you from using their service. Also, they’re usually not the most privacy-preserving services out there. Don’t worry; there’s a way to get an actual phone number in a very identity-protecting way.

Silent Link is an available worldwide service that sells eSIM cards for bitcoin for data and a US-based or UK-based phone number. You don’t need an email address, you can just make your bitcoin payment (on-chain or lightning), and you’re good to go.

You will need a mobile device for this, so if you don’t have one, you are stuck with VoIP services to obtain a phone number.

The SilentLink instructions to purchase an eSim Card.

End-to-End Encrypted Communication Tools and Decentralized Social Media

Two of the most critical use cases of the internet are communication and social media. In this section, I will explain the different technologies you can use for private conversations and networking without compromising your identity.

End-to-end Encrypted Communication

The first thing you should not compromise on if you want to protect your identity when it comes to communication, is end-to-end encryption. It’s 2023, and it’s tough to argue the need to use a tool that doesn’t provide this essential feature. Gladly, there are many options that we will go through in this section.

End-to-End encryption is a method that ensures only you and your recipient can read the communicated information, secured by cryptography.

Unfortunately, there isn’t much compatibility between popular communication protocols, so you usually have to use the same client as the person you’re trying to connect with. The most popular ones, such as Facebook Messenger, Instagram, Whatsapp, Twitter, Snapchat, and Skype, are all out of the window since they don’t provide essential identity protection.

If you’re willing to make an effort to get a private phone number, Signal is a solid option that provides ease of use, end-to-end encryption, and many users. Telegram receives many recommendations too, but you have to be careful when using it; only Secret Chats are end-to-end encrypted, and they don’t support groups. However, group communication is at risk of a leak if a single user is compromised or spying on purpose.

Some new applications, such as Keet and Sessions, don’t require phone authentication and are starting to look promising, but their use remains low compared to Signal or Telegram. Some alternatives, like Sphinx, use the Bitcoin Lightning Network for end-to-end encrypted communication in a peer-to-peer fashion, with payment support.

Decentralized Social Media is a Reality

Social Media has always been a nightmare for privacy and censorship resistance, evolving further into a dystopian monopolistic market over the last decade. Mastodon came out in 2016 and has been a way to distribute server control in a federated system. Still, it requires an email address to sign up, and many servers are known for strict control of content policy, often for political or personal reasons.

Lately, a new alternative has emerged named Nostr that uses public-key cryptography for identity (no email address) and a relay model that allows users to switch from one server to another if censored. Nostr is different from other social networks because it has no single point of failure. You can also bring your connections when switching client applications, so a specific service can’t lock you because of its network effect. Here’s a list of clients you can use to sign up for Nostr.

How to Make Identity-Protecting Digital Payments

In this final section, I will dig into the missing key element to protect your identity in the digital world, Bitcoin, and how you can optimize your use to make it private by default.

For transaction purposes, Bitcoin uses addresses; identifiers comprised of random letters and numbers derived from your public key, which derives from your private key. After receiving bitcoin at your address, you can use your private key to spend it, which proves you own the bitcoin.

Blockchain and Network Privacy on Bitcoin

Given Bitcoin’s decentralized nature, audibility is a crucial feature to allow every peer-to-peer node to validate the authenticity of every transaction. Anyone can verify their Bitcoins are legitimate, but it also means that your transactions are available to the world. If you link your address to your identity, it creates invasive personal links to your total wallet balance and transaction history.

Following that logic, the first step towards keeping your identity secure when using Bitcoin would be to avoid linking your identity to one of your bitcoin addresses by not using KYC (know your customer) services such as centralized, regulated exchanges. You can acquire your bitcoin in ways that don’t require identity verification, such as peer-to-peer transactions, mining, or selling products and services for bitcoin. However, it’s not always easy due to location restrictions, low liquidity, and a limited Bitcoin circular economy. Also, when spending bitcoin remotely to receive physical goods, you must provide your physical address, which compromises your identity security.

On top of blockchain privacy, you require network privacy when using Bitcoin as any other Internet service or protocol. When using most light wallets or a Bitcoin node (e.g. Bitcoin Core), your network connection will reveal your IP address unless you configure it with a VPN or the Tor Network. Most wallets don’t keep your IP hidden out of the box and require configuration.

The Privacy Solution for Bitcoin: Wasabi Wallet

The top recommended bitcoin wallet for identity and privacy protection is Wasabi Wallet. First, there are no network configuration requirements when using Wasabi; Tor is prepackaged and activated as soon as you launch the application.

Then, once you deposit some bitcoin to your Wasabi wallet, it can be coinjoined for additional blockchain privacy. This process provides privacy for your bitcoin addresses even though a previous transaction you did has a link to your identity; by participating in a coinjoin, you break that link. The coordinator service run by ZKSnacks, the company behind Wasabi, can’t deanonymize or steal from you.

Wasabi Wallet is available across Desktop platforms, and you can download it here. If you want to learn more about Wasabi, there is publicly available documentation that can answer most of your questions. You can always join community groups (Discord, Telegram) to ask for further help or even get involved in the open-source project yourself if you want to contribute to Bitcoin privacy.

Conclusion

In this article, we enumerated the best technologies you can use to secure your identity online. We recommended a desktop and mobile operating system, networking routing tools such as a VPN or Tor, email address and phone number providers, end-to-end encrypted communication applications, a decentralized social media platform, and privacy-preserving payments through Bitcoin and Wasabi Wallet.

For further privacy tools, you can consult this website which reviews many technologies across the categories listed in this article and many others. Additionally, a password manager is an essential tool to add to your arsenal of identity protection technologies; you can find a list of reviewed ones here.

Stay safe out there and remember to reveal yourself to the world only in ways that make you comfortable; privacy is a human right. If you want to learn more about privacy or help acquaintances in their journey, Wasabi Wallet’s Blog is a perfect resource with many articles on this subject.

The post The Best Technologies for Keeping Your Identity Secure appeared first on Wasabi Wallet - Blog.

Usually, a Bitcoin node broadcasts not just the transactions of its user, but it also gossips all of the other transactions that it has received from its peers. Thus it is very difficult to find out which transactions originated from which node.

However, when a node does not gossip all transactions, but only the transactions of its user, like in the case of a light wallet, then it is easier to find out which node has sent those specific transactions.

Bitcoin Full Nodes

When you run your own full node, you can precisely verify if the bitcoin you receive are actually valid. When you do not verify this for yourself, then you need to ask another trusted third party how much money you have.
Regardless how you ask this other server, there is now more metadata available to potentially link your coins to your identity.

There are bad ways to communicate, like querying a block explorer over clearnet, and good ways to communicate, like using BIP 158 block filters over Tor. But regardless, running your own full node means that you don’t need to communicate with anyone about your specific coins and this is strictly better.

Bitcoin Transactions

When you make a Bitcoin transaction, you are essentially creating a message on your device and sending it to the Bitcoin network. Someone operating a large number of nodes on the Bitcoin network might be able to match some of your transactions to your IP address, then deanonymize your stack of bitcoin.

It is relatively easy to avoid this on a computer by relaying all transactions through the Tor network. Wasabi routes all traffic via Tor’s SOCKS5 proxy, by default. This means that by default, all network communication is secured from outside snooping and the IP address is hidden.

Wasabi and Tor

Even if no full node is installed, Wasabi has a light client mode based on BIP 158 block filters. The Wasabi coordinator’s v3 onion service sends a filter of all the transactions in each block to all the users over Tor. Then, users check locally if the block contains any transactions with their addresses. If not, then the filter is stored for later reference, and no block is downloaded.

However, if there is a user transaction in that block, then Wasabi connects to a random Bitcoin P2P node over Tor and asks for this entire block, not just one transaction. This block request is indistinguishable from the regular P2P gossip, and thus nobody, neither the server nor the full node, knows which addresses belong to the user.

All Wasabi traffic is tunneled through Tor. Wasabi connects only to onion nodes, so end-to-end encryption is enforced between the wallet and peers. All this without involving any exit node. Wasabi connects to each peer through a different Tor stream. A new Bitcoin peer is chosen for every transaction broadcast.

Tor Consensus Issues

On January 10, 2021, due to an implementation bug, Tor’s v3 onion services experienced instability. A bug fix is already on the way, but until the update you may experience connection problems and delays.

Normal Tor circuits (using exit relays) still work, and v2 onion services still work, but v3 onion services (like the one used for the Wasabi coordinator) are affected and may not publish descriptors, and clients won’t fetch them.

Fallback Scenario

As we said before, all Internet traffic goes through Tor, and by default all this traffic stays inside the onion network. This means that, in Wasabi coordinator’s case, as v3 services are used to coordinate the CoinJoin transactions, there may have been (or there may be) connection and communication problems.

To ensure service availability, Wasabi Wallet is equipped to offer a fallback scenario where exit nodes are involved. For example, if the Tor onion service of the backend becomes unavailable for the user, the wallet falls back to communicating with the backend’s clearnet endpoint, still over Tor. Wasabi also frequently utilizes multiple Tor streams where applicable.

This allows the user to continue to operate, even in unusual/offline onion backend conditions.
The Tor label inside Wasabi Wallet shows the status of the Tor daemon. You can check that your connection is active by keeping an eye on it.

Who have been affected

Most of our users haven’t noticed any interruptions because Wasabi was able to recover automatically. There were a few users who encountered intermittent Tor connection issues. But in most of these cases, restarting the Tor client solved the problem.

The post Wasabi Wallet and Tor Consensus Issues appeared first on Wasabi Wallet - Blog.

Given the huge correlation between Bitcoin and Tor, the news quickly reached major social media, chat rooms and forums; but there is still a lot of confusion about it.
This article will explain if Wasabi Wallet is affected by the issue and how the technology behind Wasabi guarantees security for its users.

TLDR

1. Bitcoin replacement attacks are not possible due to the architecture of Wasabi.
2. Even if they’d be Wasabi stays inside Tor, except in fallbacks.
3. Even if fallbacks, Wasabi enforces HTTPS traffic, so exit nodes still cannot read or replace the traffic.

Summary of the attack

The entire operation is an MITM (man-in-the-middle) attack to Tor users. This attack tries to manipulate traffic as it flows through (malicious hacker controlled) Tor exit relays. The attackers selectively remove HTTP-to-HTTPS redirects to gain full access to plain unencrypted HTTP traffic without causing TLS certificate warnings.

Specifically, hackers attacked multiple bitcoin mixers. They replaced bitcoin addresses in HTTP traffic to redirect transactions to their addresses instead of the user provided bitcoin ones. By replacing the destination address at the HTTP traffic level, the attackers hijacked the user’s funds without the users’ or the Bitcoin mixer’s knowledge.

Why Wasabi is safe and how it defends itself against this type of attack

It’s simple: because Wasabi Wallet is a non-custodial privacy-focused Bitcoin wallet that implements trustless CoinJoin, there are no addresses sent to a server when sending money.
Also, unlike many other “traditional” mixers where users must give control of their coins to another party and trust that this party will return the bitcoin to them, Wasabi Wallet does not take custody of assets.

When sending money, there is no network traffic saying something like send 1 BTC to bc1qar0srrr7xfkvy5l643lydnw9re59gtzzwf5mdq, so there is no amount or address that can be intercepted and replaced.
In Wasabi Wallet, the user broadcasts Signed transactions. In fact, the wallet broadcasts it to the P2P network using random nodes on the Tor onion network.

During CoinJoin phases, however, an exchange of information about addresses involved takes place.
Specifically, during the input registration phase, this is the data that is exchanged:

• The input coins that you want to register, together with the input proof signature.
• The cleartext change address.
• The cryptographically blinded anonset CoinJoin output.

And subsequently, during the output registration phase, this is the data that is exchanged:

• The cleartext address for the anonset CoinJoin output.
• The coordinator signature over that output.
• The round hash of all the inputs.

But even if an attacker were to carry out an MITM attack by breaking the cryptography that certifies the coordinator signed outputs and replacing an address, the client would not sign the transaction, so no one would be able to hijack the funds.

On the network side, by default and under normal conditions, Wasabi Wallet never leaves Tor onion network and it never uses Tor exit relays.
All Wasabi Wallet’s traffic stays inside the onion network, and most Tor attacks are not possible if exit nodes are not involved.
In Wasabi, exit nodes are only involved in fallback scenarios.

Fallback scenario? What are you talking about?

Let’s give an example: if the Tor onion service of the backend becomes unavailable for the user, the wallet falls back to communicating with the backend’s clearnet endpoint, still over Tor. This allows the user to continue to operate, even in unusual/offline onion backend conditions.
Regarding the website itself, connections are SSL-enforced and HSTS enabled.

Yes, I know, all these acronyms can seem difficult to understand. But just keep reading, and you will see that we will simplify them in the best possible way:

HTTP Strict Transport Security (HSTS) is a web security policy mechanism that helps to protect websites against man-in-the-middle attacks such as protocol downgrade attacks and cookie hijacking. It allows web servers to declare that web browsers (or other complying user agents) should automatically interact with it using only HTTPS connections, which provide Transport Layer Security (TLS/SSL), unlike the insecure HTTP used alone.
(Source: Wikipedia)

Don’t Trust, Verify!

As we mentioned earlier, Wasabi’s fallback servers (Mainnet and Testnet) make use of encrypted connections and enable HTTP Strict Transport Security.

Let’s start Wasabi Wallet, open the config file from the wallet GUI, go to File>Open>Config File.

The first lines should look like this:
"Network": "TestNet",
"MainNetBackendUriV3": "http://wasabiukrxmkdgve5kynjztuovbg43uxcbcxn6y2okcrsg7gb6jdmbad.onion/",
"TestNetBackendUriV3": "http://testwnp3fugjln6vh5vpj7mvq3lkqqwjj3c2aafyu7laxz42kgwh2rad.onion/",
"MainNetFallbackBackendUri": "https://wasabiwallet.io/",
"TestNetFallbackBackendUri": "https://wasabiwallet.co/",

MainNetFallbackBackendUri and TestNetFallbackBackendUri are, respectively, the two clearnet backends for Mainnet and Testnet to which Wasabi Wallet connects in case the two .onion backends are inaccessible.

As you can see, both of them are using secure HTTPS connections.
What about HSTS? For this, we can rely on one of the many tools online that allow you to test if a specific domain/ip has HSTS enabled.
Both of them have HSTS enabled, check for yourself:

• Fallback Mainnet backend test
• Fallback Testnet backend test

Your security, like your privacy, is our top priority

Wasabi Wallet is safe in both, Tor onion network and clearnet.
In addition to this, exit nodes are only involved in fallback scenarios. This type of scenario is extremely rare; and should it happen, we have still adopted all the best practices to ensure the safety of your funds.

Additionally, in a custodial mixer, a passive network attack is really dangerous because the attacker can deanonymize all the users and see all their activity. With Wasabi Wallet, this is not possible because even the Wasabi coordinator cannot deanonymize its users.

Learn more about how Tor works within Wasabi

Using Tor within Wasabi has several facets:

• Wasabi frequently utilizes multiple Tor streams where applicable and registration of CoinJoin inputs and outputs is done through different Tor streams to avoid linking.
• The backend server serves block filters to all the clients over Tor. From those filters, the clients figure out which blocks they are interested in and downloads them [and some false positive blocks] from random peers. One block per peer, and always over a fresh Tor stream.
• Wasabi connects to each peer through a different Tor stream. A new random Bitcoin peer is used for every transaction broadcast.
• Wasabi broadcasts transactions to only one peer over Tor, and immediately after that, the peer is disconnected.
• Every fee query happens over Tor with a new Tor identity.

Do you want to learn more? Visit our documentation pages!

The post Wasabi Wallet and Tor SSL stripping attacks appeared first on Wasabi Wallet - Blog.