Slurms MacKenzie [ARCHIVE] on Nostr: 📅 Original date posted:2015-07-24 📝 Original message:> Sent: Friday, July 24, ...
📅 Original date posted:2015-07-24
📝 Original message:> Sent: Friday, July 24, 2015 at 6:44 AM
> From: "Eric Voskuil" <eric at voskuil.org>
> To: "Slurms MacKenzie" <slurms at gmx.us>, bitcoin-dev at lists.linuxfoundation.org
> Subject: Re: [bitcoin-dev] Making Electrum more anonymous
>
> This is why privacy remains a significant issue. Privacy is an essential
> aspect of fungibility. This is a central problem for Bitcoin.
Somewhat under discussed too, really. Peoples money doesn't fly out the window when their privacy is ripped out from under them, as such discussing it seems a little meaningless. As some of the most popular wallets don't even use change addresses, for the comfort of the developers and at the cost of the user.
> Solving the latter two problems can go a long way to reducing the impact
> of the former. But currently the only solution is to run a full chain
> wallet. This is not a viable solution for many scenarios, and getting
> less so.
Which makes the general clambering for demise of the full node wallet all the more baffling.
> Well because of presumed relationship in time these are not actually
> separated requests. Which is why even the (performance-unrealistic)
> option of a distinct Tor route for each independent address request is
> *still* problematic.
Yep, any leak is a useful leak. Even if you only expose one single address request to me, I now have an idea of what timezone you are in and can eliminate it from other implausible ones. Onion routing is not a solution in my mind, you're just asking for people to sybil attack Electrum clients to capture as much timing data as possible. There's no defending against that.
> Introducing truly-random timing variations into the mixnet solutions can
> mitigate timing attacks, but yes, this just makes the already
> intolerable performance problem much worse.
Realistically this is all too broken to be building wallets on top of.
SPV clients are neither secure nor private, we should feel guilty for ever promoting them.
📝 Original message:> Sent: Friday, July 24, 2015 at 6:44 AM
> From: "Eric Voskuil" <eric at voskuil.org>
> To: "Slurms MacKenzie" <slurms at gmx.us>, bitcoin-dev at lists.linuxfoundation.org
> Subject: Re: [bitcoin-dev] Making Electrum more anonymous
>
> This is why privacy remains a significant issue. Privacy is an essential
> aspect of fungibility. This is a central problem for Bitcoin.
Somewhat under discussed too, really. Peoples money doesn't fly out the window when their privacy is ripped out from under them, as such discussing it seems a little meaningless. As some of the most popular wallets don't even use change addresses, for the comfort of the developers and at the cost of the user.
> Solving the latter two problems can go a long way to reducing the impact
> of the former. But currently the only solution is to run a full chain
> wallet. This is not a viable solution for many scenarios, and getting
> less so.
Which makes the general clambering for demise of the full node wallet all the more baffling.
> Well because of presumed relationship in time these are not actually
> separated requests. Which is why even the (performance-unrealistic)
> option of a distinct Tor route for each independent address request is
> *still* problematic.
Yep, any leak is a useful leak. Even if you only expose one single address request to me, I now have an idea of what timezone you are in and can eliminate it from other implausible ones. Onion routing is not a solution in my mind, you're just asking for people to sybil attack Electrum clients to capture as much timing data as possible. There's no defending against that.
> Introducing truly-random timing variations into the mixnet solutions can
> mitigate timing attacks, but yes, this just makes the already
> intolerable performance problem much worse.
Realistically this is all too broken to be building wallets on top of.
SPV clients are neither secure nor private, we should feel guilty for ever promoting them.