Privacy is a bit of a complicated topic in Bitcoin (BTC). While the mainstream media have often referred to the cryptoasset as a form of anonymous currency for the internet, the reality is that every Bitcoin transaction made on the base blockchain layer is completely public and stored on thousands of computers around the world.
While there are no real-world identities that must be tied to the pseudonymous addresses used in the Bitcoin system, the reality is that blockchain analysis firms like Chainalysis are able to figure out most of the identities behind Bitcoin transactions through on-chain analysis and collaborations with various crypto custodians. This ability for surveillance companies to figure out what’s really happening on the Bitcoin blockchain is an indication that there is still plenty of work to do when it comes to improving user privacy in the system.
That said, there have been a number of different privacy improvements made to Bitcoin over the years, and more are on the way in 2021. While Wasabi Wallet and Samourai Wallet are well-known options for using the Bitcoin network in a more privacy-conscious manner through the use of their CoinJoin implementations, there are also new innovations like Taproot, CoinSwap, and a variety of layer-two protocols that could offer improvements over the popular CoinJoin model.
Let’s take a closer look at the state of Bitcoin privacy in 2021 and where things are headed.
A better foundation with Taproot
Of course, the biggest story for Bitcoin in 2021 at a technical level is the Taproot soft fork. This Bitcoin improvement is actually a combination of three Bitcoin Improvement Proposals (BIPs) in the form of Taproot, Tapscript, and Schnorr signatures. These technical changes contain a number of benefits for Bitcoin, most notably in the areas of privacy and smart contracts.
In terms of privacy, a key benefit of Schnorr signatures is that it enables the aggregation of signatures used on multi-signature transactions. Instead of multiple signatures being added to the blockchain whenever a transaction is sent from a multisig address, all of the associated signatures are aggregated into one. This means that multisig transactions, whether they be a 2-of-3 multisig spend or the opening of a Lightning Network channel, can be made to look no different than a simple, single-signature Bitcoin transaction. It should be noted that the average Bitcoin user with a single-signature address also benefits from this setup, as it’s now unclear if their transactions are simple Bitcoin spends or something much more complex.
In the long run, it will be beneficial to move all of the different types of on-chain Bitcoin transactions to a single anonymity set; however, it should be noted that, at least over the near term, Taproot may actually reduce privacy, as it is creating a new transaction type that will further split the anonymity sets found with Bitcoin transactions on the blockchain.
While Taproot is seen as a positive development for Bitcoin privacy overall, it doesn’t have many implications for the CoinJoin-focused software that is widely deployed and used today.
According to Bitcoin Teleport and JoinMarket developer Chris Belcher, there aren’t any benefits of Taproot to CoinJoin-enabled Bitcoin software like Samourai Wallet, Wasabi Wallet, and JoinMarket outside of lowering the overall load on the network via faster transaction verification. However, Taproot is a bit more helpful for a specific Bitcoin privacy protocol that has been implemented in JoinMarket, known as SNICKER.
Taproot is also not much of a priority for the developers behind Samourai Wallet and Wasabi Wallet. According to pseudonymous Samourai Wallet developer TDevD, Whirlpool continues to be the main focus, and the CoinJoin implementation was recently opened up to denominations of 100,000 satoshis (USD 39). On top of that, Samourai Wallet is working on improvements to their Cahoots-style transactions and the integration of an upgraded version of reusable payments codes.
According to Wasabi Wallet inventor Adam Fiscor, Taproot is not especially useful for that piece of software, so it isn’t a focus right now. Instead, the wallet is focused on the transition from version 1.0 to version 2.0. Fiscor outlined the differences between these two versions of Wasabi Wallet in a tweet thread back in March. In summary, the intent with Wasabi Wallet 2.0 is to make the software faster and cheaper with a better user interface.
It should be remembered that Taproot can also be seen as a building block for a future improvement that would be beneficial for CoinJoin in the form of cross-input key aggregation. This would allow for all of the inputs in a CoinJoin transaction to be aggregated into a single signature, thus lowering the overall cost of a CoinJoin transaction for all users involved in them. In fact, a Bitcoin user’s involvement in a collaborative CoinJoin transaction would have a lower cost than an on-chain, single-signature transaction in a situation where cross-input signature aggregation were enabled on the network.
Although Taproot isn’t immediately relevant to the commonly-used Bitcoin privacy wallets of today, it’s still a foundational change to the Bitcoin network that can be helpful with privacy overall and enable further improvements in the future.
While it’s important to remember that this change has not yet been locked in on the Bitcoin network, indications are that more than the necessary 90% of the network hashrate is ready to activate the change later this year.
While CoinJoin is still the standard option for pushing back against adversaries tracking the movement of funds across the Bitcoin network, Belcher has moved on to an alternative method for improving Bitcoin privacy in the form of CoinSwap, which was originally described by former Blockstream Chief Technology Officer Greg Maxwell in a 2013 Bitcointalk post. Belcher’s work in this area has been funded by two separate grants from Square Crypto and the Human Rights Foundation.
A key issue with CoinJoin transactions today is that they stand out like a sore thumb to anyone who is looking at the Bitcoin blockchain. This issue is not theoretical, as some bitcoin custodians, such as BlockFi, have already implemented policies that are unkind to CoinJoin users. It’s also possible that CoinJoin transactions could be censored by miners on the Bitcoin network itself.
For example, Marathon Digital Holdings is a new mining pool that is intended to be fully compliant with US financial regulations and has already censored some transactions. Of course, these transactions are only censored in blocks mined by Marathon Digital Holdings. Other miners are still free to include the transactions in their blocks, and it would take the cooperation of 51% of the miners to censor Bitcoin transactions at the network level.
The major innovation with CoinSwap is that it breaks the assumption that a blockchain observer can track the movement of coins simply by looking at the blockchain.
When constructed properly, multiple Bitcoin users are effectively able to atomically swap the transaction histories of their coins via a CoinSwap. Additionally, a blockchain observer cannot tell the difference between a normal Bitcoin transaction and a CoinSwap. This means that normal users who are not even interested in doing a CoinSwap also benefit, as it’s possible that their normal-looking transaction is actually a CoinSwap.
According to Belcher, the other advantage of CoinSwap over CoinJoin is that the former uses less block space. While the current, work-in-progress implementation of CoinSwap, known as Bitcoin Teleport, does not use Taproot, there are also a few slightly beneficial changes that can be made to the system once that improvement has been activated on the Bitcoin network. In Belcher’s opinion, users of JoinMarket (and other CoinJoin projects) will move over to Bitcoin Teleport once the software is further developed, but he also admits that it will ultimately be up to the market to decide what’s most useful. Specifically, Belcher said that some users may prefer to use CoinJoin in situations where it is desirable to publicly prove that a UTXO’s (unspent transaction output’s) transaction history has been broken.
For Samourai Wallet, CoinSwap is viewed more as an additional feature rather than a replacement for CoinJoin.
“We have tested CoinSwap and have concluded that its use with unmixed UTXOs is of little interest,” TDevD told Cryptonews.com. “In fact, it presents some real risks for the user being handed a UTXO resulting from what might be considered a problematic history. As such, CoinSwap is more suited to post-mix spending and will find a place along side our other post-mix spending tools.”
Although there have been plenty of flame wars between the Samourai and Wasabi camps on social media, it appears they mostly agree when it comes to combining CoinJoin and CoinSwap together.
“CoinSwaps can provide better privacy after widespread Taproot adoption, but CoinJoins are cheaper and faster,” said Fiscor. “I’d speculate the privacy Wasabi CoinJoins can provide is more than sufficient for anybody, but it’s also possible that there’s a strong market niche for CoinSwaps. The combination seems to be more interesting though: CoinSwaps to and from CoinJoins, which could make low anonymity set CoinJoins getting as much privacy as a CoinSwapper would.”
CommerceBlock’s Mercury Wallet is a new bitcoin wallet offering that combines the concept of CoinSwap with a layer-two Bitcoin technology known as Statechains. The idea behind Statechains is that users are able to transfer ownership of UTXOs without touching the base Bitcoin blockchain. This enables the instant, free transfer of UTXOs on a layer above the base Bitcoin network. Additionally, the statecoins, which are one-to-one…