Bitcoin and Anonymity

Anonymity Basics — If this isn’t the first time you have heard of bitcoin then you have likely read or heard someone say bitcoin is anonymous. How true is this statement really? Are transactions made through bitcoin really anonymous? Lets jump in and found out ourselves. From a birds eye view, bitcoin follows the “laws” of anonymity. When a transaction is sent, the person’s Identity, street address, zip code, state/country, or phone number is not given and so by the pure nature it is in fact anonymous. However because of the nature of the blockchain and in this case Bitcoin, you are able to see all transactions ever made within that specific address. Of course people could keep creating new addresses to try and tangle their connections, but the mere fact is, you are still connected to that address forever. It might not be possible to see the persons identity from the transaction, however if a Identity is connected to an address then all of your transactions are now revealed. The distinction between anonymity should really be un-linkable instead of unrecognizable. From a random address the identity might be unrecognizable, however it can be linked. How could someone from a link with your transactions? Most regulated and often “legitimate” exchange sites keep track of your addresses and are linked to your real identity. Let’s imagine for a second you received 1 BTC from X address and your address is Y. You then send the 1 BTC ( Y address ) to Coinbase, a popular exchange site that requires your identity. From there Coinbase will send you an address to submit the coins too and you will transact it. If for some reason, an audit appeared and Coinbase was to give away information regarding your transaction history it would be clear that you sold 1 BTC from your address Y, that was given from X. So in the worst situation, let’s say you stole 1BTC from X and your address was submitted to a fraud agency. The fraud agency could request all Coinbase transactions, and find search through and find the X transaction and Coinbase will know exactly who that address belongs to since they keep record. It is also possible that you could publicly post your transaction on a social media, online forum, or email and then your identity is pressed to that address forever. Now you might ask yourself, why do I need to be fully anonymous If I am not doing sketchy things? There are a number of different reasons one might want to be anonymous with personal and business transactions. If your identity is found, all of your transactions can be traced due to the distributed ledger. This sort of privacy is worse than cash transactions, as they are not held on a public ledger. A few different reasons exist that allow legitimate people to want private transactions. Just like in real life, you don’t want a sign above your head that states exactly how much money you have. This would make you a target for robbery, and in the cryptocurrency world an identity link could bring personal hacking/phishing attempts your way. You might also not want people to be able to see how much money you have spent on items/services and or see the value of donations made. If people are able to track your expensive purchases, businesses might use a pricing algorithm to charge you more for a product/service since you can afford it. This also translates to businesses as well, they don’t want competitors to see their purchases and profits day to day. However not all people can be trusted with this, as unethical things could happen as well. Which isn’t a reason to hate or love cryptocurrency as unethical actions tied to fiat currency happens every single day. We have all heard of Bernie Madoff. So of course there are real risks of money laundering and the purchases of illegal or prohibited items. This sort of issue though is not completely helpless as “cashing out” bitcoin or even cryptocurrency in that matter can be difficult to do. Often times exchanges and other financial institutions that allow the exchanging of fiat currency too cryptocurrency have limits. So in other words, if you tried to cash out $1m of bitcoins via Coinbase, they might not let you entirely, but that transaction will be recorded under your profile ( that has your attached identity ) and a notification to the IRS or government can be made. In reality this “anonymous” nature of the blockchain doesn’t really affect someone’s desire, or ability to money launder in a way that they were not able to before. So clearly, there are good uses and bad uses of this technology. Is there a way that we could only allow good people to use it? This is not possible however law enforcement is able to use the technology as well to even the playing field by tracking and using different cyber sting operations. A good example of someone using cryptocurrency for bad, was the creator of the silk road who after many different sting operations was able to be caught by the FBI and shut down. So even with this technology being used for bad, the government and protective agencies still have the ability to use and combat the “anonymous” nature of cryptocurrency. Some people do not realize it but cryptography and this idea of anonymity through cash systems has been around since the 1980’s. Lets run through an example of how anonymous cash based systems worked previously before the idea of a decentralized system ( Bitcoin ).

Lets try and understand this step by step. In this system there are 2 people that have money in the “bank”. However you will notice their are other people in the system, that are able to transact payments at the same exact time. Person 1 has a coin in the bank and wants to withdraw that coin. The person submits a form to withdraw that coin and gives the bank a special number that the bank cannot identity to the individual. The ID number however is verifiable in the system and so the bank knows where to send the coin too when the transaction is started. The bank will then take off a coin from the users account, while doing many other transactions at once so the specific transaction is not identified. Once the person gets the coin, he/she is now able to spend the money at their desire and decides to spend the money to person 2. This person is smart and understands that person 1 could simply be sending that ID coin to 100 different people and “double spend”. So this person waits for the bank to automatically verify the transaction while creating a new ID number for that individual. Once the bank can confirm the transaction is legit, the bank can give person 2 an extra coin in their bank and this can happen anonymous as the bank verifies the transactions without them actually being visible. Can you see the problem that occurs in this scenario? I said it before we started, this is not a decentralized payment system but rather a centralized. We have to trust that the bank can accurately verify and keep our identities anonymous. So we can now start to see that decentralization and being anonymous can run into some problems and are conflicts of each other. Decentralized transactions are able to be traced for right now which is an issue. ( A example of this is bitcoin ) If you take a look at people’s values you can see that decentralization is more important than being fully anonymous which is why bitcoin has been able to succeed.

Is it possible to become anonymous ? Now that we know some of the different factors that make up bitcoin, let’s take a deeper look into transactions and see if it is possible to become anonymous. Often times people will create new wallet addresses for each of their transactions so that someone looking at the public ledger can not tell that the different addresses are actually linked to a user. What happens though when you want to buy an item that would cause you to need both of your addresses? In that scenario you would be linking your addresses by sending money from one address to the other one. Someone looking into your addresses could find this connection and figure out that the different addresses are indeed controlled by the single person.

It might seem farfetched to assume that people could find these connections, however technology changes every single day and programs are being built to find these connections that might not be seen from a quick look. Some things can get complicated if let’s say person A has 1 BTC and decides to make a legitimate purchase of .5 btc for an item, and with the remaining money sends .5 BTC to a brand new address. However people have began to realize that both transactions made could be potential addresses of the original sender so now even this doesn’t always work. In fact you can look at the outputs of addresses and figure out who that address might be owned by. An example would be too look at the transaction date of a particular address and the transaction volume that the output address is making. For example if sender A sends 1 BTC to address B, in 2011 this address could be BTC-E given that the transaction volume of the address could match up with BTC E’s volumes. This gives the person some more knowledge of where the money was sent, and even if the money could possible be sent from sender A to another address owned by that sender. By corresponding that BTCE yourself, you can find the cluster of the transaction and then be able to figure out what addresses are owned by that specific address. However it is helpful when we can interact with big company addresses that make a lot of volume since we can correspond those transactions, however is it possible to then figure out someones individual identity from a pool of addresses. This example was already previously stated, if person A sends bitcoins to their coinbase account, they will have a connection to their personal identity if someone was able to get the information off of the coinbase account. So how can you actually protect yourself? There are a few different ways to protect yourself which include using an anonymous browser like Tor, and mix nets.

Mixing — If you want to actually be anonymous your payment must go through a pool, that can not be identified individually. So for example, we could have person A, B, C all sending transactions and instead of having them sent directly to an address you have them sent to a pool that can not identify the original senders. So for instance, lets say person A sends a bitcoin into this pool, and then tries to retrieve that bitcoin, the coin they get in return or the coin that person A wants to send it to becomes a totally different coin but represents the same amount. So person A could have a bitcoin with the ID:475748 but when withdraws or sends the coin to someone else it is retrieved as ID:467431. You still have the value of a coin, however your coin has be given to someone else and in return you got someone else’s coin. So for a mixing service to actually work, they need to act somewhat like Coinbase does in the sense that it can hold your coins for you. A mixing service however would need to not keep record of the different addresses like coinbase does, and the mixing service would need too allow you to access its service without providing your identity. This would allow you to deposit coins, and withdraw them to a new address that is “mixed” without being able to link the person to their ID, home address, SSN etc. Often times people will transfer coins through a mixing pool and then transfer the coins to a different one, so that if a pool was hacked and the information was logged it is possible that your information could be safe. The obvious caution of using these pools is simply the fact that they could take your bitcoins and not give you them back, and there for scam you.

Could there be a decentralized mixing? — In order for decentralized mixing, you would need to find a community of people that want to accomplish the same goal. As long as bitcoin exist, there will always be a need for mixing and the need to stay anonymous. No one would be sending bitcoin to a user so fraud between sending the coins would not happen. Coinjoin is a proposed operation for a decentralized mix. In this pool, signatures are created and are entirely different, so each person in the network will be submitting a transaction that is not their own. In order for this to work, peers need to find each other and exchange each others inputs/outputs. The transaction then needs to be broadcasted on the network, all without a centralized figure. The problem with this situation is that people could try and harm the system by sending a mass amount of transactions and not signing the signatures. Often times when we have these sort of problems, and a reason a lot of coins force a fee when there is no mining, is to make it expensive for people to try and maliciously attack the system. You could also make people that want people to enter this pool solve algorithms on their computer ( sort of like mining bitcoin ) and instead of the reward being a coin, the reward could be transmitting the transaction. You can also try and find the people that are harming the system, and kicking them out of the system. This sort of behavior could be attributed to reputation.

Twitter: @cryptoassetnews

YouTube Channel: https://www.youtube.com/channel/UCDMskjJegbcshbTMfpqhbXQ