Date: Mon, 16 Oct 2023 05:00:32 +0000
To: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
From: alicexbt <alicexbt@protonmail.com>
Message-ID: <GJFd9NY46XIhy6Oes3p5fThQv77xvpvqinLJh1M2Vxp-QY6ywneTz40QLuW9kWg_0wtlb-4iTxKukkVxtH75upJLz5eouc90O2uJGoXEQNk=@protonmail.com>
Feedback-ID: 40602938:user:proton
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Subject: [bitcoin-dev] Goldfish: Spoofing wallet fingerprints to improve
	privacy
Precedence: list

Hi Bitcoin Developers,


### Problem

Wallet fingerprinting: Identifying the bitcoin wallet used to create the tr=
ansaction

### Previous research

A) 0xB10C wrote a [blog post][0] in 2020 about wallet fingerprinting.

   Most transactions followed the fee rate recommendations provided by Bloc=
kchain.com and had same characteristics, including=20
   using P2PKH outputs, having either one or two outputs created, a transac=
tion version 1, and BIP-69 compliance.

   Suggested solutions:=20
  =20
   1. Randomness in fee rates
   2. Broadening fingerprint
      - Support receiving to and spending from different address types
      - Time-lock some of the created transactions to the current block hei=
ght
      - Set a random transaction version when constructing the transaction
   3. Spoofing

B) achow101 created a [tool][1] in 2022 to identify wallet from a bitcoin t=
ransaction

   This tool focused on 2 fingerprints (bitcoin core and electrum) although=
 lot of other bitcoin wallets are used.
   It is good proof of concept which can be improved further by adding more=
 fingerprints in it.

C) I wrote a [blog post][2] about wallet fingerprinting based on nLocktime,=
 nVersion used by different wallets.

D) ishaanam wrote a [blog post][3] recently based on her research about wal=
let fingerprinting which covers lot of things.

   1. Fingerprints categorized into 4 types: Independent, Probabilistic, De=
pendent, and Temporal
   2. Observations based on 8 bitcoin wallets:
      - Bitcoin Core (v. 25.0)
      - Electrum (v. 4.4.5)
      - Blue Wallet (v. 6.4.6 iOS)
      - Exodus (v. 23.7.2 iOS)
      - Trust Wallet (v. 9. 0 iOS)
      - Coinbase Wallet (v. 28.53 iOS)
      - Trezor Suite (v. 23.7.2)
      - Ledger Live (v. 2.64.2)
   3. Fingerprints [table][4]
   4. [Wallet Fingerprint Detector][5]

      Conclusion:=20

      > There is no clear cut solution to the issues discussed here. While =
some fingerprints would be trivial to eliminate,
      > it will be difficult to eliminate fingerprinting entirely. Just bec=
ause something is a fingerprint does not=20
      > automatically mean that it should not be done by a wallet. For inst=
ance, all transactions of a wallet having a=20
      > certain input order or change index should definitely be modified, =
but things like anti-fee-sniping and the spending
      > of taproot UTXOs are still worthwhile.

### Solution=20

A [tool][6] for spoofing wallet fingerprint. It is a proof of concept which=
 can be improved further if everyone finds it useful.
It supports nLocktime, nVersion and BIP 69 ordering for 2 bitcoin wallets (=
electrum and blue). Users can enter PSBT and spoof its
wallet fingerprint based on the option selected in dropdown list.


### Rationale

 - As protocol developers continue to introduce changes that impact user pr=
ivacy, such as the upcoming version 3 transactions,
   identifying wallets based on transaction becomes easier.
 - All wallets will never have same fingerprint.
 - For users who prioritize privacy, spoofing presents a viable solution.
 - While similar techniques have been applied in the context of browser fin=
gerprinting, they can also be adapted for bitcoin
   transactions.

 Comparison with browser fingerprinting:

 A browser fingerprint typically comprises various things such as the user =
agent, IP address, canvas fingerprint, WebGL information,
 installed fonts, timezone, screen resolution, cookie data, system info etc=
. In contrast, a wallet fingerprint for bitcoin transactions
 includes RBF signaling, transaction version, BIP 69 ordering, fee rate, ch=
ange position and type etc.

 If a tool can effectively spoof a browser fingerprint, same concept could =
be applied to bitcoin transactions as well. [Tor browser][7]=20
 protects against fingerprinting by making fingerprints of all users same i=
rrespective of their device or OS. It's important
 to note that existing tools attempting to identify wallets from transactio=
ns include lot of false positives, and the introduction of=20
 spoofing could further increase their prevalence. This increased uncertain=
ty in identifying wallet can make chain analysis difficult,=20
 ultimately enhancing privacy. Some privacy-focused wallets may even consid=
er implementing this feature in wallets.

### Acknowledgement
=20
 0xB10C, achow101, ishaanam, pythcoiner and statusquont

[0]: https://b10c.me/observations/03-blockchaincom-recommendations/
[1]: https://github.com/achow101/wallet-fingerprinting
[2]: https://consentonchain.github.io/blog/posts/fingerprinting/
[3]: https://ishaana.com/blog/wallet_fingerprinting/
[4]: https://ishaana.com/blog/wallet_fingerprinting/fingerprints_final.png
[5]: https://github.com/ishaanam/wallet-fingerprinting
[6]: https://gitlab.com/1440000bytes/goldfish
[7]: https://blog.torproject.org/browser-fingerprinting-introduction-and-ch=
allenges-ahead/


/dev/fd0
floppy disk guy

Sent with Proton Mail secure email.