From: "/dev /fd0" <alicexbtong@gmail•com>
To: jbesraa <jbesraa@gmail•com>
Cc: Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
Subject: Re: [bitcoindev] Re: UTXO probing attack using payjoin
Date: Thu, 27 Mar 2025 01:08:41 +0530 [thread overview]
Message-ID: <CALiT-Zrq0Nr9uNWDTMj3=VJ6TCcmeL3s+Jau+nEGHqYqFcfB+g@mail.gmail.com> (raw)
In-Reply-To: <1c7130d4-cbac-4404-968c-9eb7b4e2e4cbn@googlegroups.com>
[-- Attachment #1: Type: text/plain, Size: 3667 bytes --]
Hi jbesraa,
> While the possibility of UTXO probing via Payjoin is a valid concern
regarding privacy, it's important to note that it might not always come
without cost for the attacker. The Payjoin recipient > needs to validate
the initial request, ensuring the sender's inputs are broadcastable. This
means the recipient could, in practice, broadcast the initial transaction
even if the sender aborts the > Payjoin.
> Furthermore, implementing strategies like maintaining a set of 'seen
inputs' can make such probing attempts more easily detectable and less
effective.
The original transaction can be replaced by the attacker, and it would only
cost a few hundred sats or nothing if it's payjoin transaction. I think
such attacks could still be effective if the attacker has the budget and
motivation to spy on someone's wallet.
/dev/fd0
floppy disk guy
On Wed, Mar 26, 2025 at 11:54 PM jbesraa <jbesraa@gmail•com> wrote:
> While the possibility of UTXO probing via Payjoin is a valid concern
> regarding privacy, it's important to note that it might not always come
> without cost for the attacker. The Payjoin recipient needs to validate the
> initial request, ensuring the sender's inputs are broadcastable. This means
> the recipient could, in practice, broadcast the initial transaction even if
> the sender aborts the Payjoin. Furthermore, implementing strategies like
> maintaining a set of 'seen inputs' can make such probing attempts more
> easily detectable and less effective. While these measures don't eliminate
> the privacy considerations entirely, they do highlight that recipients have
> potential defenses and that probing isn't necessarily a risk-free endeavor
> for the attacker.
>
> On Tuesday, March 25, 2025 at 1:48:15 PM UTC+2 /dev /fd0 wrote:
>
> Hi everyone,
>
> Sometimes we are curious and want to know about UTXOs in other wallets.
> Payjoin allows you to do this and the recipient would never doubt it
> because it's a privacy tool. It's possible to find UTXO in recipient's
> wallet without sending any bitcoin. It's called UTXO probing attack and
> described in BIP 77-78.
>
> I have shared a demo with all the details in this [post][0]. I have used
> bullbitcoin wallet for testing this because it was the only [wallet][1]
> which supports payjoin v2 (send, receive) and testnet3.
>
> I think users should be aware of this tradeoff and the information they
> share with the sender in payjoin. Payjoin should only be used with trusted
> senders.
>
> [0]:
> https://uncensoredtech.substack.com/p/utxo-probing-attack-using-payjoin
> [1]: https://en.bitcoin.it/wiki/PayJoin_adoption
>
> /dev/fd0
> floppy disk guy
>
> --
> You received this message because you are subscribed to the Google Groups
> "Bitcoin Development Mailing List" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to bitcoindev+unsubscribe@googlegroups•com.
> To view this discussion visit
> https://groups.google.com/d/msgid/bitcoindev/1c7130d4-cbac-4404-968c-9eb7b4e2e4cbn%40googlegroups.com
> <https://groups.google.com/d/msgid/bitcoindev/1c7130d4-cbac-4404-968c-9eb7b4e2e4cbn%40googlegroups.com?utm_medium=email&utm_source=footer>
> .
>
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups•com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/CALiT-Zrq0Nr9uNWDTMj3%3DVJ6TCcmeL3s%2BJau%2BnEGHqYqFcfB%2Bg%40mail.gmail.com.
[-- Attachment #2: Type: text/html, Size: 4811 bytes --]
next prev parent reply other threads:[~2025-03-27 12:19 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-03-25 11:46 [bitcoindev] " /dev /fd0
2025-03-25 12:52 ` [bitcoindev] " jbesraa
2025-03-26 19:38 ` /dev /fd0 [this message]
2025-03-28 19:28 ` waxwing/ AdamISZ
2025-03-28 23:41 ` Yuval Kogman
2025-03-29 13:00 ` /dev /fd0
2025-03-29 12:34 ` /dev /fd0
2025-03-25 13:39 ` [bitcoindev] " Yuval Kogman
2025-03-26 19:26 ` /dev /fd0
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CALiT-Zrq0Nr9uNWDTMj3=VJ6TCcmeL3s+Jau+nEGHqYqFcfB+g@mail.gmail.com' \
--to=alicexbtong@gmail$(echo .)com \
--cc=bitcoindev@googlegroups.com \
--cc=jbesraa@gmail$(echo .)com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox