coderrr

June 30, 2011

Patching The Bitcoin Client To Make It More Anonymous

Filed under: anonymity, bitcoin, cplusplus, patch — Tags: , , , — coderrr @ 5:18 pm

Shameless Plug: Hide your IP while connected to the Bitcoin P2P network with a VPN Service.

TLDR: this patch allows you to …
– see all addresses, including change
– see which addresses are linked together (does recursive expansion of address linkages)
– select which address(es) to send from, rather than letting the client to chose (randomly) for you

Bitcoin is a decentralized, peer to peer, digital currency. It has been referred to as anonymous, pseudo-anonymous, pseudonymous (whatever that means), and not anonymous at all. It seems there is a lot of misinformation about exactly how anonymous it is and how its anonymity works. I’m going to try to explain part of that here and provide a solution to one of the current big killers of its anonymity.

When you receive coins at a new Bitcoin address, that is, one you’ve never used before, the fact that you control that address is completely unknown to anyone except the sender (and anyone the sender leaked that info to). And the sender may not even know your actual identity, depending on if you revealed this to them or not. If you receive another payment at that same address then both the first and second payers will be able to see that both of them payed you at that address. This is due to how the Bitcoin block chain works and is why you are advised to create a new address for each new payment you wish to receive.

So assume you’ve created 100 addresses for 100 payments. Each of the 100 people know they paid you once, but they don’t know that 99 other people paid you or how much those payments were or how much you have total. So you have revealed very little about yourself to anyone.

Now let’s say you want to _make_ some payments or even just re-organize your funds by moving them to another address. This is where things get tricky and you start losing anonymity. The official Bitcoin client picks coins from multiple addresses in a random fashion when making payments. So let’s say you have those 100 payments from 100 different people each attached to their own address sitting in your wallet and now you want to send Wikileaks some coins. The Bitcoin client might chose coins from 3 of those incoming payments to send out. Now all 3 of the people who sent you those payments know that you received at least 3 payments, how much they were for, and when you received them.

Let me give you a scarier example. Let’s say you have 1 million dollars worth of Bitcoin sitting in one address from some withdrawals on a Bitcoin exchange. Now let’s say you have an address you use for donations, and assume you’ve gotten at least one. The next time you want to send some coins to someone, your client may pick a few coins from your million dollar address and a few coins from your donation address. This is a big problem because it gives the people who’ve donated coins the knowledge that you are also in control of the million dollar address. Plus if your donation address is publicly associated with your identity not only the donors but anyone can go through the block explorer to see which other addresses you are in control of and what their balances are.

Here is a related excerpt from the bitcoin wiki

… if one has bitcoins on several addresses, one can theoretically choose from which address to send the coins. Choosing personally generated coins or an address that you know doesn’t reveal information would protect you. Unfortunately, the default Bitcoin client doesn’t support this currently, so you must assume that your entire balance can identify you if any of the addresses can.

So what can you do about this? If you don’t have any Bitcoin yet then you can just make sure to use separate wallets for addresses you don’t want being mixed together. If you’re already in the position where you have public and private funds in the same wallet there’s not much you can do with the official Bitcoin client, other than not send coins to anyone (or yourself).

That’s why I’ve made a patch to the official client which allows you to send from _only_ a single specific address. Now you can be sure the only people who will ever know that you made that transaction are the ones who already knew about the address being under your control. If you did things right, this will only be a single person.

I’ve added a ‘Send From Address’ tab to the main interface. It actually contains information which was impossible to get from the client before. That is, every address in your wallet and the balance thereof. This includes addresses which were created for the change of your outgoing transactions. These were previously nowhere to be found in the client (even using the bitcoind RPC interface).

Simply chose the address you wish to send from and double click it. This will open the Send dialog with the Send From address filled in. If you try to send more coins than are available in that address the transaction will simply fail and you can try again. Leaving the Send From address blank will make the client behave normally and possibly pick coins from multiple addresses.

The second version of my Bitcoin client patch gives you a better view of your current address linkages. If any two or more addresses were used together for an outgoing transaction those will be considered linked. If any change is returned from an outgoing transaction that change address will be considered linked to all the originating addresses.

The ‘Send From Address’ tab now groups together linked addresses. Each group is separated by an empty line. I’ve also added a ‘Label’ column which will show you the label for the address if one has been set in the ‘Address Book’. Since your receiving addresses usually have labels this makes it easy to see which other addresses they have been linked to.

Sending from multiple addresses is now supported. Simply use the CTRL key to select multiple addresses then click the ‘Send’ button. The addresses will appear in the ‘Send From’ textbox separated by semicolons. Note, this DOES NOT guarantee all the addresses you selected will be used for the transaction. But it DOES guarantee that no unselected addresses will be used. As before, if you leave the ‘Send From’ field blank the client will fall back to its default behavior.

Version 3 of the patch now contains command line support for bitcoind:

bitcoin listaddressgroupings
bitcoin sendtoaddress <bitcoinaddress>[:<sendfromaddress1>[,<sendfromaddress2>[,...]]] <amount> [comment] [comment-to]

Add a +1 to the pull request if you believe this should be added to the official client: https://github.com/bitcoin/bitcoin/pull/415

My github bitcoin fork: https://github.com/coderrr/bitcoin/tree/v0.5.3+coderrr
The commits with the changes: https://github.com/coderrr/bitcoin/compare/v0.5.3…v0.5.3+coderrr
Compiled Windows 32bit client: https://github.com/coderrr/bitcoin/downloads
Compiled Linux 64bit client: https://github.com/coderrr/bitcoin/downloads

34 Comments »

  1. Zera@gmail.com

    Comment by Hell yes, i want write something like this but didnt have 1 measure, may i repost this Patching The Bitcoin retainer To evince It More of unknown authorship « coderrr — July 1, 2011 @ 4:14 pm

  2. The behavior of the bitcoin client is non-intuitive in the way it randomly chooses which addresses to send coins FROM. It’s one thing that bitcoin is not anonymous, but could they have gone out of their way any further to make it LESS anonymous?!

    Comment by Angus Boyd — July 11, 2011 @ 3:16 pm

    • Random shuffling of transactions is only one part of the coin choosing algorithm. It’s not 100% random but to the average user or even to an advanced one it might as well be. Obviously the rationale for this algorithm wasn’t anonymity although that doesn’t mean it was a bad choice.

      Comment by coderrr — July 13, 2011 @ 7:48 pm

  3. is there any chance choosing where to send from will be incorporated into the official client at some point?

    Comment by Anonymous — July 21, 2011 @ 8:50 pm

  4. HELLO PLS CREATE Linux 32BIT client

    Comment by Anonymous — September 23, 2011 @ 8:17 am

  5. Hi and what about Linux 32bit client

    Comment by Anonymous — September 24, 2011 @ 10:02 am

  6. this is awesome. used it all the time. now I installed v0.5 but it is missing this feature. arrgh. please let me know about anything new and I will spin it on bitcoinX.com

    cheers!

    Comment by phelix — November 28, 2011 @ 7:28 pm

  7. Why doesn’t this patch get incorporated into the standard client? It could be on an “advanced” set of features or something.

    Comment by É vedado o anonimato — December 1, 2011 @ 11:43 am

  8. Please, for the love of god, do NOT post +1s on the pull request. Pull requests are for discussion of the pull, not for indicating support for the pull; there is plenty of interest to get the pull request pulled, assuming some remaining issues are resolved.

    Comment by BlueMatt — January 1, 2012 @ 11:40 pm

  9. [...] Projects such as Do Not Track attempt to protect users by providing an opt-out from data tracking and mining.  However, there seems to be very little reason at this time for corporations to comply with these projects.  Further, projects such as YouHaveDownloaded that provides P2P BitTorrent download data by IP, have helped to re-emphasize that IP privacy is ever so important.  In fact, cross referencing BitTorrent data with Skype P2P traffic leads to a direct breech in identity and, essentially, privacy.  Additionally, anonymous crypto-currencies such as Bitcoin suffer from these same problems, especially when not used with a patched Bitcoin client. [...]

    Pingback by Cloak and Swagger: The History of Anonymous Identity Protection on the Internet | Privacy Online News — March 1, 2012 @ 10:42 pm

  10. [...] use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin [...]

    Pingback by How To Make VPNs Even More Secure | TorrentFreak — April 15, 2012 @ 1:09 pm

  11. [...] use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin [...]

    Pingback by How To Make VPNs Even More Secure | We R Pirates — April 15, 2012 @ 1:40 pm

  12. [...] use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin [...]

    Pingback by How To Make VPNs Even More Secure | Systema — April 15, 2012 @ 2:09 pm

  13. [...] use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin [...]

    Pingback by How To Make VPNs Even More Secure | tebalik.org — April 15, 2012 @ 2:53 pm

  14. [...] use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin [...]

    Pingback by How To Make VPNs Even More Secure | Best Seedbox — April 15, 2012 @ 3:25 pm

  15. [...] use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin [...]

    Pingback by How To Make VPNs Even More Secure — April 15, 2012 @ 6:27 pm

  16. [...] use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin [...]

    Pingback by How to Make VPNs Even More Secure [Privacy] | Share the world with you :) — April 16, 2012 @ 8:08 pm

  17. [...] from a person, rather than an exchange.“Then, use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin [...]

    Pingback by How To Make VPNs Even More Secure | Lifehacker Australia — April 16, 2012 @ 9:35 pm

  18. [...] use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin [...]

    Pingback by Rob's Personal Aggregator » How to Make Your VPN Even More Secure — April 16, 2012 @ 10:21 pm

  19. [...] use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin [...]

    Pingback by How to Make Your VPN Even More Secure « ShareIt — April 17, 2012 @ 1:45 am

  20. [...] use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin [...]

    Pingback by How to Make Your VPN Even More Secure [Privacy] « CCarpo's WebClips — April 17, 2012 @ 9:53 am

  21. [...] use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin [...]

    Pingback by How To Make VPNs Even More Secure | Lilith Lela — April 17, 2012 @ 2:20 pm

  22. [...] counter’ from a person, rather than an exchange.“Then, use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin addresses.”Only [...]

    Pingback by How To Make VPNs Even More Secure | Matias Vangsnes — April 19, 2012 @ 1:46 pm

  23. [...] use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin [...]

    Pingback by How To Make VPNs Even More Secure « Privacy Tactics — April 21, 2012 @ 10:01 pm

  24. [...] use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin [...]

    Pingback by Notrackingme | Proxy » Blog Archive » How To Make VPNs Even More Secure — May 5, 2012 @ 7:00 pm

  25. [...] use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin [...]

    Pingback by How To Make VPNs Even More Secure | ENOUGH! — May 8, 2012 @ 11:12 pm

  26. [...] échange. » « Ensuite, utilisez un client  Bitcoin patché, comme le patch correctif de coderrr , éviter de lier  l’adresse nouvellement généré à l’une de vos adresses [...]

    Pingback by Comment rendre votre VPN ENCORE PLUS SÛR · Anonoups — November 17, 2012 @ 11:11 am

  27. [...] plutôt que d’un échange. » « Ensuite, utilisez un client  Bitcoin patché, comme le patch correctif de coderrr , éviter de lier  l’adresse nouvellement généré à l’une de vos adresses Bitcoin  [...]

    Pingback by L’Anonymat de A à Z · Anonoups — November 17, 2012 @ 9:44 pm

  28. [...] proposals for improving bitcoin privacy include “Patching The Bitcoin Client” (2011), “Automatic Coin Mixing” (2012), “Coin Control” (2012), and [...]

    Pingback by Fincen Spying Plan Invites Privacy Workarounds – Empowering The Individual — March 21, 2013 @ 3:36 pm

  29. […] use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin […]

    Pingback by How To Make VPNs Even More Secure | Technical Savvy — June 14, 2013 @ 5:15 am

  30. […] use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin […]

    Pingback by AnonRelations » How To Make VPNs Even More Secure — June 19, 2013 @ 9:53 am

  31. […] use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin […]

    Pingback by How To Make VPNs Even More Secure | Anonbox - "Bạn có thể bắt bớ 1 người, nhưng không thể giết chết 1 lý tưởng" — August 19, 2013 @ 7:05 am

  32. […] benutzen Sie einen gepatchten Bitcoin Client wie coderrr’s anonymity patch um eine Verknüpfung der neu erzeugten Adresse mit jedweder Ihrer vorherigen Bitcoin Adressen zu […]

    Pingback by NEU! Wie man VPNs noch sicherer macht. | VPN Vergleich – VPN Service Provider im Test — February 16, 2014 @ 12:41 am

  33. […] use a patched Bitcoin client, such as coderrr’s anonymity patch to avoid linking the newly generated address to any of your pre-existing Bitcoin […]

    Pingback by Virtual Mining Bitcoin News » How To Make VPNs Even More Secure — July 29, 2014 @ 1:45 pm


RSS feed for comments on this post. TrackBack URI

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

The Silver is the New Black Theme. Create a free website or blog at WordPress.com.

Follow

Get every new post delivered to your Inbox.

Join 27 other followers

%d bloggers like this: