A New Bitcoin Wallet Fulfills an Old Privacy Promise

bitcoin-wallet
24 July 2018

“From here on out, people can’t say bitcoin is not private anymore.”

That’s how veteran developer Adam Ficsor, now CTO and co-founder of the privacy tech startup zkSNACKs, described the importance of the Wasabi Wallet, set to debut on August 1.

This desktop-friendly bitcoin wallet, which can only be used with the anonymizing Tor browser, will be the first (relatively) mainstream light wallet to offer CoinJoin transactions, dispatching lots of transactions at once to obscure their sources.

First proposed by Bitcoin Core legend Gregory Maxwell in 2013, CoinJoin is one of the most prominent attempts to solve one of bitcoin’s greatest challenges: while addresses are pseudonymous, all transactions are publicly recorded on the blockchain, undermining user privacy.

While developers have been experimenting for years with improved anonymity models, Wasabi Wallet will finally make using CoinJoin as easy as flipping a switch.

Because these privacy tech projects generally avoid collecting data about their users for obvious reasons, it’s hard to determine how many people use privacy-oriented wallets. However, Samourai Wallet’s Android app, arguably the bitcoin industry’s leading privacy wallet since the project was founded in 2015, has garnered at least 27,000 downloads.

The team behind Samourai also plans to implement a type of CoinJoin feature by the end of the year, called a Whirlpool cycle. So Ficsor added another unique feature to further distinguish Wasabi Wallet.

Most bitcoin wallets actually have thousands of addresses inside, he said. But blockchain explorers like Blockchain.info can often detect that those unique addresses share a common source since the same wallet will send an explorer balance queries on all its addresses simultaneously, tipping the user’s hand that they belong to the same person.

“That’s what we want to avoid,” Ficsor said. To do so, he applied a so-called filtering solution first proposed by the bitcoin developer known as Roasbeef, which Ficsor said enables the wallet “to query how much money is in your wallet in a way that you don’t connect your addresses together.”

With the filter, instead of pinging an explorer, “you can figure out which blocks in the blockchain you are interested in and you connect to a lot of bitcoin nodes and get one block from one node,” Ficsor said. “So basically they cannot figure out which transaction you are interested in and they cannot make statistical guesses what this random guy who asks for a block from me wants to do with that block.”

Although funds are otherwise viewable on the blockchain itself, Wasabi will be the only wallet that obscures from nodes how much bitcoin the total wallet holds. “No [other] light wallet queries the balance in a private way,” he said.

Shared values

Beyond the Japanese motifs, the Samourai and Wasabi projects have a lot in common, both in terms of values and business models.

The most obvious commonality is the privacy focus. Speaking to why he’s so passionate about privacy, Ficsor said it’s critical to the success of a currency that any individual unit is as valuable any other, no matter where it’s been, telling CoinDesk:

Fungibility is very closely related to privacy and anonymity. And we know this is a property of money, that this is a feature it needs.”

Likewise, the pseudonymous co-founder of Samourai Wallet, who goes by the initials SW, told CoinDesk his team views know-your-customer identity checks that connect bitcoin wallets to users’ government-issued IDs or bank accounts, such as those implemented by platforms like Coinbase, as a “fundamental attack on bitcoin and its users.”

These ideals have in turn shaped the two teams’ business models. They’ve both eschewed taking venture capital or raising money through an initial coin offering (ICO), two of the most popular fundraising methods for blockchain projects.

“My co-founder and I come from very well-funded, by VCs, companies in the crypto space. And that’s not something we wanted to replicate,” SW said, adding that ICOs are “a good way to distract yourself from building a good product.”

Rather, both Ficsor’s recently founded zkSNACKs startup, incorporated in Gibraltar, and the un-incorporated Samourai Wallet project were self-funded until launch then accepted bitcoin donations to expand the team to roughly five people each.

SW pays contractors only in bitcoin, while Ficsor utilized two donated bitcoin to compensate independent developers.

Ficsor said self-funding allowed him to stay independent. In fact, Ficsor is so confident users want Wasabi’s CoinJoin feature that charging 0.3 percent per mixer transaction is the startup’s sole source of revenue. He told CoinDesk:

“We’re actually expecting to have a lot of income, so we’re not selling out.”

Meanwhile, economist Bálint Harmat, co-CEO of zkSNACKs, agreed with SW about prioritizing the product instead of trying to make a quick profit or generate buzz.

“At first we want to make sure that the wallet is rock-solid,” Harmat told CoinDesk. “We are planning to release the 1.0 version on October 31, without outside investors. We are only going to accept investors’ money for further development of Wasabi if it is stable and we enjoy the acknowledgment of the bitcoin community.”

Co-opetition

Given the similarities between Wasabi and Samourai, it’s not surprising that the two have collaborated.

Both privacy wallets will implement ZeroLink, an open source tool Ficsor made to help developers find a wallet’s security vulnerabilities. By working with the Samourai Wallet team on such tools, Ficsor prioritized the open source ethos over any rivalries with a formidable competitor. Taking the idea even further, both teams plan to make almost all of their software open source.

Nevertheless, they are still competitors. Evincing the rivalry, SW critiqued Wasabi’s CoinJoin feature for requiring users to wait until 100 users pooled their bitcoin together to send out at once.

“How long is that going to take?” SW asked.

These privacy wallets share at least one more thing in common: they are out of step with the trend among VC-funded blockchain startups to become more like regulated financial institutions.

Aside from recently seeking broker-dealer or even banking licenses, the industry’s unicorns are known for tracking their users’ transactions on the blockchain in order to comply with anti-money-laundering (AML) laws and international sanctions. Indeed, platforms like Coinbase often freeze accounts that accept cryptocurrency previously used on a gambling site or dark market.

That’s why around 15 percent of Samourai users utilize the Ricochet option, which adds five additional hops to a transaction until it lands at the intended destination. Wasabi’s CoinJoin feature will offer similar, although not identical, obfuscation.

On the other hand, Samourai already has many other unique privacy features, including a stealth mode that hides the application so that anyone stealing the phone won’t know it holds a bitcoin wallet. Plus, Samourai Wallet offers remote commands to wipe a stolen phone clean and transfer the wallet to another device.

Such privacy features have proven especially useful for bitcoin users in Venezuela, where corrupt officials are known to confiscate crypto-related devices.

Venezuelan Samourai Wallet user Eduardo Gomez, head of support at the crypto startup Purse who earns his salary in bitcoin, told CoinDesk he uses features like Ricochet and CoinJoin because he fears platforms like Coinbase could freeze his account if he receives a bitcoin with a questionable transaction history.

“I have no control over which bitcoin my employers send me,” he told CoinDesk, concluding:

“I really want to emphasize how important fungibility is for bitcoin. The community needs to solve that problem ASAP.”

Wasabi Wallet co-founders Lucas Ontivero (L), Balint Harmat, Gergely Hajdu, and Adam Ficsor (R) image via zkSNACKs