diff options
| author | jbesraa <jbesraa@gmail.com> | 2025-03-25 05:52:07 -0700 |
|---|---|---|
| committer | bitcoindev <bitcoindev@googlegroups.com> | 2025-03-26 11:25:00 -0700 |
| commit | 57d407941f5c6958c3ea2a4326b28bf20e319662 (patch) | |
| tree | d4e01e5cf38609ae0d91749ef1d8f8b66ace2234 | |
| parent | 41db7e59f4e88ad3313681a3b44929c6626f343d (diff) | |
| download | pi-bitcoindev-57d407941f5c6958c3ea2a4326b28bf20e319662.tar.gz pi-bitcoindev-57d407941f5c6958c3ea2a4326b28bf20e319662.zip | |
[bitcoindev] Re: UTXO probing attack using payjoin
| -rw-r--r-- | d5/b87974282c487bf944e378b0798bcff849cdb7 | 199 |
1 files changed, 199 insertions, 0 deletions
diff --git a/d5/b87974282c487bf944e378b0798bcff849cdb7 b/d5/b87974282c487bf944e378b0798bcff849cdb7 new file mode 100644 index 000000000..6e30f0f97 --- /dev/null +++ b/d5/b87974282c487bf944e378b0798bcff849cdb7 @@ -0,0 +1,199 @@ +Delivery-date: Wed, 26 Mar 2025 11:25:00 -0700 +Received: from mail-yb1-f191.google.com ([209.85.219.191]) + by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + (Exim 4.94.2) + (envelope-from <bitcoindev+bncBDWZFZGAXUDBB4UMSG7QMGQE7ADB4SY@googlegroups.com>) + id 1txVQx-0001FV-OT + for bitcoindev@gnusha.org; Wed, 26 Mar 2025 11:25:00 -0700 +Received: by mail-yb1-f191.google.com with SMTP id 3f1490d57ef6-e02fff66a83sf247827276.0 + for <bitcoindev@gnusha.org>; Wed, 26 Mar 2025 11:24:59 -0700 (PDT) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=googlegroups.com; s=20230601; t=1743013494; x=1743618294; darn=gnusha.org; + h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post + :list-id:mailing-list:precedence:x-original-sender:mime-version + :subject:references:in-reply-to:message-id:to:from:date:sender:from + :to:cc:subject:date:message-id:reply-to; + bh=fnefT0QHm/cyZwdfT+ijZ2OPL8VXLehE2bK4XWNYo+o=; + b=FmAhWTaFNC7PB6hUUKd18FcqG9fO30bL5l6ZVbFQ7M9bq+7rV0HhGhEqLfIIs2HzWf + x+vW+l13X9Xlc43ZlWAqDoinLQv6Ve4b/v7B+xtsZuH3Zdn9AS9YGF6qvwzYwwZx/RvG + Ngcy5ZR9UMHIcYu3pmqRpzFc0vuC5720JEHZtJ21se53vQu2XxxHcRYWMQ1zQ/+/sFHA + zWqUQomN0kZORy2pNIQ1vOLm6ZI/pIVVj/onacZ1FRQJcatxSdaotdVQ4EndToWLq3qq + 74y70dPgPHXszELHLCw14LBEedbOz3X6YOZlAM0GeZzaIVzxsoTyCsaYnsCTi39K6LaE + a4QA== +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=gmail.com; s=20230601; t=1743013494; x=1743618294; darn=gnusha.org; + h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post + :list-id:mailing-list:precedence:x-original-sender:mime-version + :subject:references:in-reply-to:message-id:to:from:date:from:to:cc + :subject:date:message-id:reply-to; + bh=fnefT0QHm/cyZwdfT+ijZ2OPL8VXLehE2bK4XWNYo+o=; + b=H2Nu1TUmkfmNc+nlaC82PRpNVM2kZ7TUwBBsyjWW7PWmC5CDk7q4KHZv37unA2SI9a + UtZ5zXJuTdkPV0Hnf1/oLdJk/IPn7mVy3aieA0Fh8zmd1fipMn9hOYtTqqQ2Jxqy9KdX + 81blJsL3A4CjMPMewk3YrAxBCq7EpLm5d7i3z/10hCoOluCkPT3sKhWINCNQQbvONrsN + wlv6Wo/AU55hzXOcxbkhRo9UA2Pf9VkLs9WRSLuiUY/XTTpdagJ5UJg3lYuryngEpvVj + hDHZvhqkWk1EVnPpP/K58GjLZvq9EP7/JrmMRcDSzzndvnNEUj0CuRbOaOcW2rT9R5jD + e7Yw== +X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=1e100.net; s=20230601; t=1743013494; x=1743618294; + h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post + :list-id:mailing-list:precedence:x-original-sender:mime-version + :subject:references:in-reply-to:message-id:to:from:date:x-beenthere + :x-gm-message-state:sender:from:to:cc:subject:date:message-id + :reply-to; + bh=fnefT0QHm/cyZwdfT+ijZ2OPL8VXLehE2bK4XWNYo+o=; + b=ttPsmqVkrHKEjYTGMmqhvC1H88fy5EJKK1eNSUYxF16cZysZ2svRJpuRbr94SSJUFN + gZQMd7QZ4BubxeJKYv96jffcwUBsKxMzmi0C9jZxYEwhvRwB4+4MD2dWQIfqQ2FLiPbm + IUtnYzhENpFqsYJDg++VqauHndonUzLVgf21VHdVFxZJTk3Zr2KVxjMH/gfqnwkxD48S + yJwINZ2JXJROpRYB0r1de3iHULfikcAkTz52ZDiPfV77/bT0MJO11fkoDdprL4ZI+4MQ + FgPIYPX46++ZdmyGwKYswxZd0N31hF14ni44eHkQZveMnrGsGHP0Tr0sBOK4/MwZJSFY + 03ww== +Sender: bitcoindev@googlegroups.com +X-Forwarded-Encrypted: i=1; AJvYcCVcq+sSJvTxzAnVkoQv1vyZw62cKky48BVT0+pIYUDwO3iFQaqmOSHpJRNZa1L9DA4+2S+52N/kBz/N@gnusha.org +X-Gm-Message-State: AOJu0Yw8kPvjBqmRt0JNLmol95bVss9MZYRHO1oDpIa61pAEAb2HcliG + jNAyBNu+CiGhbkVMzQGNULZFKDIJ0WavTRs2sR6FjcNrE84Tv/2D +X-Google-Smtp-Source: AGHT+IEhDucePwvpVabQAJWZLNuZKhAijBBKS/qOE7XM+93g3S6oLvpcs9M/ZbOFbZ+9qyBe7Jq5SA== +X-Received: by 2002:a05:6902:168f:b0:e64:b9c:47b7 with SMTP id 3f1490d57ef6-e694357b090mr1023716276.19.1743013493843; + Wed, 26 Mar 2025 11:24:53 -0700 (PDT) +X-BeenThere: bitcoindev@googlegroups.com; h=ARLLPAJSfVzJtiI5WFo1fO8FLBkp67LfUfvOLju7QQ8tK776NA== +Received: by 2002:a25:aa4d:0:b0:e60:8901:aead with SMTP id 3f1490d57ef6-e6942e6855dls226516276.2.-pod-prod-07-us; + Wed, 26 Mar 2025 11:24:50 -0700 (PDT) +X-Received: by 2002:a05:690c:62c9:b0:6fe:c007:3b20 with SMTP id 00721157ae682-70224f87d39mr8682687b3.2.1743013490577; + Wed, 26 Mar 2025 11:24:50 -0700 (PDT) +Received: by 2002:a81:a947:0:b0:6ef:590d:3213 with SMTP id 00721157ae682-700ba2435b8ms7b3; + Tue, 25 Mar 2025 05:52:10 -0700 (PDT) +X-Received: by 2002:a05:690c:4444:b0:6fe:e79f:bd8f with SMTP id 00721157ae682-700bacd58eemr242796727b3.26.1742907128249; + Tue, 25 Mar 2025 05:52:08 -0700 (PDT) +Date: Tue, 25 Mar 2025 05:52:07 -0700 (PDT) +From: jbesraa <jbesraa@gmail.com> +To: Bitcoin Development Mailing List <bitcoindev@googlegroups.com> +Message-Id: <1c7130d4-cbac-4404-968c-9eb7b4e2e4cbn@googlegroups.com> +In-Reply-To: <450755f1-84c5-4f32-abe0-67087ae884d6n@googlegroups.com> +References: <450755f1-84c5-4f32-abe0-67087ae884d6n@googlegroups.com> +Subject: [bitcoindev] Re: UTXO probing attack using payjoin +MIME-Version: 1.0 +Content-Type: multipart/mixed; + boundary="----=_Part_29026_329018632.1742907127780" +X-Original-Sender: JbEsraa@gmail.com +Precedence: list +Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com +List-ID: <bitcoindev.googlegroups.com> +X-Google-Group-Id: 786775582512 +List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com> +List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com> +List-Archive: <https://groups.google.com/group/bitcoindev +List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com> +List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>, + <https://groups.google.com/group/bitcoindev/subscribe> +X-Spam-Score: -0.5 (/) + +------=_Part_29026_329018632.1742907127780 +Content-Type: multipart/alternative; + boundary="----=_Part_29027_568568523.1742907127780" + +------=_Part_29027_568568523.1742907127780 +Content-Type: text/plain; charset="UTF-8" +Content-Transfer-Encoding: quoted-printable + +While the possibility of UTXO probing via Payjoin is a valid concern=20 +regarding privacy, it's important to note that it might not always come=20 +without cost for the attacker. The Payjoin recipient needs to validate the= +=20 +initial request, ensuring the sender's inputs are broadcastable. This means= +=20 +the recipient could, in practice, broadcast the initial transaction even if= +=20 +the sender aborts the Payjoin. Furthermore, implementing strategies like=20 +maintaining a set of 'seen inputs' can make such probing attempts more=20 +easily detectable and less effective. While these measures don't eliminate= +=20 +the privacy considerations entirely, they do highlight that recipients have= +=20 +potential defenses and that probing isn't necessarily a risk-free endeavor= +=20 +for the attacker. + +On Tuesday, March 25, 2025 at 1:48:15=E2=80=AFPM UTC+2 /dev /fd0 wrote: + +Hi everyone,=20 + +Sometimes we are curious and want to know about UTXOs in other wallets.=20 +Payjoin allows you to do this and the recipient would never doubt it=20 +because it's a privacy tool. It's possible to find UTXO in recipient's=20 +wallet without sending any bitcoin. It's called UTXO probing attack and=20 +described in BIP 77-78. + +I have shared a demo with all the details in this [post][0]. I have used=20 +bullbitcoin wallet for testing this because it was the only [wallet][1]=20 +which supports payjoin v2 (send, receive) and testnet3. + +I think users should be aware of this tradeoff and the information they=20 +share with the sender in payjoin. Payjoin should only be used with trusted= +=20 +senders. + +[0]: https://uncensoredtech.substack.com/p/utxo-probing-attack-using-payjoi= +n +[1]: https://en.bitcoin.it/wiki/PayJoin_adoption + +/dev/fd0 +floppy disk guy + +--=20 +You received this message because you are subscribed to the Google Groups "= +Bitcoin Development Mailing List" group. +To unsubscribe from this group and stop receiving emails from it, send an e= +mail to bitcoindev+unsubscribe@googlegroups.com. +To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/= +1c7130d4-cbac-4404-968c-9eb7b4e2e4cbn%40googlegroups.com. + +------=_Part_29027_568568523.1742907127780 +Content-Type: text/html; charset="UTF-8" +Content-Transfer-Encoding: quoted-printable + +While the possibility of UTXO probing via Payjoin is a valid concern=20 +regarding privacy, it's important to note that it might not always come=20 +without cost for the attacker. The Payjoin recipient needs to validate=20 +the initial request, ensuring the sender's inputs are broadcastable.=20 +This means the recipient could, in practice, broadcast the initial=20 +transaction even if the sender aborts the Payjoin. Furthermore,=20 +implementing strategies like maintaining a set of 'seen inputs' can make + such probing attempts more easily detectable and less effective. While=20 +these measures don't eliminate the privacy considerations entirely, they + do highlight that recipients have potential defenses and that probing=20 +isn't necessarily a risk-free endeavor for the attacker.<br /><br /><div><d= +iv dir=3D"auto">On Tuesday, March 25, 2025 at 1:48:15=E2=80=AFPM UTC+2 /dev= + /fd0 wrote:<br /></div><blockquote style=3D"margin: 0px 0px 0px 0.8ex; bor= +der-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">Hi everyone, <b= +r /><br />Sometimes we are curious and want to know about UTXOs in other wa= +llets. Payjoin allows you to do this and the recipient would never doubt it= + because it's a privacy tool. It's possible to find UTXO in recipient's wal= +let without sending any bitcoin. It's called UTXO probing attack and descri= +bed in BIP 77-78.<br /><br />I have shared a demo with all the details in t= +his [post][0]. I have used bullbitcoin wallet for testing this because it w= +as the only [wallet][1] which supports payjoin v2 (send, receive) and testn= +et3.<br /><br />I think users should be aware of this tradeoff and the info= +rmation they share with the sender in payjoin. Payjoin should only be used = +with trusted senders.<br /><br />[0]: <a href=3D"https://uncensoredtech.sub= +stack.com/p/utxo-probing-attack-using-payjoin" target=3D"_blank" rel=3D"nof= +ollow">https://uncensoredtech.substack.com/p/utxo-probing-attack-using-payj= +oin</a><br />[1]: <a href=3D"https://en.bitcoin.it/wiki/PayJoin_adoption" t= +arget=3D"_blank" rel=3D"nofollow">https://en.bitcoin.it/wiki/PayJoin_adopti= +on</a><br /><br />/dev/fd0<br />floppy disk guy</blockquote></div> + +<p></p> + +-- <br /> +You received this message because you are subscribed to the Google Groups &= +quot;Bitcoin Development Mailing List" group.<br /> +To unsubscribe from this group and stop receiving emails from it, send an e= +mail to <a href=3D"mailto:bitcoindev+unsubscribe@googlegroups.com">bitcoind= +ev+unsubscribe@googlegroups.com</a>.<br /> +To view this discussion visit <a href=3D"https://groups.google.com/d/msgid/= +bitcoindev/1c7130d4-cbac-4404-968c-9eb7b4e2e4cbn%40googlegroups.com?utm_med= +ium=3Demail&utm_source=3Dfooter">https://groups.google.com/d/msgid/bitcoind= +ev/1c7130d4-cbac-4404-968c-9eb7b4e2e4cbn%40googlegroups.com</a>.<br /> + +------=_Part_29027_568568523.1742907127780-- + +------=_Part_29026_329018632.1742907127780-- + |