Bitcoin is not entirely anonymous, but pseudonymous as bitcoin addresses can potentially be linked to real-world identities in a number of ways.
The transparent and immutable nature of the blockchain means that anyone can look at the balances and transactions of any bitcoin address they choose. But because identities are not linked to bitcoin addresses or transactions by default, it can be difficult to determine who is behind a bitcoin transaction.
How Anonymous is Bitcoin?
In the early days of Bitcoin, it was mistakenly thought to be anonymous. The public nature of the blockchain was eventually exploited by analytical firms that have increasingly attempted to track bitcoin transactions. To overcome Bitcoin’s pseudonymity, external data is very useful when used in conjunction with data from the blockchain to identify bitcoin users.
While bitcoin guarantees some privacy for the user, there are several weaknesses that makes the cryptocurrency not entirely private:
- Fiat on-ramps: many exchanges are required to abide by KYC (Know Your Customer) procedures and links your identity to any BTC addresses used on the exchange. If your identity if linked to a bitcoin address your whole transaction history is uncovered. Your address could also be linked to you if you posted it on your website for example.
- IP address: an adversary could listen to transaction relays and log the IP addresses. If someone set up multiple nodes in the network, they could combine the data from these nodes to potentially determine where a transaction originated.
- Re-using addresses: if someone re-uses a single address, all of their transactions will be known if their identity is linked to that address (but most wallets change your address each time you transact by default).
- Light Clients: Many light clients, which are wallets that do not download the entire blockchain, use centralised servers that could link your IP address to transactions, find out your wallet balance and even figure out what you're spending your bitcoins on.
Improving Your Privacy When Using Bitcoin
With Bitcoin, how private your transaction is depends on how much effort you put in. The list below details how bitcoin users can improve their privacy:
- Use a bitcoin wallet over Tor: this ensures that your IP address is not logged and not associated with a particular transaction.
- Buy and sell bitcoin for cash: If you do not want your bitcoin addresses linked to your personal information you will have to make do with avoiding exchanges that perform KYC. Instead, you will have to buy and sell bitcoin strictly for cash using peer-to-peer markets or Bitcoin ATMs.
- Don’t reuse bitcoin addresses: always use a new bitcoin address for a transaction to mitigate clustering analysis.
- Run your own node: either download and run the Bitcoin Core client as a wallet and a node or use your own node in conjunction with a mobile/desktop wallet.
There are also techniques implemented in wallets like Samourai and Wasabi that improve the privacy of Bitcoin transactions, known as coin mixing. Both Samourai and Wasabi’s offer privacy enhancing features based on CoinJoin.
The CoinJoin technique basically mixes your bitcoins up with other users so that multiple transactions are combined into one. The Samourai wallet also implements hopping to send your bitcoin multiple times before reaching its destination address to reduce the effect of clustering analysis.
Suppose there are six parties involved in the CoinJoin, their transactions will be combined so that an observer would not be able to tell which of the six are spending their funds are the CoinJoin. However, there is a minimum limit of 0.1 BTC to use Wasabi’s CoinJoin feature.
There are several protocol level improvements that could potentially improve the privacy of Bitcoin, some of which are listed below:
- The Lightning Network improves privacy somewhat as users transact off-chain, so their transactions are not recorded on the Bitcoin blockchain. Lightning also uses onion routing, the same technology that powers the Tor network, where payments are passed through multiple channels and a minimal amount of information about that payment is exposed.
- Confidential Transactions, which will hide the sending and receiving amounts in a transaction. This feature uses complicated cryptography to verify that the hidden amounts that are spent add up to the entries in the Bitcoin ledger. Confidential Transactions are most likely be implemented as a soft fork.
- Schnorr signatures will open up more efficient CoinJoin schemes, as it will allow users to aggregate amounts and signatures. This has the effect of reducing the size of CoinJoin transactions and making them cheaper, potentially incentivising more wallets to implement CoinJoin.
- Dandelion addresses the issue of network analysis using the information gleaned by nodes. Dandelion preventing spying nodes to find the origin of a transaction as it is broadcast to only one peer node who decides whether to forward it onto another node or not. If they forward it onto another node, this node also decides whether to forward it onto a different node and so on. If the transaction is not forwarded onto one node, then it is broadcast to all other nodes. In this way, it is much harder to determine the origin of a transaction.