Return-Path: Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id F386CC0032 for ; Mon, 16 Oct 2023 05:00:47 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id BB0884047B for ; Mon, 16 Oct 2023 05:00:47 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org BB0884047B Authentication-Results: smtp2.osuosl.org; dkim=pass (2048-bit key) header.d=protonmail.com header.i=@protonmail.com header.a=rsa-sha256 header.s=protonmail3 header.b=Z3T86OCf X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -0.099 X-Spam-Level: X-Spam-Status: No, score=-0.099 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fMhrYAn9PYxW for ; Mon, 16 Oct 2023 05:00:46 +0000 (UTC) Received: from mail-0301.mail-europe.com (mail-0301.mail-europe.com [188.165.51.139]) by smtp2.osuosl.org (Postfix) with ESMTPS id DF52F4023F for ; Mon, 16 Oct 2023 05:00:45 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org DF52F4023F DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail3; t=1697432436; x=1697691636; bh=U3MFhzpKgZzm44ZueV8vyYXGr3ceyH+gXZvoHuhO38A=; h=Date:To:From:Subject:Message-ID:Feedback-ID:From:To:Cc:Date: Subject:Reply-To:Feedback-ID:Message-ID:BIMI-Selector; b=Z3T86OCfcuB+nScznS3UE7mS7J8a1xaq5dtyicwRn1FNZWycP1+JdhK+hQu2E8qRP bRQvDLGFGARlifLymGCaAYZoi+E5Dcadxw5AM9WTzgzMFwT0U8TknzV0QmnyXxjWKm /ATO+h3CBMNLP5DGshiKurzm2akkQ+IBg1an1A/tvc+NnEucW7gEHL3iMxNVmeomiu FAml5uj20hi/n5bIXRMVd1706CSpTYYBDkQt7gbZ4CG9UTTPXffYTX/n+EJlWIudA3 zO5d128OYEH+jQPwyId+o0FCy/VeQn9DnYZTXkijFsyPNG96OyoqoPw5kAf0Ygc16P e1/iiZ0LU/Qzw== Date: Mon, 16 Oct 2023 05:00:32 +0000 To: Bitcoin Protocol Discussion From: alicexbt Message-ID: Feedback-ID: 40602938:user:proton MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Mailman-Approved-At: Mon, 16 Oct 2023 14:07:32 +0000 Subject: [bitcoin-dev] Goldfish: Spoofing wallet fingerprints to improve privacy X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 16 Oct 2023 05:00:48 -0000 Hi Bitcoin Developers, ### Problem Wallet fingerprinting: Identifying the bitcoin wallet used to create the tr= ansaction ### Previous research A) 0xB10C wrote a [blog post][0] in 2020 about wallet fingerprinting. Most transactions followed the fee rate recommendations provided by Bloc= kchain.com and had same characteristics, including=20 using P2PKH outputs, having either one or two outputs created, a transac= tion version 1, and BIP-69 compliance. Suggested solutions:=20 =20 1. Randomness in fee rates 2. Broadening fingerprint - Support receiving to and spending from different address types - Time-lock some of the created transactions to the current block hei= ght - Set a random transaction version when constructing the transaction 3. Spoofing B) achow101 created a [tool][1] in 2022 to identify wallet from a bitcoin t= ransaction This tool focused on 2 fingerprints (bitcoin core and electrum) although= lot of other bitcoin wallets are used. It is good proof of concept which can be improved further by adding more= fingerprints in it. C) I wrote a [blog post][2] about wallet fingerprinting based on nLocktime,= nVersion used by different wallets. D) ishaanam wrote a [blog post][3] recently based on her research about wal= let fingerprinting which covers lot of things. 1. Fingerprints categorized into 4 types: Independent, Probabilistic, De= pendent, and Temporal 2. Observations based on 8 bitcoin wallets: - Bitcoin Core (v. 25.0) - Electrum (v. 4.4.5) - Blue Wallet (v. 6.4.6 iOS) - Exodus (v. 23.7.2 iOS) - Trust Wallet (v. 9. 0 iOS) - Coinbase Wallet (v. 28.53 iOS) - Trezor Suite (v. 23.7.2) - Ledger Live (v. 2.64.2) 3. Fingerprints [table][4] 4. [Wallet Fingerprint Detector][5] Conclusion:=20 > There is no clear cut solution to the issues discussed here. While = some fingerprints would be trivial to eliminate, > it will be difficult to eliminate fingerprinting entirely. Just bec= ause something is a fingerprint does not=20 > automatically mean that it should not be done by a wallet. For inst= ance, all transactions of a wallet having a=20 > certain input order or change index should definitely be modified, = but things like anti-fee-sniping and the spending > of taproot UTXOs are still worthwhile. ### Solution=20 A [tool][6] for spoofing wallet fingerprint. It is a proof of concept which= can be improved further if everyone finds it useful. It supports nLocktime, nVersion and BIP 69 ordering for 2 bitcoin wallets (= electrum and blue). Users can enter PSBT and spoof its wallet fingerprint based on the option selected in dropdown list. ### Rationale - As protocol developers continue to introduce changes that impact user pr= ivacy, such as the upcoming version 3 transactions, identifying wallets based on transaction becomes easier. - All wallets will never have same fingerprint. - For users who prioritize privacy, spoofing presents a viable solution. - While similar techniques have been applied in the context of browser fin= gerprinting, they can also be adapted for bitcoin transactions. Comparison with browser fingerprinting: A browser fingerprint typically comprises various things such as the user = agent, IP address, canvas fingerprint, WebGL information, installed fonts, timezone, screen resolution, cookie data, system info etc= . In contrast, a wallet fingerprint for bitcoin transactions includes RBF signaling, transaction version, BIP 69 ordering, fee rate, ch= ange position and type etc. If a tool can effectively spoof a browser fingerprint, same concept could = be applied to bitcoin transactions as well. [Tor browser][7]=20 protects against fingerprinting by making fingerprints of all users same i= rrespective of their device or OS. It's important to note that existing tools attempting to identify wallets from transactio= ns include lot of false positives, and the introduction of=20 spoofing could further increase their prevalence. This increased uncertain= ty in identifying wallet can make chain analysis difficult,=20 ultimately enhancing privacy. Some privacy-focused wallets may even consid= er implementing this feature in wallets. ### Acknowledgement =20 0xB10C, achow101, ishaanam, pythcoiner and statusquont [0]: https://b10c.me/observations/03-blockchaincom-recommendations/ [1]: https://github.com/achow101/wallet-fingerprinting [2]: https://consentonchain.github.io/blog/posts/fingerprinting/ [3]: https://ishaana.com/blog/wallet_fingerprinting/ [4]: https://ishaana.com/blog/wallet_fingerprinting/fingerprints_final.png [5]: https://github.com/ishaanam/wallet-fingerprinting [6]: https://gitlab.com/1440000bytes/goldfish [7]: https://blog.torproject.org/browser-fingerprinting-introduction-and-ch= allenges-ahead/ /dev/fd0 floppy disk guy Sent with Proton Mail secure email.