Why does Bitcoin not hide one's total wealth?
January 18, 2014 9:46 AM Subscribe
With little experience in bitcoins, I'm strongly convinced that any single person doing business with you can (with some work) figure out your potential wealth in bitcoin currency. Is this really the case?
If so, why does it seem none of the resources (bitcoin.org, Wikipedia, ...) are talking about it? Isn't this a major flaw in the system, rendering it unsuitable as a real life currency?
My thesis: a transaction is based on real life business, which usually identifies a buyer in some way. Say I'm paying my internet access with bitcoins to the provider. They then have one sending address, which is identified as me. From this address, they can then construct a graph based on the blockchain and find all my other addresses, thus being able to count (or at the least estimate) my wealth. This is possible because I have to transfer Fiat money to get bitcoins and regardless of how many transactions and addresses I use for that, there're always be enough trace to find "all" my plausible transactions and thus overall balance.
(I'm aware I can create a new address for every transaction, but I still need to either fund that address to be able to pay, or later use balance from this address to fund another address.)
If so, why does it seem none of the resources (bitcoin.org, Wikipedia, ...) are talking about it? Isn't this a major flaw in the system, rendering it unsuitable as a real life currency?
My thesis: a transaction is based on real life business, which usually identifies a buyer in some way. Say I'm paying my internet access with bitcoins to the provider. They then have one sending address, which is identified as me. From this address, they can then construct a graph based on the blockchain and find all my other addresses, thus being able to count (or at the least estimate) my wealth. This is possible because I have to transfer Fiat money to get bitcoins and regardless of how many transactions and addresses I use for that, there're always be enough trace to find "all" my plausible transactions and thus overall balance.
(I'm aware I can create a new address for every transaction, but I still need to either fund that address to be able to pay, or later use balance from this address to fund another address.)
If you're performing a transaction which reveals your identity to the other party then you've forfeited anonymity. So you're correct, but if you pay your bills with bitcoins from your anonymous wallet then you are doing it wrong.
For full anonymity you'll need some way to get bitcoins -- ideally cash -- and something to do with them that doesn't identify you. This is pretty hard.
posted by katrielalex at 10:32 AM on January 18, 2014
For full anonymity you'll need some way to get bitcoins -- ideally cash -- and something to do with them that doesn't identify you. This is pretty hard.
posted by katrielalex at 10:32 AM on January 18, 2014
I think you may be thinking about this backwards. The problem here is that most businesses will not conduct transactions with anonymous counter-parties. You don't have to show government ID or otherwise prove your identity, but you do have to give out information that can be used to positively identify you. And if you give out false information, the transaction is likely to fail.
I'm a lawyer. I have at my disposal tools which will permit me to perform public records searches. If I have your name and state of residence, I can probably find out everywhere you have ever lived inside of five minutes. So if I ever get someone's address, I have the ability to find out a scary amount of information about them, not only for a trivial amount of effort, but for no extra cost to me. I pay a monthly fee to access this service.*
So as has been suggested, the problem here isn't that you're potentially revealing something about your identity when you conduct a transaction in Bitcoins. It's that if you conduct a transaction that isn't otherwise anonymous, anyone who has a reason to do so already knows more about you than you'd probably think--or can find out very easily--whether or not the transaction is conducted in Bitcoins.
And lest you think that there's a technical fix here, I'm not sure that there is. Court orders don't give a damn about SSH. Encryption works to prevent unauthorized, malicious interception, but it will not do anything to prevent the authorities from finding you. Subpoenas are serious business.
*And no, you can't have it. You have to prove your professional credentials to even sign up, and then you have to agree to a whole bunch of restrictions on the use of those things. Users cannot simply look people up for the hell of it. But if I have a legitimate reason to want to know about you, you probably don't want to know the information that is a matter of public record.
posted by valkyryn at 12:07 PM on January 18, 2014 [1 favorite]
I'm a lawyer. I have at my disposal tools which will permit me to perform public records searches. If I have your name and state of residence, I can probably find out everywhere you have ever lived inside of five minutes. So if I ever get someone's address, I have the ability to find out a scary amount of information about them, not only for a trivial amount of effort, but for no extra cost to me. I pay a monthly fee to access this service.*
So as has been suggested, the problem here isn't that you're potentially revealing something about your identity when you conduct a transaction in Bitcoins. It's that if you conduct a transaction that isn't otherwise anonymous, anyone who has a reason to do so already knows more about you than you'd probably think--or can find out very easily--whether or not the transaction is conducted in Bitcoins.
And lest you think that there's a technical fix here, I'm not sure that there is. Court orders don't give a damn about SSH. Encryption works to prevent unauthorized, malicious interception, but it will not do anything to prevent the authorities from finding you. Subpoenas are serious business.
*And no, you can't have it. You have to prove your professional credentials to even sign up, and then you have to agree to a whole bunch of restrictions on the use of those things. Users cannot simply look people up for the hell of it. But if I have a legitimate reason to want to know about you, you probably don't want to know the information that is a matter of public record.
posted by valkyryn at 12:07 PM on January 18, 2014 [1 favorite]
Response by poster: Thanks Richb, Katrielalex. Why don't you consider this a major flaw?
Valkyryn, I was not intending to ask about anonymity, but about the transparency of overall wealth (in bitcoins). I don't care about being anonymous, I want my internet provider to know who I am. They cannot provide me internet if they don't. I do not want them to know however my total wealth, net worth, total assets...
And no, I believe you will know none of that. I do not live in the U.S. and for the local equivalent services, I know they do not have that information on me.
posted by oxit at 12:20 PM on January 18, 2014
Valkyryn, I was not intending to ask about anonymity, but about the transparency of overall wealth (in bitcoins). I don't care about being anonymous, I want my internet provider to know who I am. They cannot provide me internet if they don't. I do not want them to know however my total wealth, net worth, total assets...
And no, I believe you will know none of that. I do not live in the U.S. and for the local equivalent services, I know they do not have that information on me.
posted by oxit at 12:20 PM on January 18, 2014
You're exactly right in your analysis of the risk of Bitcoin disclosure. Bitcoin transactions are the opposite of anonymous. Some more links that may be of interest: An Analysis of Anonymity in the Bitcoin System, A Fistful of Bitcoins: Characterizing Payments Among Men with No Names, BitCoin top 1000 rich list. I think there's a tool that makes it very easy to work out the whole transaction history of any single user, too, but I can't put my hands on it easily.
Why is this not a major flaw? I think it is one. I think a lot of Bitcoin enthusiasts are working from the assumption that their initial wallet was acquired anonymously and therefore all future transactions remain anonymous. (I think they're overly optimistic.) I haven't read much about the specific disclosure you're worried about, total wallet size.
One workaround is to create a second wallet with a new address and somehow untraceably fund it so that its balance is not tracked to the first one. There's no way to do that inside the Bitcoin system itself but it can be done with the help of a money laundering outfit like a tumbler or a shady exchange. In this respect Bitcoin is no different from other black market payment options, except that it's easier to create a new Bitcoin wallet than to open a new bank account.
posted by Nelson at 1:18 PM on January 18, 2014
Why is this not a major flaw? I think it is one. I think a lot of Bitcoin enthusiasts are working from the assumption that their initial wallet was acquired anonymously and therefore all future transactions remain anonymous. (I think they're overly optimistic.) I haven't read much about the specific disclosure you're worried about, total wallet size.
One workaround is to create a second wallet with a new address and somehow untraceably fund it so that its balance is not tracked to the first one. There's no way to do that inside the Bitcoin system itself but it can be done with the help of a money laundering outfit like a tumbler or a shady exchange. In this respect Bitcoin is no different from other black market payment options, except that it's easier to create a new Bitcoin wallet than to open a new bank account.
posted by Nelson at 1:18 PM on January 18, 2014
Response by poster: [...] with the help of a money laundering outfit [...]
So for bitcoin to become a utilisable currency, it needs money laundering. How ironic.
In this respect Bitcoin is no different from other black market payment options [...]
In contrast it is very different from a Fiat currency bank. There, I can make all payments without the receiver knowing my wealth.
posted by oxit at 1:26 PM on January 18, 2014
So for bitcoin to become a utilisable currency, it needs money laundering. How ironic.
In this respect Bitcoin is no different from other black market payment options [...]
In contrast it is very different from a Fiat currency bank. There, I can make all payments without the receiver knowing my wealth.
posted by oxit at 1:26 PM on January 18, 2014
You can create a new wallet for every transaction which stops people from knowing all of that.
posted by empath at 2:26 PM on January 18, 2014
posted by empath at 2:26 PM on January 18, 2014
You can create a new wallet for every transaction which stops people from knowing all of that.
From what? If you make it from another bitcoin wallet, then you're still traceable.
If you fund it from cash, like a bank account, then essentially you're not really... using the currency. At which point, what is the point of it? If no one ever holds BTC except to make a transaction and then it goes right back into some other currency, then it doesn't have any kind of function as a currency.
posted by RustyBrooks at 3:51 PM on January 18, 2014 [1 favorite]
From what? If you make it from another bitcoin wallet, then you're still traceable.
If you fund it from cash, like a bank account, then essentially you're not really... using the currency. At which point, what is the point of it? If no one ever holds BTC except to make a transaction and then it goes right back into some other currency, then it doesn't have any kind of function as a currency.
posted by RustyBrooks at 3:51 PM on January 18, 2014 [1 favorite]
> You can create a new wallet for every transaction which stops people from knowing all of that.
Yes & no:
Not really -- how would you add funds to this wallet? If you transfer some of your bitcoins from your main wallet to fund this new wallet, then the two are linked in the public block chain. As oxit points out in the question, this could allow anyone to infer that both wallets belong to the same person.
But also yes -- how would an observer decide whether you have sent funds to the new wallet as a transfer between two wallets you control or whether it is a payment and the source and destination wallets are controlled by two different parties?
> So for bitcoin to become a utilisable currency, it needs money laundering. How ironic.
Why is that ironic?
posted by richb at 3:53 PM on January 18, 2014
Yes & no:
Not really -- how would you add funds to this wallet? If you transfer some of your bitcoins from your main wallet to fund this new wallet, then the two are linked in the public block chain. As oxit points out in the question, this could allow anyone to infer that both wallets belong to the same person.
But also yes -- how would an observer decide whether you have sent funds to the new wallet as a transfer between two wallets you control or whether it is a payment and the source and destination wallets are controlled by two different parties?
> So for bitcoin to become a utilisable currency, it needs money laundering. How ironic.
Why is that ironic?
posted by richb at 3:53 PM on January 18, 2014
I'm aware I can create a new address for every transaction, but I still need to either fund that address to be able to pay, or later use balance from this address to fund another address.
No one knows that the addresses to which funds are transferred are yours except the person receiving the final transaction (since only they know who you are). You do not need to "fund" an address since bitcoin is m:n transactions.
posted by rr at 4:00 PM on January 18, 2014
No one knows that the addresses to which funds are transferred are yours except the person receiving the final transaction (since only they know who you are). You do not need to "fund" an address since bitcoin is m:n transactions.
posted by rr at 4:00 PM on January 18, 2014
Not really -- how would you add funds to this wallet? If you transfer some of your bitcoins from your main wallet to fund this new wallet, then the two are linked in the public block chain. As oxit points out in the question, this could allow anyone to infer that both wallets belong to the same person.
To be honest, I don't think you understand how bitcoin works. The "wallet" is not you. No one knows who made it.
A common bitcoin txn structure is InputA is sent to OutputB (the payee) and OutputC (OutputC is actually controlled by the payer and represents the change).
If an observer is not the payee, about all an they can infer is that the payer now has either Bvalue or Cvalue. For a single transaction you can convince yourself that this is useful information ("Well, they have either $10 or $90 from the original $100") but once you get to a transaction tree it's not very useful information without a lot of work and some good behavioral analysis.
Furthermore, it's trivial to obfuscate if one actually cares; instead of A->B,C you do A0...An -> B, C0....Cn. At that point it's really difficult to deal with (see Samir's paper).
There are interesting ways to try and analyze the more complex case but that is probably alow concern.
posted by rr at 5:46 PM on January 18, 2014 [1 favorite]
To be honest, I don't think you understand how bitcoin works. The "wallet" is not you. No one knows who made it.
A common bitcoin txn structure is InputA is sent to OutputB (the payee) and OutputC (OutputC is actually controlled by the payer and represents the change).
If an observer is not the payee, about all an they can infer is that the payer now has either Bvalue or Cvalue. For a single transaction you can convince yourself that this is useful information ("Well, they have either $10 or $90 from the original $100") but once you get to a transaction tree it's not very useful information without a lot of work and some good behavioral analysis.
Furthermore, it's trivial to obfuscate if one actually cares; instead of A->B,C you do A0...An -> B, C0....Cn. At that point it's really difficult to deal with (see Samir's paper).
There are interesting ways to try and analyze the more complex case but that is probably alow concern.
posted by rr at 5:46 PM on January 18, 2014 [1 favorite]
Response by poster: I've found that Blockchain has a forwarding service, which (1) confirms my original thesis and (2) provides a solution, for a 0.5% forwarding fee.
posted by oxit at 11:59 AM on January 20, 2014
posted by oxit at 11:59 AM on January 20, 2014
The existence of a service that takes advantage of people who do not understand the system does not make your thesis true.
posted by rr at 7:15 PM on January 23, 2014
posted by rr at 7:15 PM on January 23, 2014
Your general point is somewhat true, but it is easier to avoid than you might think.
Short story: yes, the recipient of funds from a wallet, knows that you control all the other funds in that wallet, but you don't necessarily need a mixer/laundry in order to split your bitcoin into many different wallets, which at least partially obscures the total quantity you control.
In more depth:
Suppose I have a single wallet with 100 bitcoin.
Now over the course of the next month, I make 100 transactions of varying sizes moving the bitcoin into 100 other wallets.
There is no way an outside observer can tell which of those 100 transactions was me moving my bitcoin into a new wallet that I own, vs. which was me spending bitcoin and putting it into a wallet owned by someone else.
Now if someone receives bitcoin from one of those 100 wallets, they cannot with certainty say whether the person who sent the money also owns the other wallets that came from the original wallet vs. if the sender is just one of the people who received bitcoin from the original wallet as part of a transaction.
posted by vegetableagony at 11:09 AM on January 30, 2014
Short story: yes, the recipient of funds from a wallet, knows that you control all the other funds in that wallet, but you don't necessarily need a mixer/laundry in order to split your bitcoin into many different wallets, which at least partially obscures the total quantity you control.
In more depth:
Suppose I have a single wallet with 100 bitcoin.
Now over the course of the next month, I make 100 transactions of varying sizes moving the bitcoin into 100 other wallets.
There is no way an outside observer can tell which of those 100 transactions was me moving my bitcoin into a new wallet that I own, vs. which was me spending bitcoin and putting it into a wallet owned by someone else.
Now if someone receives bitcoin from one of those 100 wallets, they cannot with certainty say whether the person who sent the money also owns the other wallets that came from the original wallet vs. if the sender is just one of the people who received bitcoin from the original wallet as part of a transaction.
posted by vegetableagony at 11:09 AM on January 30, 2014
« Older DCComicsfilter - Old DC UK annual, what happened... | I turned him down. So why do I keep thinking about... Newer »
This thread is closed to new comments.
posted by richb at 10:01 AM on January 18, 2014 [3 favorites]