Bitcoin Mixing Applications Bring Privacy to Investors
The Intelligent Insurer #61: Tumblers offer anonymity but pose new risks
For some investors, Bitcoin’s open and public features are a core element of its existence and popularity. However, to other investors who prefer anonymity, these features are major privacy flaws that need to be addressed. The creation of services that obfuscate the identity of parties involved in a Bitcoin transaction increase anonymity but they have also presented several vulnerabilities for investors.
This week’s edition of the Intelligent Insurer will explore how Bitcoin mixing services work and some of the top providers in the industry. We will also consider some of the problems created by these services and how investors can guarantee the safety of their digital assets. Before we dive right into it however, we would like to share some exciting updates from our development team.
Insured Finance software development update
We are pleased to inform you that our code audit will be completed by next week. We have completed the manual code auditing processes and are now using a static code analyzer to audit the code. The testing for classic smart contract attacks has also finished and we discovered no vulnerabilities.
Our ultimate goal is to provide users with the best insurance products, as a result, we constantly update our features to improve user experience and security. Recent research, which analyzed about 970,898 different smart contracts, revealed that 1 in 20 smart contracts are at risk of failure or hacking. Hence, the creation of a smart contract failure product is targeted at protecting users’ assets in the event of a smart contract failure. And our INFI DAO will be an integral part of this new insurance product.
We have also finalized the backend designs for the claims assessor registration process. The design ensures that users maintain their privacy while becoming claim assessors since everything is done on-chain and no personal information is required. To enable these features, we forked Open Zeppelin Wizard functionalities, such as ERC20Wrapper, Ownable, and ERC20Votes.
Over the next week, we will focus on testing our codebase with a static code analyzer called Slither. We will also finalize the design for other parts of smart contract failure coverage. Once these tasks are completed, we will focus on developing a wallet for our mainnet launch, which is scheduled for this quarter. We remain excited about the progress we’ve made and have no doubt that our users will be thrilled with our next-generation digital asset insurance platform.
Bitcoin mixers enforce anonymity in transactions
A Bitcoin mixer or tumbler is a software service that breaks down user funds into small clusters and mixes them with other transactions. The idea is that by shuffling the Bitcoins over and over , it becomes impossible to determine the origin and destination of a transaction. The only detail about the transaction would be that user A and a dozen other users sent Bitcoins to a mixer and user B and a dozen other users received Bitcoins from a mixer.
Once the tumbling process is completed, users receive the same value in Bitcoin but a different set of coins. This makes it very difficult to trace transactions as there are multiple links between the original sender, the coins, and the final destination. The new coins received are completely disassociated from user identities, confusing Bitcoin tracking solutions and protecting user privacy.
As several cryptocurrency exchanges and trading platforms now require personal documents to prove user identities, privacy-loving users are turning to mixers. Complete records of all transactions recorded on the blockchain are easily accessible and can be traced to reveal more details about the owner, including the amounts in their portfolio. This situation has eliminated one of the core drivers of blockchain’s appeal — privacy, and Bitcoin mixers are solving this problem.
Centralized and decentralized Bitcoin mixing services
Wasabi Wallet is one of the most popular Bitcoin mixing services in the market. It is an open-source, non-custodial Bitcoin wallet that was created as the flagship product of zkSNACKs, the research company focused on Bitcoin privacy-related products. Wasabi wallet adds multiple layers of redundancy to Bitcoin transactions with its innovative privacy features. It only works on the desktop.
Wasabi employs an alternative key derivation feature dubbed “hardened derivation” to generate new and more secure addresses with the same private key for every transaction made. Thus, transactions are executed with new addresses every time, making it difficult to link all of them back to the original owners.
The biggest privacy feature of the Wasabi wallet is its coin mixing technology dubbed ZeroLink, based on a variation of the CoinJoin technology called Chaumian Coinjoin. CoinJoin mixes different transactions from multiple users into one big transaction. Once the mixing is complete, each user receives their coins from the tumbling pool. However, this model is not fool-proof as the mixing must be carried out by a third party, which introduces a central point of failure since the third party knows the origin and destination of the coins.
Wasabi’s ZeroLink coin mixing technology resolves this issue by implementing “Chaum blind signatures.” ZeroLink operates with two wallets, a premix wallet, and a post-mix wallet. Users send their assets to the first wallet, which is subsequently sent to the ZeroLink tumbler. After the mixing is complete, users receive their assets in the second address. Therefore, although the tumbler knows where all the BTC were sent from, it does not know their final destination.
Wasabi leverages the Tor network to hide users’ IP addresses when mixing and broadcasting transactions on the Bitcoin network, while securing all network communications from spying. Once the processes are complet and the transaction is verified, users receive their assets.
Another popular Bitcoin tumbler is ChipMixer. It is a Bitcoin mixing service that protects users’ transaction data from blockchain tracking software. When utilized correctly, ChipMixer makes it impossible for blockchain researchers to correlate Bitcoin transactions with user data. Interestingly, ChipMixer does not charge any fees for providing its services.
The service employs several Bitcoin wallets storing predefined amounts of BTC. Once users engage with its service and deposit their BTC, ChipMixer provides them with Bitcoin chips as a receipt for their deposit. These chips are equivalent to the amount deposited by a user. Since the wallets were funded before the user makes a deposit to the platform, there is no connection between both transactions on the blockchain.
Once users receive the chips, they have the option of splitting, merging, betting, or donating any chips they have. These options further obfuscate the movement of the coins. By splitting the chip, users create two chips, with each worth half the value of the original chip. On the flip side, merging two chips of the same value creates one chip that is twice the value of the original chip.
ChipMixer has an interesting financing model and that is where betting and donating comes into play. If users choose to bet any of their chips, they either get double the value of the chips when they win or get nothing at all when they lose. Lastly, users can choose to donate a chip to the platform’s wallet to support its services.
When users are ready to withdraw their funds, ChipMixer provides them with a private key for each chip with a wallet address containing the equivalent value in BTC. Again, the withdrawals cannot be linked to user data since the addresses are often pre-funded. Users swap wallet addresses with the private key and withdrawals are thus not registered on the blockchain.
Bitcoin tumbling services create new vulnerabilities
It is very important to remember that Bitcoin mixers are not without flaws. For one thing, the odds of two users sending the exact amount of BTC to a mixer are very slim. Therefore, it is still possible to reconnect money flow once the address of the sender and the amount is known.
Additionally, the ability to obscure Bitcoin transactions makes Bitcoin tumblers a hotbed for money laundering. Hence, Bitcoin mixing is considered to be illegal in most jurisdictions as it attracts the likes of tax offenders and criminals who are eager to hide the proceeds of their illegal activities.
These risks exist before considering code vulnerabilities and other risks that non-technical users might find difficult to comprehend. To this end, investors must protect their assets against all forms of exploitation, ensuring the credibility of a Bitcoin mixer before employing its services. They must also add digital asset insurance products to their portfolios to protect their assets from unexpected incidents. The insurance solutions provided by Insured Finance are guaranteed to provide investors with all-around protection for their assets and are key to the growth of the DeFi industry.
About Insured Finance
Insured Finance is a decentralized, peer-to-peer insurance marketplace. Users can request customized insurance on a wide variety of digital assets, thereby ensuring full protection. Those fulfilling requests can earn premiums and earn a competitive return on their capital. Claims are fully collateralized and settled instantly.