Published on: 2016-03-01T00:57:58+00:00
In the Bitcoin-dev mailing list conversation, Wei initiates a discussion on the privacy features of the Bitcoin-Qt wallet application. Kristov Atlas responds with his best guesses, highlighting key aspects of the application's privacy features.Bitcoin-Qt implements cryptographic randomization of transaction ordering, which provides maximum privacy. However, the BIP 69 recommendation could also offer the same level of privacy if universally used. The joinmarket module can be used with Bitcoin-Qt to incorporate coinjoins. Currently, there are no decentralized mixing tools available that do not harm user privacy.The article mentions that Bitcoin-Qt does not implement anti-features like donations and always maintains the highest possible FP rate. To obtain balance information, the software makes remote queries, but users can direct these queries to use Tor for all communications. All network connections are independent via Tor by default, ensuring privacy. Separate wallets are required for separate "identities".One concern raised is that an attacker could deduce that transactions come from the same client by observing transactions signed by private keys from multiple wallets. However, changing the wallet ensures that the node no longer knows any of them.The article emphasizes that reliable deletion of private data is not feasible on current hardware/OSes. Therefore, users are advised to use OS-level encryption for local privacy protection. Backups are stored locally, and there is no linkage to email or SMS.Bitcoin-Qt does not perform any external lookup related to identifying transaction senders or recipients. It connects to known p2p full nodes to bootstrap the connection to the Bitcoin p2p network. Users are recommended to run Tor to prevent identifiable traffic, except for timing/volume analysis.The application allows users to encrypt the wallet file with a password, preventing decryption of private keys without the password. Each wallet file can have its own single password for spending protection, and there is no custodianship involved. The article notes that no obvious telemetry data is being sent.Regarding the source code and building process, the application supports a deterministic build process actively audited by multiple parties who post cryptographic signatures of their duplicated builds. This ensures that users can compile the application themselves in a manner that produces an identical binary version to the distributed one.In conclusion, the email thread provides answers to various privacy and security questions related to Bitcoin-Qt. It addresses transaction formatting, mixing, donations, balance queries, network privacy, physical access, custodianship, telemetry data, and source code and building. The Open Bitcoin Privacy Project includes Bitcoin-Qt in its survey to measure wallet privacy and requests developers to answer a set of questions about how different wallets handle these aspects.
Updated on: 2023-08-01T15:02:51.488157+00:00