From: alicexbt <alicexbt@protonmail•com>
To: Bitcoin Protocol Discussion <bitcoin-dev@lists•linuxfoundation.org>
Subject: [bitcoin-dev] Wallet Fingerprinting with nLocktime and nVersion
Date: Wed, 12 Oct 2022 08:54:42 +0000 [thread overview]
Message-ID: <eFagQPLsrmB3UbNFSYq1YMuKVs_-r1tYnu4u2CiX7JXN5naKM2jSk-u8QuqeOLj9h4sIXITwrt1-Ly9XMgpGambpRONLDqsNcHCdmvDl8EU=@protonmail.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 2373 bytes --]
Hi Bitcoin Developers,
I did some research about nLocktime and nVersion used by some open source Bitcoin wallets. I have written a [blog post][0] co-authored with 'nothingmuch' and this is the first post for the privacy focused blog 'consent':
Most wallets use nVersion 2. nLocktime for Bitcoin Core, Knots, Electrum, Sparrow and Specter is nearest block height. However, nLocktime for Bitcoin Core/Knots is zero by default if the transaction is created manually using RPC commands like createpsbt or createrawtransaction. Peter Todd had implemented nLocktime based on anti-fee sniping in [#2340][1] and [#24128][2] implements BIP 326 sequence based anti-fee-snipe for taproot inputs.
'0xb10c' has written about wallet [fingerprinting with fee rate][3]. However, nLocktime and nVersion are also important. There may be other factors that might help if a fingerprint matches more than one wallet. Andrew Chow has build a [tool][4] to check if a transaction was created using Bitcoin Core or Electrum.
### Why is wallet fingerprinting important?
Consider the following scenario: Alice is spying on Bob and Carol. She suspects one of them is participating in an activity based on a transaction, but she cannot confirm it. She recognizes that one of the wallets that claims to improve privacy was used for these transactions and examines the nVersion and nLocktime. This makes it simpler to identify Bob, who used Wasabi wallet for the transaction with version 1 and nLocktime 0.
### How to fix it?
If more wallets have the same nVersion and nLocktime, it will be difficult to identify the wallets used for a transaction. nLocktime could be any nearest block height however version needs to be 2 as most of the wallets use it and it is used for transactions that follow new consensus rules.
Please let me know if something incorrect is mentioned or anything important missing about wallet fingerprinting with nLocktime and nVersion.
### Acknowledgements
- achow101
- 0xb10c
- nothingmuch- RedGrittyBrick
[0]: https://consentonchain.github.io/blog/posts/fingerprinting/
[1]: https://github.com/bitcoin/bitcoin/pull/2340
[2]: https://github.com/bitcoin/bitcoin/pull/24128
[3]: https://b10c.me/observations/03-blockchaincom-recommendations/
[4]: https://github.com/achow101/wallet-fingerprinting
/dev/fd0
Sent with [Proton Mail](https://proton.me/) secure email.
[-- Attachment #2: Type: text/html, Size: 5273 bytes --]
reply other threads:[~2022-10-12 8:54 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='eFagQPLsrmB3UbNFSYq1YMuKVs_-r1tYnu4u2CiX7JXN5naKM2jSk-u8QuqeOLj9h4sIXITwrt1-Ly9XMgpGambpRONLDqsNcHCdmvDl8EU=@protonmail.com' \
--to=alicexbt@protonmail$(echo .)com \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox