summaryrefslogtreecommitdiff
path: root/7c/efa6eeb5b756d94c7c901ac46b81b79d48b778
blob: bd87e001fdc24957d2f07070cbe6a2259f309e3b (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
Return-Path: <slurms@gmx.us>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 825D8407
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Fri, 24 Jul 2015 09:38:49 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from mout.gmx.net (mout.gmx.net [212.227.15.19])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 9CC49172
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Fri, 24 Jul 2015 09:38:48 +0000 (UTC)
Received: from [115.187.143.132] by 3capp-mailcom-bs01.server.lan (via
	HTTP); Fri, 24 Jul 2015 11:38:44 +0200
MIME-Version: 1.0
Message-ID: <trinity-8808ac13-3a67-4337-a9c8-fcb361ea071e-1437730724154@3capp-mailcom-bs01>
From: "Slurms MacKenzie" <slurms@gmx.us>
To: "Eric Voskuil" <eric@voskuil.org>
Content-Type: text/plain; charset=UTF-8
Date: Fri, 24 Jul 2015 11:38:44 +0200
Importance: normal
Sensitivity: Normal
In-Reply-To: <55B1C2A2.6020704@voskuil.org>
References: =?UTF-8?Q?<55AFBBE6.3060702@electrum.org>=20<1437606706.2688.0.camel@yahoo.com>=09<114b2a76-ebc7-461a-b4bc-10873574d6c4@HUB2.rwth-ad.de>=09<CAH+=3DZ+Xt4mja348Rg5Ot0u1VeCnVxm0wkVUA3GVgryZ4Yp4QNw@mail.gmail.com>,
	=09<55B1A254.6070806@voskuil.org>=20<trinity-61061d18-d667-4dd3-b87e-01880612c446-1437709327718@3capp-mailcom-bs10>,
	=20<55B1C2A2.6020704@voskuil.org>?=
X-UI-Message-Type: mail
X-Priority: 3
X-Provags-ID: V03:K0:h4rThA+9fsfb5VcgdKFkWVyU5Z7cx7/jyrX83WS/9qS
	080/ItNKIS1JoRtQVsbpmTVFWwnxsqdkXW6I5KyCALcsIx63B9
	LbqstxLyFJynwlA94Zi4BberXcl+bPQQeYSBLsEHgxNxaRRQpC
	POKoj6F1pAGK6jFjc51XnpgfbStlGFYBPKU4cZcgqutAjYPPdD
	l5tmUPhVPCvZFVXLbkQ2WQnzh2v0oB/TytQUbkXx5zMUOuDs8P
	8yUR/MqyeBxdxw0bybpWdLQr2eKsdVGsYeq7+W/BLuqA23g82a
	sO9aT+i9JZYR2mHWRRwdkqITE0r
X-UI-Out-Filterresults: notjunk:1;V01:K0:0Z9a3xPdfNs=:g9ZdK3m5bhHbIoOioqjICp
	1Lfbk6EfH0W1nNXJwMjUN3CdpjbpM2gtibxjvuB0JLOyZGwCe7ahWtDFzep5+eLZpQNTNMNxt
	jQ5azPb+1qdOU10tLjZRj03lpxfSUEB7Ii2f1w5yE5i6ANsp9x9UtcKqChQguyJWb0e6xt6YM
	z0gxjEF4MyKNzK4GfQVVWJV4nVhlNS2qi9lwHRUber/FWLc9V2BIf4Nes/hYOgHhnAItVbMQH
	vre2cM59c3dAQr1ovAiY2TJdN+WU+IFtKVK1uRDNmancOsd7jJd42S8xiCn72nVP5KJMezOe8
	pqvHXBYqK2dIQpiNrcS9GviN49IAaau7X6QjfvBL+ExJuIFf5wnhqguLqJbGrIxe0LqonG30u
	Hg0tHV5h31M+0Z2Y2wm7gbcdapn48dXj8xfkEkYu1We9iZnmSocaFM1VzTjCpf+X5oOC+xxqE
	UhW5Yue68g==
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM,
	RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Cc: bitcoin-dev@lists.linuxfoundation.org
Subject: Re: [bitcoin-dev] Making Electrum more anonymous
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Fri, 24 Jul 2015 09:38:49 -0000

> Sent: Friday, July 24, 2015 at 6:44 AM
> From: "Eric Voskuil" <eric@voskuil.org>
> To: "Slurms MacKenzie" <slurms@gmx.us>, bitcoin-dev@lists.linuxfoundation.org
> Subject: Re: [bitcoin-dev] Making Electrum more anonymous
> 
> This is why privacy remains a significant issue. Privacy is an essential
> aspect of fungibility. This is a central problem for Bitcoin. 

Somewhat under discussed too, really. Peoples money doesn't fly out the window when their privacy is ripped out from under them, as such discussing it seems a little meaningless. As some of the most popular wallets don't even use change addresses, for the comfort of the developers and at the cost of the user. 


> Solving the latter two problems can go a long way to reducing the impact
> of the former. But currently the only solution is to run a full chain
> wallet. This is not a viable solution for many scenarios, and getting
> less so.

Which makes the general clambering for demise of the full node wallet all the more baffling.


> Well because of presumed relationship in time these are not actually
> separated requests. Which is why even the (performance-unrealistic)
> option of a distinct Tor route for each independent address request is
> *still* problematic.

Yep, any leak is a useful leak. Even if you only expose one single address request to me, I now have an idea of what timezone you are in and can eliminate it from other implausible ones. Onion routing is not a solution in my mind, you're just asking for people to sybil attack Electrum clients to capture as much timing data as possible. There's no defending against that.


> Introducing truly-random timing variations into the mixnet solutions can
> mitigate timing attacks, but yes, this just makes the already
> intolerable performance problem much worse.

Realistically this is all too broken to be building wallets on top of. 

SPV clients are neither secure nor private, we should feel guilty for ever promoting them.