Similar to many solutions to problems in software and computer science, the age old method of “add a layer of indirection”, using an intermediary has been proposed. The point of this lecture was to provide a solution to enable anonymizing the transaction graph analysis discussed in the previous lecture. The takeaway is that online wallets don’t provide any better service than modern banks. This means that people may understand the shift to Bitcoin but it doesn’t really given an advantage to do it. The use of mixing intermediaries can provide anonymity but does require that everyone use them to increase the anonymity set.
Questions answered in this Post:
- What is mixing in general?
- How does it operate?
- What are some other applications that act similarly?
- What are the differences between mixing intermediaries and online wallets?
- What has happened to certain mixers?
- What is Mixcoin?
- Why does this model still require trusting mixers?
Mixing
Mixing is one solution to providing de-anonymization by way of introducing an intermediary. Here’s the simple use case. How do you anonymize three people’s transactions that are sending some value to three different counterparties? The visual example (from the lecture) started off with three people sending some value to a single source, the intermediary. From there, the said intermediary would output the same transaction values and send them to the respective addresses as specified from the starting people. The main deal is that the bitcoins are considered “mixed”. Thus you know that three people sent bitcoin and then three entities received bitcoin but you don’t know who sent what. When this scales larger, it becomes more anonymous. Thus someone looking at these transactions would not be able to tie the bitcoin to specific people i.e. removing the inability between the input addresses and output addresses.
How does it operate
A mixer is a service which inputs and outputs certain pieces of information. A mixer will release the address of a mixer (who to send the transaction to). The mixer takes an address for who is receiving the Bitcoin. Mixes make money by charging some fee 1%-3% to handle the transactions. That’s how they make money and in current times, that can add up in price. Thus people shouldn’t mix for small transactions only large ones.
Some issues with mixers
While I think this idea is interesting, my singular thought is the fact centralization is being added. You need to have a mixer that almost everyone uses or else people could see cliques in the network or everyone has their own “cleaner”. I’m not sure if that’s true but that was my understanding of this process. I did some research and found a few mixing services mentioned. The Merkle had an article where they only mentioned four mixers in 2017 and one of the ones mentioned is no longer in service. The reason Bitmixer gave for going dark was posted in a Bitcointalk thread. The tidbit that most articles, here and here, used was “Now I grasped that Bitcoin is transparent non-anonymous system by design.” The rest of the note is worth sharing where he tells users to use Dash or Zerocoin for those dark market transactions.
My second thought was “Isn’t this just straight up money laundering?”. Money laundering is where people move money that was acquired by shady means to make it legitimate by entering certain source. This usually involves real estate, or buying physical items, or just moving money through cash oriented places like laundromats or nail salons. Isn’t this idea of dumping all transactions into one central place pretty much accomplishing that? Apparently others on the internet agreed with me and mentioned that using mixing services may even be illegal for certain country jurisdictions. One red flags for me was that many of the sites on “How to Bitcoin Mix” suggested going to sites via Tor. This lecture didn’t cover that topic here but it’s important so I’ll address it a bit.
Money Laundering is a serious crime that can have reprehensible consequences. It is also how many criminal organizations do their business as well as it has been used to finance terrorist attacks. Organizations that deal with money such as banks, have to deal with federal and international regulations to watch for money laundering. Giving people access to do that in cryptocurrency is making the problem worse. Because of this, it is no surprise that mixing services may be illegal in certain countries and that mixing services are getting more pressure. However, as the lecturer states, this lecture is less on the morals of the actions and just about the pure technology. The lecture then segues into the next topic of online wallets in that they provide a similar service without the anonymity.
Online Wallets: mixing without extra steps?
Right, so he mentions that online wallets provide you the same service. However, most online wallets don’t provide this. The online wallets that I use at least linked an email address to the user accounts. I have used Bitgo before. I have also listed a lot more in my previous post on the online wallets. The online wallets don’t just have to be online wallets. Players like Coinbase and Mt. Gox, ie exchanges also provide this service. Places like Coinbase have zero privacy in that they link people’s real world identities strongly to the Coinbase wallets.
So,what’s the difference?
The lecturer brings up two main points on these mixing services. One they “promise” not to keep records and second they don’t require an identity. These are the main differences since online wallets do the exact opposite. As I mentioned before, they have to keep records of everything because they are regulated businesses. This one article from Townhall posted today highlights some of the areas of taxation for cryptocurrency holders specifically via Coinbase. Some of the tax changes are a result of the recent tax bill passed in the United States. The second point is that users trust these sites and thus will willingly keep their cryptocurrency in these systems longer. That means that there is a larger anonymity set since candidates are willing to keep their coins in these intermediaries longer. The lecturer brings up the point that this is mimicking centralized institutions that exist in current financial institutions. A stranger will only know that perhaps that you’re using this centralized intermediary but will not know your transaction history. The intermediary may keep records of such information but they are not publicly sharing this information. Only regulatory and judicial parties tend to be the ones who are able to request this information. At this point, I don’t have a clear reason why choose bitcoin as a way for more anonymity if you only use online wallets.
Now we just to more of a discussion on mixers. Arvind mentioned that his team studied these mixers and came up with some improvements for them. They proposed them via Mixcoin.
Mixcoin
Mixcoin is the name of the protocol to facilitate anonymous transactions or payments. One recommendation was that they should use a series of mixes, not just one, and there should be a standard API. This is similar to the idea of routers when doing anonymous communication. By having multiple mixes then one is removing that trust of a single mix. The lecturer also showed a visualization where a single users transaction would pass linearly across 3 different mixes before it was finally outputted. Each time the user seems responsible for taking the output and then reinputting the Bitcoin into the next transaction. Because it is being passed through 3 mixes, you need each of them to be honest about how much Bitcoin they are processing and you need to cost of mixing to be low enough that going through 3 mixes doesn’t being too high. Thus the transactions across the different mixer have to look as uniform as possible and thus they may consider having a fixed chunk size. Lastly he mentioned that this mixer works had to be integrated in client side software. Regarding costs, they recommended that fees had to be all or nothing with some probabilistic fee. So in 0.1%, the mixer would have to swallow the cost. This is used to reduce the ability for people to track the mixer via the fees.
While, these are great proposals, mixers have not followed them. They tend to act independently with a web interface (rather than integration in client software). In addition, there is no standard chunk size. The mixer as mentioned above does not use a probabilistic fee.
Why does this model still require trusting mixers?
Mixers still have all the power. You have to trust that they will not just take the input and not return it. Also, when they have a fixed transaction fee, you have to believe them. In addition, you are relying on the mixers to be honest and not keep records and preserve your anonymity. Mixers can improve their reputation by staying in business for long periods of time. However, with this increased reputation, if there are so few mixers, the ones still running have power to charge arbitrary fees. He mentioned something considered cryptographic “warranties”.
Wrap Up
As of now, there is no dedicated mix protocol that everyone follows. It’s also a skewed system that requires trust in the mixer. The Bitcoin wiki says, “Use at your own discretion” as does Arvind.
Which of these techniques can improve the anonymity provided by mixing services?
- using a series of mixes
- using the same chunk size for all mixing transactions