{"id":23527,"date":"2017-07-12T14:12:54","date_gmt":"2017-07-12T14:12:54","guid":{"rendered":"http:\/\/ci027cfe6ef00c26c3"},"modified":"2017-07-12T14:12:54","modified_gmt":"2017-07-12T14:12:54","slug":"privacy-project-tumblebit-inches-closer-release-tor-integration-and-new-wallet","status":"publish","type":"post","link":"https:\/\/bitcoinmagazine.com\/culture\/privacy-project-tumblebit-inches-closer-release-tor-integration-and-new-wallet","title":{"rendered":"Privacy Project TumbleBit Inches Closer to Release With Tor Integration and New Wallet"},"content":{"rendered":"
<\/div>
<\/figure>\n

TumbleBit<\/a> is one of the most promising privacy-enhancing technologies being built on top of Bitcoin right now. It allows users to mix their coins fully anonymously, without requiring trust in any third party. An advanced version of the technology, which requires Segregated Witness<\/a>, can even be utilized as a second-layer payment hub to reduce transaction costs and speed up confirmation times.<\/p>\n

After TumbleBit was first proposed in an academic paper<\/a> and subsequently presented<\/a> at the Scaling Bitcoin<\/a> workshops in Milan, NBitcoin<\/a> lead developer Nicolas Dorier built<\/a> an early version of the technology. Since then, two wallets are being developed to make TumbleBit accessible for everyday use: Breeze<\/a> and, more recently, HiddenWallet<\/a>.<\/p>\n

HiddenWallet developer \u00c1d\u00e1m Fics\u00f3r, better known online as \u201cnopara73,\u201d also completed Tor integration this week.<\/p>\n

\n

I estimate that TumbleBit will be usable for the general public within a month or two. \u2014\u00c1d\u00e1m Fics\u00f3r<\/p>\n<\/blockquote>\n

Tor Integration<\/h3>\n

TumbleBit lets users connect to a central server, which in turn allows them to establish payment channels that send coins back and forth in such a way that everyone receives as many coins as they sent. Multiple users can engage at the same time, which allows them to mix their coins, breaking the trail of ownership on Bitcoin\u2019s blockchain.<\/p>\n

The key innovation compared to previous mixing models is that TumbleBit uses a combination of nifty cryptographic tricks to make sure that, first off, no one can steal funds. And second, no one \u2014 not even the central server \u2014 can link any of the sending addresses to any of the receiving addresses.<\/p>\n

Well, almost. One problem remained, as Fics\u00f3r explained: <\/p>\n

\u201cUsers connect to the central server with their own IP address to provide their sending and receiving addresses,\u201d he said. \u201cBut this means that the central server could still match sending and receiving addresses based on the IP address that provided them. If one IP address provides both Bitcoin addresses, it\u2019s trivial to link them.\u201d <\/p>\n

This would of course defeat the purpose of using TumbleBit in the first place.<\/p>\n

Fics\u00f3r therefore built a Tor-integration tool for the existing TumbleBit project. With this tool, the sending and receiving addresses of any user are separately provided to the central server through the anonymity network. This removes any link from a user\u2019s IP address to any specific Bitcoin addresses and \u2014 importantly \u2014 removes the link between sending and receiving addresses as well.<\/p>\n

Wallet Privacy<\/h3>\n

At the same time, Fics\u00f3r is developing a new wallet specifically designed for TumbleBit, HiddenWallet. And interestingly, this wallet would even offer increased privacy without TumbleBit.<\/p>\n

Essentially all lightweight wallets leak address data to the outside world in some way or another. Most web wallets, mobile wallets and some desktop wallets leak this info because they rely on a server that tells them about their balances. This server therefore needs to know all addresses in a wallet and can link them together accordingly. <\/p>\n

Alternatively, some SPV clients<\/a> send out a type of cryptographic \u201cpuzzle\u201d (Bloom filters<\/a>) to the network that requests all data relevant for their balance. But this leaks address data to random nodes on the network \u2026 and thus to analytics companies that specifically monitor the network for these puzzles. <\/p>\n

\u201cBlockstream\u2019s Jonas Nick claimed in 2014 that if someone were to give him one Bitcoin address, he\u2019d be able to figure out 70 percent of your wallet holdings. This was just one smart guy with limited resources, three years ago. You can imagine what well-funded analytics companies in 2017 are capable of,\u201d Fics\u00f3r noted.<\/p>\n

This linking of addresses is obviously a problem for TumbleBit users. No matter how much these users mix their bitcoins across their Bitcoin addresses, if all these addresses can be linked together anyway, there\u2019s no point.<\/p>\n

The only wallets that avoid this problem, so far, are full-node wallets like Bitcoin Core<\/a>. These wallets download all transaction data on the network, meaning they don\u2019t need to request specific data that reveals their own addresses. However, full nodes can be a bit resource-intensive, which is a barrier to entry for many casual Bitcoin users.<\/p>\n

HiddenWallet<\/h3>\n

HiddenWallet introduces a clever model in between the lightweight and full-node wallets, specifically designed to improve privacy.<\/p>\n

Like a full node, HiddenWallet connects directly to the Bitcoin network, where it likewise requests all transaction data from random nodes. However, where full nodes verify (and typically store) all of this data, HiddenWallet instead immediately discards any data it doesn\u2019t need. It only verifies and stores transaction data that involve the Bitcoin addresses in the wallet itself and doesn\u2019t care about the rest. This requires far fewer resources than a full node does.<\/p>\n

\u201cThe privacy benefit is obvious,\u201d said Fics\u00f3r. \u201cSince HiddenWallet downloads all transaction data, connected nodes have no idea which data is kept by the wallet and what is discarded. They learn nothing about the addresses in HiddenWallet and can\u2019t link any of them together.\u201d<\/p>\n

And Fics\u00f3r thinks he may be able to trim resource usage down even further in a next release of HiddenWallet. This upcoming version may cut out all transaction data that would, for analytics companies, obviously not be relevant to the wallet anyway. This includes old transaction data, but also specific types of transactions. Such a modification could potentially make HiddenWallet available even on low-bandwidth mobile connections<\/a>.<\/p>\n

With this progress, it looks like TumbleBit may be usable even before the end of this summer, Fics\u00f3r estimates.<\/p>\n

\u201cWe previously thought we might get the system up and running around this time, but it turned out there was a little bit more to it than we thought. That being said, another big hurdle is now taken: the Japanese company United Bitcoiners<\/a> is running a tumbling server. Combined with Tor integration and wallets, all pieces of the puzzle are coming together.\u201d<\/p>\n

\u00c1d\u00e1m Fics\u00f3r works on TumbleBit without compensation, but accepts donations on 186n7me3QKajQZJnUsVsezVhVrSwyFCCZ<\/a><\/em><\/p>\n","protected":false},"excerpt":{"rendered":"

TumbleBit is one of the most promising privacy-enhancing technologies being built on top of Bitcoin right now. It allows users to mix their coins fully anonymously, without requiring trust in any third party. An advanced version of the technology, which requires Segregated Witness, can even be utilized as a second-layer payment hub to reduce transaction […]<\/p>\n","protected":false},"author":2509,"featured_media":23528,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[33],"tags":[73,330,1472,3382,780],"class_list":{"0":"post-23527","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-culture","8":"tag-privacy","9":"tag-security","10":"tag-tor","11":"tag-tumblebit","12":"tag-wallet"},"author_data":{"id":2509,"name":"Aaron van Wirdum","nicename":"aaron-van-wirdum","avatar_url":"https:\/\/bitcoinmagazine.com\/wp-content\/uploads\/2024\/12\/aaron-van-wirdum-96x96.jpg"},"featured_image_url":"https:\/\/bitcoinmagazine.com\/wp-content\/uploads\/2024\/11\/privacy-project-tumblebit-inches-closer-to-release-with-tor-integration-and-new-wallet.jpg","_links":{"self":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/posts\/23527","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/users\/2509"}],"replies":[{"embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/comments?post=23527"}],"version-history":[{"count":0,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/posts\/23527\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/media\/23528"}],"wp:attachment":[{"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/media?parent=23527"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/categories?post=23527"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/bitcoinmagazine.com\/wp-json\/wp\/v2\/tags?post=23527"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}